Skip to content
CA NetMaster® Network Management for TCP/IP - 12.1
Documentation powered by DocOps

Trace Network Management Interface

Last update June 26, 2015

The IBM real-time application-controlled TCP/IP trace Network Management Interface (NMI) provides real-time TCP/IP stack data to network management applications based on filters set by an application trace instance. 

Trace Network Management Interface Security Requirements

The Trace NMI has the following security requirements:

  • Define new System Authorization Faclity (SAF) profiles in the SERVAUTH class.
  • Authorize the user ID assigned to the SOLVE SSI address space to the profiles.
  • Grant the SOLVE SSI user ID READ access to the resources:

    EZB.TRCCTL.sysname.tcpipname.OPEN

    EZB.TRCCTL.sysname.tcpipname.PKTTRACE

    EZB.TRCSEC.sysname.tcpipname.IPSEC

    • sysname
      Specifies the system name where the interface is used.
    • tcpipname
      Specifies the name of the TCP/IP stack.

The presence of NFSU8n messages in the SOLVE SSI log indicates access problems to EZB.TRCCTL.** and EZB.TRCSEC.**.

Examples: Setting EZB.TRCCTL.sysname.tcpipname.OPEN security

This example sets the security requirements in a CA ACF2 system:

SET RESOURCE(SER)

COMPILE

$KEY(EZB) TYPE(SER)

  TRCCTL.sysname.tcpipname.OPEN UID(uid) SERVICE(READ) ALLOW

STORE

  • SER
    Is the value set in the CLASMAP definition in the GSO for SERVAUTH resources.
  • uid
    Specifies the UID of the region user.

This example sets the security requirements in a CA Top Secret system:

TSS PER(userid) SERVAUTH(TRCCTL.sysname.tcpipname.OPEN) ACCESS(READ)

  • userid
    Specifies the ACID of the region user.

This example sets the security requirements in a RACF system:

PER TRCCTL.sysname.tcpipname.OPEN CLASS(SERVAUTH) ID(userid) ACCESS(READ)

  • userid
    Specifies the user ID of the region.

Note: For more information on using IBM Trace NMI to collect packets, see the PATRACENMI parameter in Packet Analyzer and Solve SSI.

Was this helpful?

Please log in to post comments.