Figure 7.4 Client-to-server and server-to-server data encryption with SNA Server.
SNA Server lets you encrypt data for client-to-server and server-to-server communications, as shown in Figure 7.4.
Client-to-server encryption prevents information from being sent in clear text between SNA Server client workstations and SNA Server computers. Data encryption enhances network security on the client-to-server communications path for all applications using SNA Server client connections, including 3270/5250 emulators and APPC logon IDs and passwords. Data encryption can be enabled on a user-by-user basis using SNA Server Manager.
Server-to-server encryption can be used to provide secure communications across your network, the Internet, or any other wide-area network. If a user enables data encryption, information transferred through the Distributed Link Services is automatically secure.
Figure 7.5 Data encryption in the SNA Server architecture.
You can enable encryption for Distributed Link Services by adding the domain user account, under which SNA Server services such as SnaBase or SnaServer are running, to the SNA Server subdomain. The actual encryption is implemented in the transport providers layer of the SNA Server architecture, as shown in Figure 7.5. The data encryption settings can then be enabled for the user account, as described above.