Writer instructions

Page title

For most spaces, this page must be titled Space announcements.

For spaces with localized content, this page must be titled Space announcements l10n.

Purpose

Provide an announcement banner on every page of your space.

Location

Move this page outside of your home branch.

Guidelines

Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Ops Monitor for IP 3.9.

Monitoring zERT encryption data

The zERT encryption views provide real-time encryption data for all connections on your system. zERT encryption data can collect cryptographic security protocols for TLS, SSL, SSH, and IPSec protocols. BMC AMI Ops Monitor for IP collects zERT encryption data for every connection that starts or summarized data for a client/server connection over an SMF interval. 

The zERT data collection parameter can take the following values:

  • DETAIL—collects real-time encryption data for every connection that is started

    Note

    The DETAIL parameter collects and generates large volumes of zERT records that might increase the workload on the IBM NMI interface that consists of many frequent short-lived connections.

  • SUMMARY—collects only one record for each client/server pair at every SMF interval
  • ALL—collects both detail and summary data

For more information, see Managing-the-IBM-zERT-NMI

zERT connections overview

The ZERT view displays an overview of the zERT connections for the TCP/IP Stack. The zERT connections on the view are organized by security protocol and version. 

You can view detailed information for each connection by linking to the detail views for each connection type.

zERT detail views

The zERT detail views display the following encryption data for each connection:

  • Local and remote port
  • Local and remote IP address
  • Start/End time
  • Connection state
  • Protocol attributes (TLS, SSH, IPSec) if encrypted
  • Client/Server certificate information
  • IP filtering rules

You can issue commands on the zERT detail views to accomplish the following tasks:

  • TraceRoute the remote IP address (TR)
  • Ping the remote IP address (P)
  • Drop the connection (DR)
  • Packet trace the connection (PKT)
  • Data trace the connection (DAT)

The ZRTDJOBZ and ZRTDPRTZ views summarize the zERT detail connection data by job name and port number. To display detailed information for each zERT connection, use the hyperlinks available in the Job Name and Local Port fields. 

The following views provide detailed zERT encryption data: 

View

Display

ZERTDALL

All detail zERT connections

ZTLSDET 

TLS encrypted connections (including AT-TLS)

ZSSHDET

SSH encrypted connections

ZIPSDET 

IPSec encrypted connections

ZTTLSDET 

AT-TLS encrypted connections

ZCLRDET 

ClearText connections (no encryption)

ZRTDJOBZ

Summary of detail zERT data by job name

ZRTDPRTZ

Summary of detail zERT data by local port

zERT summary views

The zERT summary views display the following encryption data for each connection:

  • Client and server IP address
  • Server port range
  • Total/Active connection information
  • Byte counts (interval and total)
  • Segments (interval and total)
  • Protocol attributes (TLS, SSH, IPSec) if encrypted
  • Client/Server certificate information

The following views provide summary zERT encryption data: 

View

Display

ZERTSALL

All summary zERT connections

ZTLSSUM 

TLS encrypted connection summary data

ZSSHSUM 

SSH encrypted connection summary data

ZIPSSUM 

IPSec encrypted connection summary data

ZCLRSUM 

ClearText connection summary data (no encryption)

Related topics

Using-views

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*