Skip to Content

(PTF BPN2414 applied) zERT encryption views in MainView for IP

The zERT encryption views provide real-time encryption data for all connections on your system. zERT encryption data can collect cryptographic security protocols for TLS, SSL, SSH, and IPSec protocols. MainView for IP collects zERT encryption data for every connection that starts or summarized data for a client/server connection over an SMF interval. 

You can set the value of the zERT data collection parameter to DETAIL or SUMMARY. The DETAIL data collection parameter collects and generates large volumes of zERT records that might increase the workload on the IBM NMI interface that consist of many frequent short-lived connections. The SUMMARY data parameter collects only one record for each client/server pair at every SMF interval. 

For more information, see Managing the IBM zERT NMI.

The zERT encryption views display the following information for each connection for the zERT detailed views:

  • Local and remote port
  • Local and remote IP address
  • Start/End time
  • Connection statez
  • Protocol attributes (TLS, SSH, IPSec) if encrypted
  • Client/Server certificate information
  • IP filtering rules

The zERT encryption views display the following information for each connection for the zERT summary views:

  • Client and server IP address
  • Server port range
  • Total/Active connection information
  • Byte counts (interval and total)
  • Segments (interval and total)
  • Protocol attributes (TLS, SSH, IPSec) if encrypted
  • Client/Server certificate information

You can display more information by drilling down to the detailed view from the tabular views. MainView for IP records all zERT connection data in the MainView history files.

You can issue commands on the zERT connection detail views to accomplish the following tasks:

  • TraceRoute the remote IP address (TR)
  • Ping the remote IP address (P)
  • Drop the connection (DR)
  • Packet trace the connection (PKT)
  • Data trace the connection (DAT)

The following table describes the views that provide detailed zERT encryption for all connections on your system. 

View

Display

ZTLSDET 

TLS encrypted connections (including AT-TLS)

ZSSHDET

SSH encrypted connections

ZIPSDET 

IPSec encrypted connections

ZTTLSDET 

AT-TLS encrypted connections

ZCLRDET 

ClearText connections (no encryption)

ZTLSSUM 

TLS encrypted connection summary data

ZSSHSUM 

SSH encrypted connection summary data

ZIPSSUM 

IPSec encrypted connection summary data

ZCLRSUM 

ClearText connection summary data (no encryption)

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

MainView for IP 3.6