This topic describes various aspects of planning a security strategy.
Once you have defined your company's security values within your security policy, you can begin developing your security strategy. A security strategy provides a systematic approach to all the planning tasks that are necessary for implementing your company's security policy. To best complete this goal, you need to start at the most basic security need and then work to more specific security issues.
For example, the suggested approach that this information takes is to begin with planning physical security of your hardware and information assets and then to plan specific security for your system, users, resources, and network. As you develop your security strategy, begin at the most general security concerns and then move toward other more specific security goals. Each planning step is arranged to be completed in order.
Using system values to customize your system
The system uses system values and network attributes to control many things other than security. The system and application programmers use most of these system values and attributes. The security officer should set a few system values and network attributes to customize your system.
Assigning a name to your system
You use the SYSNAME network attribute to assign a name to your system. The system name appears in the upper-right corner of your sign on display and on system reports. It is also used when your system communicates with another system or with personal computers using iSeries™ Access for Windows®.
When your system communicates with other systems or personal computers, the system name identifies and distinguishes your system from others on the network. Computers exchange system names whenever they communicate. Once you assign a system name, you should not change it, because changing it affects other systems in your network.
Choose a meaningful and unique name for your system. Even if you are not communicating with other computers today, you may in the future. If your system is part of a network, the network manager will probably tell you what system name to use.
Choosing the date display format for your system
You can set the sequence in which year, month, and day appear when your system prints or displays the date. You can also specify what character the system should use between the year (Y), month (M), and day (D). The system value QDATFMT determines the date format. The following chart shows how the system prints the date, 16 June 2000, for each possible choice.
Your choice | Description | Result |
---|---|---|
YMD | Year, Month, Day | 00/06/16 |
MDY | Month, Day, Year | 06/16/00 |
DMY | Day, Month, Year | 16/06/00 |
JUL | Julian Date | 00/168 |
These examples use the slash (/) date separator.
The system value QDATSEP determines what character the system uses between year, month, and day. The table below shows your choices. You use a number to specify your choice.
Separator character | QDATSEP value | Result |
---|---|---|
/ (slash) | 1 | 16/06/00 |
- (hyphen) | 2 | 16-06-00 |
. (period) | 3 | 16.06.00 |
, (comma) | 4 | 16,06,00 |
(blank) | 5 | 16 06 00 |
The above examples use the DMY format.
Setting the time display format for your system
The QTIMSEP system value determines what character the system uses to separate hours, minutes, and seconds when it shows the time. You use a number to specify your choice. The table below shows how the time of 10:30 in the morning would be formatted using each value:
Separator character | QTIMSEP | Result |
---|---|---|
: (colon) | 1 | 10:30:00 |
. (period) | 2 | 10.30.00 |
, (comma) | 3 | 10,30,00 |
(blank) | 4 | 10 30 00 |
Deciding how to name your system devices
Your system automatically configures any new display stations and printers you attach to it. The system gives a name to each new device. The QDEVNAMING system value determines how the names are assigned. The chart below shows how the system names the third display station and the second printer attached to your system:
Your choice | Naming format | Display station name | Printer name |
---|---|---|---|
1 | iSeries | DSP03 | PRT02 |
2 | S/36 | W3 | P2 |
3 | Address of the device | DSP010003 | PRT010002 |
In the above example, the display station and printer are attached to the first cable.
Recommendations
Use naming conventions not device addresses, unless you are running software which requires S/36 naming. Names for display stations and printers are less cumbersome than names which use the address of the device. Display station and printer names appear on several Operational Assistant displays. Printer names are also used to manage printer output.
After the system has configured a new device, use the Change Display Device (CHGDEVDSP) command or the Change Printer Device (CHGDEVPRT) command to enter a meaningful description of the device. Include in the description both the physical address of the device and its location, such as John Smith’s office, line 1 address 6.
Choosing your system printer
Use the QPRTDEV system value to assign your system printer. This system value, the user profile, and the job description determine which printer a job uses. The job uses the system printer unless the user profile or the job description specifies a different one.
Recommendations
Normally, your system printer should be the fastest printer on your system. Use the system printer for long reports and system output.
You will not know the names of your printers until you install and configure your system. Make a note about the location of your system printer now. Fill in the name of the printer later.
Allowing the display of completed printer output
The system provides users the ability to find their printer output. The Work with Printer Output display shows all the output that is currently printing or waiting to print. You can also allow users to look at a list of completed printer output.
This display shows when the output printed and on what printer it printed. This can be useful in locating lost reports. The job accounting function and the QACGLVL system value allows you to display completed printer output. The *PRINT option for the QACGLVL system value allows information about completed printer output to be saved.
Storing information about completed printer output takes space on your system. Unless you think your users will print many reports, you probably do not need to provide this function. Enter NO on the System Values Selection form. This value sets the job accounting level to *NONE.
Before planning user groups