11 – Customize Communication Settings
Communication customization should be performed at this time to enable the Connector for Top Secret to communicate with SailPoint through the Connector Gateway (CG).
11.1 – Verify TCP/IP Connectivity
The Connector for Top Secret communicates with the Connector Gateway using the TCP/IP protocol.
A functional TCP/IP connection between Connector for Top Secret and the Connector Gateway is required. Any network topology configuration that supports TCP/IP (hardware and software) can be used, as long as TCP/IP connections can be established between Connector for Top Secret and the Connector Gateway. Connectivity should be verified before you start the Connector Gateway (for example, use the ping command, Telnet commands or other TCP/IP applications).
11.2 – Specify Connector for Top Secret Gateway Communication Parameters
Member ECAPARM in the Connector PARM library is used to define Connector for Top Secret Gateway communication parameters.
Edit member ECAPARM in the Connector PARM library and set up the parameters using the values set in Communication Parameters (CTSPUSR and ECAPARM Parameter Members).
11.3 – Define the TCP/IP DATA file
Note
It is likely that no need to update TCP/IP data file to enable CTSGATE to communicate with SailPoint. You may skip this chapter and get back to it only if you encounter an issue in establishing a communication between CTSGATE and SailPoint.
z/OS TCP/IP regards the CTSGATE started task as a client application requiring a client profile dataset. This profile dataset is referred to in MVS documentation as hlq.TCPIP.DATA (hlq is the high-level qualifier for the dataset).
This dataset is the main resolver configuration dataset as set up in the local TCP by the MVS/TCP systems programmer.
The TCP/IP profile dataset contains information such as the host name, domain origin and the TCPIPJOBNAME parameter. This information identifies the TCP/IP stack to use.
Note
For more information regarding this dataset, see the IBM document, z/OS Communications Server IP Configuration Guide.
When attempting to locate the TCP/IP profile dataset, MVS searches using the following sequence of names:
-
<jobname>.TCPIP.DATA (for batch jobs and started tasks) -
SYS1.TCPPARMS(TCPDATA) -
TCPIP.TCPIP.DATA
When located, the dataset is dynamically allocated.
The default value assigned for the high-level qualifier for the TCP/IP profile dataset during TCP/IP setup is TCPIP.
If the high-level qualifier for this dataset in your system has been assigned a different value or if this dataset has not been assigned one of the standard names listed above, the dataset name must be specified in parameter TCPDATA in the CTSGATE started task. This parameter is referred to by the //SYSTCPD DD statement.
This issue should be coordinated with the MVS/TCP systems programmer in your organization.
Note
If the high-level qualifier for TCPIP.DATA at your site is TCP01, Modify the TCPDATA parameter in the Connector for Top Secret Gateway JCL procedure (CTSGATE):
// TCPDATA=TCP01.TCPIP.DATA,
If the high-level qualifier of this dataset is TCPIP (the default), this Parameter must be left with its default value (NULLFILE).
11.4 – Set Up Secured Communication
Secured communication can be implemented using TLS secured communication or Transmitted Data Encryption.
Note
For more information, see Communication Parameters Coordinationfor descriptions of each option before selecting the secured communication method.
Install the selected secured communication method using the steps described in Secured Communication.