November '95 Volume 95-3 IBM Internet Connection Newsletter A new look for us - more information for you! In an effort to provide you with a more useful newsletter, we've revamped the TCP/IP Connection Newsletter to give it a new look, a new format, and a new name. As the name change would imply, our newsletter now has a broader scope. In the Internet Connection Newsletter, we will be bringing you news about our TCP/IP products and our Internet Connection Family of products, which includes: Servers Clients Gateways Network services Consulting and solutions We will continue to include the regular articles that so many of you have found helpful, including: o At your service, a series of Qs and As o Meet the makers, a list of upcoming tradeshows o A better way to obtain fixes, instructions for obtaining CSDs via the Internet o Information update, announcements of new IBM Press publications and new redbooks o Want a sneak peek, information about the latest product demos and how to obtain them And scattered throughout are tidbits of news that might be of interest to you. /==============================================\ | MEET THE MAKERS | \==============================================/ Want to meet the people behind the IBM Internet scenes? Look for us at the IBM booth at the following shows and conferences: DATE SHOW NAME LOCATION 11/06 - 11/11 NSTC Orlando 12/04 - 12/08 Internet World Wash D.C. 1/29-2/01 COMNET Wash D.C. 2/2-2/4 Internet World New York 2/4-2/7 BPEC San Diego 2/13-2/15 Networks Expo Boston 3/3-3/8 Share Anaheim 3/20-3/27 CEBIT Hanover 3/25-3/29 Euro-NSTC Cannes /==============================================\ | A MESSAGE FROM IBM... | \==============================================/ IBM Chairman and CEO, Lou Gerstner, recently gave the keynote address at Comdex/Fall'95 where he said: "We're at the threshold of the next major phase of computing ... network-centric computing." In his speech, Mr. Gerstner emphasized the importance and potential of Information Technology and IBMs commitment to network- centric computing. The full transcript of Mr. Gerstner's speech is available in text or audio format from: http://www.ibm.com/TradeShows/COMDEX/Fall95/ /==============================================\ | NEWS FOR OS/2 USERS | \==============================================/ IBM recently announced new TCP/IP features, collectively called Dynamic IP, for the upcoming release of OS/2 Warp Server. Dynamic IP - a marriage of DHCP (Dynamic Host Configuration Protocol) and DDNS (Dynamic Domain Name System) - delivers the one-two punch that promises to radically redefine the process by which IP networks are accessed and administered. DHCP is a client/server protocol that allows network administrators to centrally locate and dynamically distribute IP address and network configuration information. DDNS automatically, dynamically, and securely registers client host names in the Domain Name System. This enables other hosts in the network to locate Dynamic IP hosts at their current point of attachment. In other words, with DDNS, a host's ability to access or be accessed by other hosts in the network is never compromised, regardless of how often the host changes physical locations. And because Dynamic IP uses only open-standard networking technologies, it can be seamlessly integrated into all existing IP networks. Dynamic IP Gives New Meaning to the Phrase, "Ease-of-Use" For the end user, Dynamic IP represents swift access to the network without the inconvenience of configuration, as well as complete freedom of movement within the network without experiencing the reconfiguration and network access delays associated with traditional networking systems. With Dynamic IP, an IP address is assigned and TCP/IP is configured automatically during the boot process. End users are no longer restricted to having to "plug-in" to a specific port in a particular physical location, making Dynamic IP well-suited for laptops and other mobile computers. For network administrators, Dynamic IP is the key to minimizing or eliminating tedious, time- consuming network-wide tasks. It allows them to make service or infrastructure changes once, at a central location, rather than numerous times at multiple locations. Dynamic IP also provides immediate turnaround for host name-to-IP address DNS information, and enables the network administrator to efficiently update other DNS- related host data. Maintenance couldn't be easier. Dynamic IP gives end users the freedom they want and network administrators the improved control they need. "Dynamic IP solves problems that network administrators live with every day," said Phil Powers, director of marketing for LAN Systems, IBM Personal Software Products. "Because OS/2 Warp Server is the first server operating system to promote an open Dynamic DNS standard, we are leading the way in helping customers solve a traditional network TCP/IP issue. We believe the inclusion of these features will further establish Warp Server as the industry's premier server operating system." Beta customers are chomping at the bit to get their hands on the GA version of Dynamic IP, and they won't have much longer to wait. Dynamic IP becomes available during the first quarter of 1996. /==============================================\ | NEWS FOR WINDOWS USERS | \==============================================/ For the Windows platform, IBM has announced plans to provide: o A World Wide Web server for Windows NT. Both a basic server and a secure server will be provided. The NT server will have capabilities similar to those available in IBM Internet Connection servers for AIX and OS/2 Warp. o A new version of the Internet Connection for Windows that you can use in either a Windows 3.1 or Windows 95 environment. /==============================================\ | NEWS FOR MVS USERS | \==============================================/ Having trouble with your Network Print Facility? Help is on the way! We issued an update to NPF in August that makes the ISPF user interface easier to use, includes new function youve asked for, and even improves performance. (NPF, by the way, lets you print data from your MVS system on printers anywhere in your TCP/IP network. Using the NPF interface, you choose the printer and processing you want.) Here's a glimpse of some of the improvements you'll see in this NPF update (FMID JTCP318): o Consolidated interface panels get you to your task with fewer steps and fewer words. o New field-sensitive help and better scrolling capabilities simplify file updating. o You can now customize the data set name defaults for all or selected users. o You can better manage your queue file records through "Hold" and "Reset" options when printers are having problems. o Files process more quickly thanks to internal improvements in file access. Instructions for installing and migrating to the update are in the Memo to Users, the Program Directory, and the updated TCP/IP for MVS V3R1: Network Print Facility guide. And you can find explanations for new messages for the NPF update in the new TCP/IP for MVS V3R1: Messages Supplement. *** Have you checked out the TCP/IP for MVS home page? You'll find a wealth of information here, including late-breaking updates to the publications, technical Q's and A's, tips, service updates, and even this newsletter! A Web browser (such as the popular WebExplorer in OS/2 Warp) and this URL are all you need to get to the TCP/IP for MVS home page: http://www.raleigh.ibm.com/tcm/tcmprod.html /==============================================\ | NEWS FOR AS/400 USERS | \==============================================/ In our continued effort to expand our family of Internet products, IBM recently announced Internet Connection for AS/400. Internet Connection for AS/400 is an integrated package to help you conduct business on the Internet. Internet Connection for AS/400, also known as WebConnection for OS/400, includes: o A World Wide Web Hypertext Transfer Protocol (HTTP) server, which provides businesses with the ability to market their products on the Internet or to provide information internally, all by using their existing AS/400. o An AS/400 HTML gateway, which automatically transforms current AS/400 applications to Hypertext Markup Language (HTML) for display at Web browsers. o Direct database serving to Web browsers, which allows DB2 for OS/400 data to be queried and served (with graphics, if desired) to a Web browser, without complex programming. o Logging of World Wide Web server access, which provides feedback to a company's marketing organization on the most accessed portions of the company's World Wide Web offerings. The Internet Connection for AS/400 is scheduled to be available in the first quarter of 1996. In addition, IBM announced improvements to TCP/IP for OS/400, including: o FTP support for the new integrated file systems. o Anonymous FTP and FTP Request Validation, which allows your customers to retrieve software updates, demos, or product information from your company's AS/400 without a user ID or password, and allows system programmers to customize FTP function by user profile. o Asynchronous communications support using SLIP, which allows inexpensive, limited bandwidth access to the World Wide Web and Internet. For more information about these improvements, see: http://www.as400.ibm.com/ and select the Internet icon. /==============================================\ | INFORMATION UPDATE | \==============================================/ The talented people who write our redbooks have recently published two new editions: OS/2 Warp Generation, Volume 2: Exploring LAN Connectivity with OS/2 Warp Connect (order number: GG24-4505) This redbook discusses the connectivity function of the IBM OS/2 Warp Connect Version 3 product, based on the early experiences of the OS/2 Warp Connect Version 3. It highlights the excellence of the product in exploring the LAN connectivity. Information on installation/configuration, component features such as new OS/2 Peer and TCP/IP Version 3, Multiprotocol Network Services (MPTS), and interoperability are discussed. Accessing the Internet (order number: SG24-2597) This redbook is unique in its detailed coverage of the Internet. In particular, the reader is given guidance in selecting an Internet service provider, setting up secure access to the Internet, and selecting Internet navigation tools. The redbook focuses on IBM's commitment to the Internet. It also provides information about installing and using IBM Internet Connection for OS/2, IBM OS/2 Warp Connect, and IBM Internet Connection for Windows. This document was written for anyone with an interest in accessing and using the Internet. Some knowledge of networking and TCP/IP is assumed. In addition, the following redbooks on TCP/IP and related topics are currently available. Number Title --------------------------------------------------------- GG24-3376 TCP/IP Tutorial and Technical Overview GG24-3531 TCP/IP V2.0 for OS/2 Install and Interoperability GG24-3624 TCP/IP V2R2 for VM Installation and Interoperability GG24-3687 TCP/IP V3R1 for MVS Implementation Guide GG24-3840 TCP/IP and National Language Support GG24-3852 TCP/IP for MVS, VM, OS/2 and DOS Troubleshooting Guide GG24-3911 TCP/IP for MVS, VM, OS/2 and DOS X Window System Guide GG24-4149 Using Network Security Program on AIX, OS/2 and DOS Platforms GG24-4172 Using 3174 in TCP/IP Networks GG24-4374 TCP/IP for DOS/Windows Interoperability and Coexistence You can order individual copies or customized sets of publications, called GBOFs, which relate to specific functions of interest to you. For a complete listing of redbooks and their GBOFs, see the "Bibliography of International Technical Support Centers Technical Bulletins" (GG24-3070). /==============================================\ | NEW FROM IBM PRESS | \==============================================/ IBM Press is a joint venture between IBM and International Data Group (IDG) Books Worldwide, Inc. IBM Press combines the technical expertise that IBM is known for with the easy-to-read style that makes IDG books so popular. It is our pleasure to present the latest in a series of IBM Press books: IBM's Official Guide to Building a Better Web Site (ISBN 1-56884-599-5) Whether you are a company trying to reach customers and potential customers, an organization looking for a better way to spread your message, or an individual wanting to make a statement to the world, you should be on the Web. This comprehensive book gives you all the information you need to establish a presence on the World Wide Web, including: o Clear, concise explanations of Web concepts o Helpful tips and techniques, including: - How to create clickable images - How to master the mystery of HTML forms - How to add multimedia to your home page o A CD that contains templates for Web documents and an HTML version of the book For information about other IBM Press books, see the IDG home page at: http://www.idgbooks.com/ /==============================================\ | INTERNET CONNECTION CLIENTS | \==============================================/ The solution for quick and easy access to the World Wide Web. *** What's new with WebExplorer for OS/2 Warp? Several new features have been added to the latest version (version 1.03) of WebExplorer for OS/2 Warp. If you don't have the latest, read on to see what you are missing, then go to: http://www.ibm.net/friends/ibmsoft/latest/ Or, if you don't have Web access, you can FTP as anonymous to ftp.ibm.com where you will find the latest in \pub\WebExplorer\. Version 1.03 of WebExplorer for OS/2 Warp provides: o Newsgroup Manager WebExplorer now provides a full-function Newsgroup Manager. This feature allows you to list the Usenet newsgroups provided by your news server and to subscribe to your favorite groups. The Newsgroup Manager monitors your subscriptions and reports the number of unread articles since your last session or update. You can add or delete subscriptions at any time. After selecting a newsgroup from the subscription list, you can load and browse a portion of the articles available or see all articles at once. The Next Thread and Previous Thread navigation options allow you to move forward and backward through the list of posted articles. The Up Thread and Down Thread options allow you to follow a specific conversation thread. Recognized protocols within the text are displayed as links, so you can go directly to them. You can send a response to a specific article in a newsgroup, as well as post your own articles. o HTML 3.0 Support WebExplorer now supports several features of HTML 3.0, including: o The
tag, which centers text or graphics on a line. o New attributes for the
tag, which allow you to control the thickness, width, and alignment of a horizontal rule. o The tag (and associated attributes), which allows you to organize information into rows and columns. o The tag, which allows you to liven up your home page by using an image (in .gif format) as a background. o Several attributes to control the colors in a document, including: - BGCOLOR, which specifies the background color of the document. - TEXT, which specifies the color of the document text. - LINK, which specifies the color of links in the document. - VLINK, which specifies the color of visited links in the document. You specify a color for any of these attributes using a six-digit hexadecimal string. The string represents the RGB value (mixture of red, green, and blue) of the color in hexadecimal. For example, "#000000" indicates black, while "#CACA03" indicates yellow. You can view different color mixtures using the Color Palette editor in OS/2 Warp. These attributes override the default settings in WebExplorer. *** The WebExplorer Programmer's Toolkit for OS/2 The first release of the WebExplorer Programmer's Toolkit is now available. This application programming interface (API) is designed to provide application programmers with high-function HTML control using DLLs that are part of WebExplorer. It is not designed to provide protocol-level access to underlying Internet services like Gopher, FTP, and HTTP internals. The API is structured asynchronously for a window-based, event-driven environment. Currently, there is only one API, but there will be others in the later versions of the WebExplorer Programmer's Toolkit. The toolkit consists of two files: o webexwin.h, the header file for the DLL entry points o webexwin.lib, the Import library for the DLL Please Note... To use the Programmer's Toolkit, you must have the latest version of WebExplorer (version 1.03), which includes the webexwin.dll. *** Previous improvements Other improvements made to WebExplorer for OS/2 Warp since the original version include: o Fast Loading of Documents Text and graphics are now displayed as soon as they are received from the network. Place holders for graphics stream in along with the text. The display reformats as the graphics come in to fit the graphics. If the graphics were created with height and width tags, WebExplorer will automatically display the correct amount of space for them. By default, WebExplorer starts with fast load and streaming turned on. To change these settings, select Loading from the Configure pull-down menu. o Mailto Support Support was added for tags. When a mailto link is selected, a form is displayed that allows you to enter a short message that is then mailed via SMTP to the recipient specified in the mailto tag. o Disable/Enable Proxy and Socks Servers Configuration Options If you need to disable your proxy or socks server configuration to communicate with a specific server, you can do so using the check boxes. You do not have to re-type the name of the proxy or socks server to re-enable it. *** Did you know... WebExplorer now has its own home page at: http://www.raleigh.ibm.com/WebExplorer/ *** Internet Connection Secure WebExplorer for OS/2 Warp IBM's Secure WebExplorer is the total solution for secure transactions on the World Wide Web. Based on the popular WebExplorer for OS/2 Warp, Secure WebExplorer: o Lets you make purchases on-line without risking the release of your credit card number to anyone other than the intended receiver o Uses encryption to scramble sensitive data o Verifies the identity of those receiving secure data by authentication Secure your buying power If you are already cruising the Internet, you may be browsing one of the many on-line shopping malls or home pages that sell products and services. The quickest and easiest way to shop on- line is to use your credit card. You can enter your number and submit your order without ever leaving your computer. No phone calls, no faxes, and no red tape. However, you don't want to expose yourself and your credit to computer hackers, those on-line thieves that steal your credit card number and make purchases for themselves. Internet Connection Secure WebExplorer for OS/2 Warp secures your public buying power by protecting your private data. It does this through two processes called encryption and authentication. To encrypt your order simply means that WebExplorer will scramble all of the order data before you send it, making it unreadable by anyone other than the intended receiver. The receiver has the matching encryption key to unscramble the data upon receipt. Authentication is the process used to verify the identity of the receiver so that you can make sure that others are who they say they are. You can ensure authenticity by exchanging a password, or key, that is known only to you and the receiver. How does it work? To ensure secure electronic purchases on the Internet, both the browser (WebExplorer) and the server (the computer on which the home page resides) must support Internet security protocols. The Internet Connection Secure WebExplorer uses the Secure Sockets Layer (SSL) and Secure Hypertext Transfer Protocol (S-HTTP) to ensure compatibility with security protocols on any Web server. You don't have to worry about which security protocol the server has. In addition, Secure WebExplorer allows you to obtain the security information on a current document, change key passwords, and configure security alerts. You can also see a graphic representation of a documents security level. /=================================================\ | DID YOU KNOW... | \=================================================/ You can change the animated icon that users see in the top right corner of the WebExplorer window when they are viewing your document. The Customized animations option must be checked under the Options pull-down menu (this is the default), and the change is temporary. It will last only as long as WebExplorer is up. When you exit WebExplorer and start it up again, the original icon will return. To change the animated icon, first create (or copy) a sequence of images. These images should be 50x50 pixels and in the OS/2 bitmap or GIF format. (GIF is better.) Typical animations are composed of four to eight images, but we have seen animations that use as many as 50 images. Next, include the following lines in your HTML document immediately after the tag. (This example assumes that the images are light1.bmp through light8.bmp and are in the current directory.) You can include a different animation on each page that you own and serve. Remember, though, this will slow down serving your page. For an archive of animations, visit the folks that make up Team OS/2 in Australia at: http://www.os2forum.or.at/TeamOS2/English/Special/Animations/ /==============================================\ | WANT A SNEAK PEEK? | \==============================================/ IBM has produced on-line demos for several of its TCP/IP and Internet Connection products. Each interactive demo provides a high-level marketing overview of its product, contact numbers for service and education, and a glossary of networking terms. Previews are available at no charge. A demo for the Internet Connection Family of products is available for download from the Web at: http://www.raleigh.ibm.com/icf/icfam.html A demo for the Internet Connection for Windows is available for download from the Web at: http://www.raleigh.ibm.com/icw/icwdemo.html A demo for the Internet Connection Secured Network Gateway will soon be available for download from the Web soon at: http://www.raleigh.ibm.com/sng/sngprod.html A tutorial for the Secure WebExplorer will also be available soon for download at: http://www.raleigh.ibm.com/WebExplorer/ The following TCP/IP previews are available via anonymous FTP from ps.boulder.ibm.com. They are located in the /ps/products/tcpip/demo subdirectory. TCP/IP V2.0 for OS/2 TCP/IP V2.1 for DOS TCP/IP V3R1 for MVS Demos and previews are also available upon request from your IBM Marketing Representative. /==============================================\ | INTERNET CONNECTION SERVERS | \==============================================/ Make your presence known... with the new Internet Connection Servers. *** Internet Connection Servers for AIX and OS/2 Warp With IBM's Internet Connection Server for AIX or OS/2 Warp, you have a solid foundation for your presence on the Internet. You can use the IBM Internet Connection Server on your internal enterprise network to distribute sales manuals, employee handbooks, or other documents that require wide distribution and frequent updates. You also can use it to communicate your company's message to the millions of people who are connected to the worldwide Internet. In either case, the IBM Internet Connection Server will enable you to distribute a low-cost, tightly focused message to the audience you need to reach. By tapping the power of the Hypertext Markup Language (HTML), the IBM Internet Connection Server allows you to go far beyond conventional printed information. Hypertext lets your audience interact with the information you publish. Click on the highlighted word "distributors" in a sales manual and the reader is launched into an up-to- date listing of resellers. Click on a listed name and the reseller's address, phone number, fax and other information are displayed along with the option to send e-mail to the reseller. This is just one example of how HTML can be used to create dynamic information that will keep your audience interested and deliver your message more effectively. Easy to install, easy to use Installing the IBM Internet Connection Server is quick and easy. Both the IBM Internet Connection Server for AIX and the Internet Connection Server for OS/2 can be installed from either CD-ROM or 3.5-inch floppy disks, can be administered locally or remotely using most Web browsers, and provide extensive HTML-based documentation. The Features You Need The IBM Internet Connection Server has the features you need to build your home page on the Internet. The IBM Internet Connection Server can: o Act as a repository for home pages created with Hypertext Markup Language (HTML). o Answer requests from Web browsers (clients). o Provide proxy support, allowing Web browsers to access remote servers not directly accessible to it. The proxy server supports requests from HTTP, FTP, and Gopher and acts on their behalf. o Support proxy caching by temporarily storing files and, then, quickly responding to the next request for the files. o Provide application interfaces, using Common Gateway Interface (CGI). CGI is an emerging standard API between the Internet Connection Server and another application, such as a database. An easy-to-use HTML form is provided to help you configure the IBM Internet Connection Server to meet your business needs. You can specify options such as time-out settings, proxy servers, and caching. *** Internet Connection Secure Servers for AIX and OS/2 Warp We didn't forget server security either. If you're planning to conduct business over the Internet, you'll want maximum flexibility in a secure environment. So, we offer IBM Internet Connection Secure Servers for AIX and OS/2 Warp to address these needs. The Internet Connection Secure Server products include all of the functions of the Internet Connection Server products, with added security protocols and remote administration from a Web client. The Internet Connection Secure Servers support the same emerging S-HTTP and SSL standards as Secure WebExplorer. You can feel confident in knowing that your data is safely encrypted and that it will arrive at its intended destination. Internet Connection Secure Servers provides several security methods, including: o Public and private keys o Key certificates o Data encryption o Digital signatures o Message authentication *** Internet Connection Server for MVS The new IBM Internet Connection Server for MVS allows all MVS customers, including System/390 users, to leverage their existing enterprise investment and build a World Wide Web server delivering their current data through a graphical user interface. Because the server resides on a S/390, it has all the inherent MVS strengths: security, capacity, integrity, robustness, and scalability. "Business of all sizes are looking to develop products and services on the Internet and we hear many of them say they want to leverage their existing resources. The IBM Internet Connection Server for MVS lets them use a powerful system they're already very familiar with, while our Internet Connection CICS and DB2 gateways will let them link existing data and applications to the Net. The potential of this is tremendous," said Lois Dimpfel, vice president, networking software products, IBM Networking Software Division. The scalability of the S/390 server is particularly advantageous to a customer because all levels of development can be accommodated - from the first home page to a high-volume, international, multi-feature Internet service. The Internet Connection Server for MVS can be run in a S/390 PR/SM logical partition environment to separate public network connections from a private customer environment. Data can be shared across logical partitions. The Web partition can have read/only access to prevent vandals on the network from corrupting production data, while allowing the production partition to have read/write access to all data. S/390 server capacity can be allocated to the Web partition to meet changing performance demands by modifying the flexible performance parameters. This is in contrast to adding additional servers, which can be an expense alternative. By using your existing MVS system, you do not need to incur the added expense of maintaining a separate platform to take advantage of the Internet marketplace. Development of the IBM Internet Connection Server for MVS was greatly simplified by the recent introduction of OpenEdition MVS. The Internet Connection Server for AIX was ported to OpenEdition's industry-standard interfaces with a minimal amount of change. In addition, several forthcoming software products will add even greater value to the MVS-based Internet software. A secure version of the MVS Internet server, supporting both Secure Hypertext Transfer Protocol (S-HTTP) and Secure Sockets Layer (SSL), the two principal technologies for ensuring privacy of Internet-based transactions, will be announced later. The Internet Connection product family will also include CICS and DB2 gateways, allowing an Internet server to link to existing enterprise applications and data. *** Performance News Recently, work has been underway by the Web Server development team to measure the throughput of the new IBM Internet Connection Servers for AIX and OS/2. Current results show that when GET'ting a 1KB HTML file and maintaining a 30 seconds or better response time, the AIX non-secure Web server running on a RISC/6000 m580 and a dedicated 16MB token ring LAN was capable of fulfilling over 4,000,000 requests per day. And the OS/2 non- secure Web server running on an Intel PENTIUM 100Mhz processor and a dedicated 16MB token ring LAN was capable of fulfilling over 1,000,000 request per day. Interestingly, the above numbers fit well within recently set industry standards for characterizing large and moderate Web servers. Also, a new display technique has been added to WebExplorer for OS/2 Warp to address a usability problem that some users perceived as a performance problem. The problem concerned how fast you could scroll an incoming page. With the old technique, you could not scroll through a page until all text and graphics were received. With the new techniques, called "fast load" and "streaming graphics", placeholders are displayed where the graphics will be placed, enabling you to freely to scroll through the page. From a strict performance view, measurements of the speed to retrieve the complete text and graphics are the same for both techniques, but the new technique provides a perceived improvement in "performance" because your lock-out time has been reduced. /==============================================\ | INTERNET CONNECTION GATEWAYS | \==============================================/ Recently. IBM announced several gateway products for the Internet and the World Wide Web, including: The Internet Connection firewall The DB2 WWW Connection The CICS Internet Gateway In addition, IBM has also announced a unique image search solution that uses the Common Gateway Interface. *** Internet Connection firewall While it's easy to access the Internet, conduct transactions, and transfer files, you want to be sure that your information is secure within your network. You need a barrier, or firewall, between your network and the Internet. The IBM Internet Connection Secured Network Gateway for AIX (formerly Network Security Program, NetSP) is one such firewall. The IBM Internet Connection firewall ensures that only authorized network users send information outside your network and that anyone in another network can get only the information that you make available. It protects your company assets from Internet intruders while giving authorized users transparent access to Internet applications. And because its from IBM, the Internet Connection firewall is a time-tested, proven solution with technology that IBM has used to protect its own worldwide network. The Internet Connection firewall provides: o Encryption The privacy of your data is ensured as it flows across a public network between two firewalls. The Internet Connection firewall encrypts IP packets, creating a private IP tunnel. o Alarm facilities The Internet Connection firewall allows you to actively monitor security events at the firewall and generate real-time notification to the network administrator. o Advanced filtering capability Filters are used to control packet flows based upon criteria, such as IP source or destination address range, TCP ports, UDP, ICMP, and TCP responses. Filters are transparent to users, and are a powerful way to deny access to specific locations within your network. o Application gateway proxy Using either Telnet or FTP, users can access the Internet Connection firewall, where their identity is authenticated. After verifying a user's identity, the firewall allows the user to launch any TCP/IP application that the user is authorized to access, such as FTP, Gopher, and WHOIS. All packets flowing from the IBM firewall carry the IP address of the firewall as the originating address. So, the gateway proxy server hides the IP addresses of your internal network from the outside world. It also allows you to grant trust on the basis of individual users, rather than on the basis of an IP address. o SOCKS server Applications, running on hosts and workstations within your secured network that use the SOCKS API, can use the SOCKS server on the IBM firewall. SOCKS can be used to provide a transparent means of controlling access to the Internet, while, at the same time, hiding the IP addresses of your internal network from the outside world. o Domain Name Server support The external Domain Name Server presents your corporate domain name to the Internet. The outside world can't see the structure of your network or the names and addresses of your internal hosts. o Mail service support The Internet Connection firewall supports forwarding of authorized Simple Mail Transfer Protocol (SMTP) e-mail to an e-mail server in the secure network. o Strong authentication The Internet Connection firewall offers various methods for authenticating clients. You can use a password or more sophisticated methods, like Digital Pathways' SecureNet card or Security Dynamics' SecurID card. *** DB2 WWW Connection DB2 is a popular database used by thousands of companies to store important data. Information in a DB2 database can be accessed using the Structured Query Language (SQL). Using the DB2 WWW Connection and standard SQL and HTML coding, you can write applications that allow users to access information in your DB2 database through a Web browser. DB2 World Wide Web Connection uses native HTML and SQL languages, not a new hybrid language, thus allowing the application developer to use existing HTML editors and query tools to generate the SQL queries. Then the HTML forms and SQL queries are stored in macro files on the Web server. The DB2 WWW Connection runtime engine processes these macro files when the user requests access to data. DB2 WWW Connection provides variable substitution across HTML forms and SQL queries, enabling the application developer to use the full capabilities of HTML and of SQL. In a two-tier client/server environment (local server with one or more clients), DB2 WWW Connection lets you build an application that can access DB2 for OS/2, AIX, or MVS/ESA data on your Web server, including IBM's Internet Connection Servers and Secure Servers. In a three-tier environment (local server with one or more clients, plus access to remote servers), your new application can access DB2 data on the Web server and work with existing applications to access the DB2 family and other data on servers connected to the Web server with Distributed Database Connection Services (DDCS) or with DataJoiner. For an evaluation copy of the DB2 WWW Connnection, see: http://www.torolab.ibm.com/data/db2/ *** CICS Internet Gateway IBM recently announced the CICS Internet Gateway. CICS applications receive and send information using a host-specific format called the 3270 data stream. The format of information on the Web is HTML. The CICS Internet Gateway, positioned between the Web server and the CICS application, transforms the 3270 data stream into HTML. Thus, with the CICS Internet Gateway, companies and organizations that run CICS applications can make those applications available to the world over the Web. For more information about the CICS Internet Gateway, including a demonstration, see: http://www.hursley.ibm.com/cics/saints/ *** Query By Image Content IBM recently announced a revolutionary Web search solution that uses the Common Gateway Interface. Query By Image Content (QBIC) uses a combination of a gateway program and an image server to allow users to search for images that meet specified criteria (in terms of color content, color placement, texture, or pattern). This technology has many uses. For example, if you wanted to place a short story set in New England on the Web and you needed some scenes of the countryside, you could use QBIC to search a database of images for an image with a blue sky and green fields. Or, for example, QBIC could be set up to search through images in a clothes catalogue for a tie with a certain texture, pattern, and color to match the new suit you bought. Currently, QBIC is available as part of Ultimedia Manager. Work is in progress to integrate it into the IBM DB2 database products as well. If you'd like to give it a try, see: http://wwwqbic.almaden.ibm.com/ /==============================================\ | CONSULTING AND SOLUTIONS | \==============================================/ IBM's consulting and solutions can help you create the right Internet solution for your business. Our Internet consulting and solutions include: o Business transformation IBM can assist you in identifying leverage points that the Internet can give you in working with your customers, suppliers, and business partners, as well as transforming your own organization. o Internet planning IBM can assist in determining the best way to deploy the Internet to support your business strategy. Our skilled consultants can help you assess costs and benefits, develop a business case, provide guidance on sourcing alternatives, and identify and manage risks. o Network design Our experts can perform a requirements analysis and develop a design that is validated for performance, capacity, and availability that meets your business needs. o Content design, creation, and testing IBM can also help you create your own WWW application and home page to give your company the image and presence you want on the Internet. These services include graphic design, multimedia integration, data conversion and migration, implementation, and testing. o Implementation Our experts are also available to help you install the hardware and software required to access the Internet. These services include installation and testing of an Internet gateway server and installation and customization of the IBM Internet Connection Secured Network Gateway firewall product. o Security Internet security is a great concern. Our skilled professionals can help you assess the risks and exposures, reengineer security processes, develop an enterprise-wide security architecture, and select the best Internet security technology to suit your specific environment. For more information about our consulting services, see: http://www.ibm.net/ser/serover.html /==============================================\ | NETWORK SERVICES | \==============================================/ Getting onto the Internet may sound complicated, but it doesnt have to be. With the IBM Internet Connection service, the work is already done for you. The IBM Internet Connection service provides Internet access for home, small business, and large corporate users. And by the end of 1995, this service will feature 450 local dial access points in nearly 40 countries around the world via the IBM Global Network. In the U.S., Advantis is the provider of the IBM Global Network. Other highlights of the IBM Internet Connection service include: o 28.8 Kbps connectivity in the U.S. o 800 dial service for users outside local calling areas, in the U.S. and Canada o On-line registration o Up to six userIDs per subscription o Acceptance of major credit cards with charges applied in local currency Also available are leased line services, home page creation, and content hosting for the WWW. We'll supply the network server, high-bandwidth Internet link, network management, and "traffic" reports. Customers can see and download information about your products and services, and send you e- mail. In addition, IBM offers the IBM Global Network Secure Gateway, an Internet Connection service that lets you make the choice: you can manage your security, or IBM can. If you want IBM to manage your security, you'll get a service that blocks unwanted logons or file transfers. Available to SNA and TCP/IP customers, this service acts as a barrier between a secure network, like yours, and a public network, like the Internet. For more information about the Internet Connection service and the IBM Global Network, see: http://www.ibm.net/ /==============================================\ | AT YOUR SERVICE | \==============================================/ This portion of our newsletter contains some frequently asked questions and their answers. If you have questions that you would like to see answered in this newsletter, please send them via e-mail to TCPIPNEWS@VNET.IBM.COM. 1) Do the TCP/IP 2.0 NFS and PMX kits work on Warp Connect? Yes, with the latest CSDs applied. When you install the kits, however, check the default installation path. The installation program will default to the MPTN directory. This must be changed to TCPIP to avoid any complications. Dont forget to change the path when you install the CSDs as well. 2) I installed NFS and PMX to the wrong directory (as mentioned above) and now some files are in TCPIP and some are in MPTN. How do I clean it all up? The easiest way is to back up your PROTOCOL.INI file, then use the "REMOVE" option of MPTN, and then reboot. Be sure all of the MPTN and IBMCOM directories are deleted. Reinstall the TCP/IP packages and CSDs, this time specifying the TCPIP directory as the installation path. Then reinstall MPTS and restore any environment-specific settings in the PROTOCOL.INI 3) How many concurrent SLIP connections does TCP/IP 3.0 support? If you use one of the service provider dialers (Internet Connection Dialer or Dial Other Service Providers), you can have only 1 SLIP connection at a time. However, you can manually configure SLIP (by editing the SLIP.CFG file) to support up to 8 concurrent connections. For more information, see the section in the on-line TCP/IP Guide called "Manually Configuring a SLIP Interface". 4) I have a new "Select-A-System" preload machine from IBM. It has Warp and DOS dual boot on it. How do I get LAN TCP/IP connections? The Select-A-System preload installs the Internet Connection Bonus Pak in the C:\OS2\APPS\TCPIP directory. For a LAN connection, you will need to install the TCP/IP 2.0 base kit over the Bonus Pak. This means you must be sure to change the install path to C:\OS2\APPS\TCPIP. You will also need to comment out one line in the CONFIG.SYS file: rem device=c:\os2\apps\tcpip\bin\ifndisnl.sys Be sure to apply any CSDs, also checking the installation path. 5) I have developed a DPI 2.0 subagent to work with the SNMP agent for OS/2 Warp Connect but I seem to be missing the header files and the import libraries. Warp Connect does not include the snmp_dpi.h and dpi20dll.lib that developers need to compile and link it their DPI subagents. However, sample code for these files is available via anonymous FTP to software.watson.ibm.com in the pub/dpi/ subdirectory. 6) Is there an easy way to keep up with the enhancements being made to WebExplorer? Yes, keep an eye on the WebExplorer home page: http://www.raleigh.ibm.com/WebExplorer/ /==============================================\ | A BETTER WAY TO OBTAIN FIXES | \==============================================/ You can obtain Corrective Service Diskettes (CSDs) for TCP/IP electronically? If you have access to the Internet, you can FTP as Anonymous to SOFTWARE.WATSON.IBM.COM. o Fixes for TCP/IP for OS/2 are located in pub\tcpip\os2. o Fixes for TCP/IP for DOS are located in pub\tcpip\dos. You can also obtain CSDs via modem connection from the NCSBBS bulletin board at: (919) 517-0001. Set your modem settings to: none,8,1. /==============================================\ | A NOTE FROM THE EDITOR... | \==============================================/ Greetings! And thank you to those who sent in questions for the newsletter. Due to difficulties with my e-mail address, I did not receive mail sent to the TCPIPNEWS address for most of October. If you sent mail and did not receive a response, please accept my apologies. All problems with the address have now been solved. Please feel free to re-send any messages that you feel may have been lost. Also, with the holidays approaching, I wanted to let you know that I will be out of the office and unable to access my mail from December 22 through January 8. If you have a question that you would like answered during that time, please contact your IBM Support Center or, if it is a general question, feel free to send it to ASKIBM@ INFO.IBM.COM. /==============================================\ | CUSTOMER SURVEY | \==============================================/ We are conducting an informal survey to determine if our newsletter is meeting your needs. If you would like to participate, please answer the following questions and send the response to us: Fax: 1.919.543.4118 E-mail: TCPIPNEWS@VNET.IBM.COM Or, feel free to visit us on the Web and take the survey on-line at: http://www.raleigh.ibm.com/tcn/ 1) How did you learn of our newsletter? _ From a friend _ Found it on the Web _ Saw it mentioned in a forum _ Other 2) Where did you get your copy of the newsletter? _ FTP site _ Web _ BBS _ Other 3) Which format do you prefer? _ PostScript _ ASCII Text _ On-line (Web) _ Other 4) What do you find most useful about the newsletter? _ The announcements _ The Qs and As _ The tips _ CSD information _ Other 5) Which topics are you most interested in? _ TCP/IP products _ Internet Connection servers _ Internet Connection clients/kits _ General information - futures and direction _ Other 6) In general, how helpful do you find the Internet Connection Newsletter? _ Very helpful _ Somewhat helpful _ Not as helpful as I would like _ Not helpful at all 7) How could we make the newsletter more helpful? ____________________________________________________ ____________________________________________________ ____________________________________________________ ____________________________________________________ ____________________________________________________ 8) We are working on a new book for planning a TCP/IP network. This book would contain information about how to setup a TCP/IP network as well as how to integrate TCP/IP into an existing network. Would you be interested in participating in a survey to help determine the content of the book? _ Yes _ No If so, please specify your e-mail address: ___________________________________________________ /==============================================\ | WE WOULD LIKE TO HEAR FROM YOU | \==============================================/ The goal of this newsletter is to be informative and interesting. We hope we have achieved that goal. We welcome comments and suggestions. Please send them to TCPIPNEWS@VNET.IBM.COM. Contributing authors: Michele Carlo, Karen Gould, Russell Griffiths, Gretchen Moore, Salil Muma, Paul Reitman, Marty Yarnall Editor-in-chief: Debbie Morrison IBM, AIX, AS/400, CICS, DB2, MVS/ESA, OpenEdition, OS/2, OS/400, and System/390 are trademarks of International Business Machines Corporation. Windows, Windows NT, and Windows 95 are trademarks of Microsoft Corporation. NFS is a trademark of Sun Microsystems, Incorporated. Other company, product, and services names may be trademarks or service marks of others. (C) Copyright International Business Machines, 1995