Location Rules
The green screen is the traditional Exit Point Manager interface. All functions related to adding, editing, and deleting rules are available using either the web browser interface or the green screen, although the procedures for accomplishing these tasks differ considerably.
You can use the Work with Security by Location panel to maintain a location's server and server function filter rules. After entering a valid location, you can add, change, or delete the location's individual server and server function filter rules. You also can copy a location's filter rules to another location, or delete all the location's filter rules. To change a rule, simply type over the existing values, and press Enter.
- Select option 3 on the Exit Point Manager Main Menu to open the Work with Security by Location panel. (Or, from the Main Menu, select option 1 to display the Work with Security by Server panel and Enter option LA (Edit Location Authority) in the Opt column next to a server you would like to display.)
- The Work with Security by Location panel displays. Initially, this screen lists the default rules. You can add and maintain additional server function filter rules for locations using this panel.
- To add a new rule, press F6. The Create Location Rule panel appears. (To change the filter rule properties of an existing rule, simply choose 2 for the existing rule.)
- Enter the function, location, and filter rule properties. To see a list of available functions, authorities, or switch profiles for the selected server, you can press F4 (Prompt) to display a prompt screen.
For example, press F4 in the Function field to display the Prompt Server Functions panel. Enter a 1 next to the function for which you want to define a rule.
To apply the rule to all locations, enter *ALL in the Location field. To restrict the rule to one IP address, enter the IP address (for example, 10.123.144.213). To restrict the rule to a range of IP addresses, you can enter a generic IP address (for example, 10.123.*).
- To select from a list of valid authorities, press F4 to display the Valid Authorities panel. If you set the Authority to *REJECT, Exit Point Manager rejects the specified transaction. Whenever Exit Point Manager rejects a request for any reason, the transaction is recorded in the audit journal and the Aud column is not considered. The rejected request is audited regardless of the value in the Aud column.
- Specify if you want Exit Point Manager to send a message (Msg = Y) and capture transactions for memorization (Cap = N). If you do not specify a Switch Profile, it defaults to *NONE. Press Enter to add the rule.
- Enter 3 for the location rule you would like to copy. The Copy Location Rule panel appears.
- Specify the new location and press Enter.
- When you copy a location's rules, it does not copy all sublocation rules; only the rules for the selected location, for example, 192.*, are copied.
- All existing authorities for the location you are copying to are deleted.
On the Work with Security by Location panel, choose 5 for a location rule to display the Location Rule Derivation panel. This panel provides location rule detail information, including parameter settings and Active Rule and Rule Derivation information.
On the Work with Security by Location panel, choose 4 for a location rule to delete it.
You also have the option to set rules across multiple servers at one time from the Work with Security by Location panel.
- On the Work with Security by Location panel, press F2 to display the Add Location Rules panel.
- Specify the desired Location, Authority, Switch Profile, and Audit/Message/Capture flags for the rule.
- For Replace, choose Y to set the new rule across only those servers where a rule already exists for the specified location. This option updates existing rules with the specified rule filters and changes all existing rules for the location to those you entered.
- Press Enter to set a new rule across all Exit Point Manager servers, including servers that don't already have a rule for the specified location. This option adds *ALL functions for any missing servers and updates any existing rules.
Exit Point Manager ships with 30 default location authority rules. You can view these rules from the Work with Security by Location panel. To display the Work with Security by User panel, select option 2 from the Main Menu.
Use F16 to Sort and Subset by Server, Function, or Location.