Whenever I start working on an AS/400, iSeries or Power System box at a new company there are a few key areas I like to be sure of. These areas include ensuring basic system level security, job configuration and process management. Let’s take a fast look at how you can improve system performance and mitigate any potential security concerns quickly by using the capabilities already built in.

The first thing you should be auditing is your users user class level. This is especially true with any programmers on staff. With proper configurations there are very few reasons a user or programmer should be elevated beyond regular user authority and validate group authorities as well. Plain old users, even super users should never have QSYSOPR user class authority levels. Get out there and start scaling back those authorities and eliminating special privileges and then configuring the system to better accommodate Kamagra jelly the prior need to have elevated privileges.

Since I already touched on it take the time to properly configure the job and subsystem environments. You may be ham strung by your off the shelf software’s limitations in this arena but if at all possible take advantage of the iSeries built in ability to change and finely tune how jobs are processed on the system. You can modify job descriptions, user profiles, outqs, subsystem descriptions and more to process jobs in a method best suited for your systems workload.

Now if you have users that are allowed to create and submit lengthy queries or reports then you should modify there job descriptions to submit to special jobqs and subsystems that have low processor priorities. You do not want these types of jobs to take precedence over other jobs, backing up the job queues and hogging all the resources. There are also some additional global query parameters you can configure to control query definitions.

If you have the resources and budget take a look into LPARs. If you have a newer iSeries, i5 or Power System i box you should think about creating a seperate logical partition or even setting up another system as a sandbox slash development environment. Keeping programming development and production physically separated can prevent all kinds of major issues from occurring.

Even if you don’t have any developers on staff but do any kind of program customization from time to time, or even creating simply CL utility programs having a source control/change management process in place is critically important. Unfortunately PDM just doesn’t cut the mustard when handling change management and there are very sophisticated and expensive packages out there to do the job. One package that is free however is called ChangefIT produced by ecofIT.

Finally you should consider turning on and making full use of the the built in auditing capabilities and using the QAUDJRN journal. Depending on what industry your company is on or other requirements like Sarbanes Oxley you may have to do this step. But if you are not already familiar with it QAUDJRN works hand in hand with the QAUDLVL system value to log and audit varying levels of activity on your system.

Be forwarned that the security audit journal can be rather cumbersome to wade through if auditing levels are turned up full bore. This is where third party tools that catalogue and classify journal entires can come in very handy.

Author Bio: John Andersen is an IT manager working on IBMs AS/400 platform for over ten years. Check out his site Midrange Jump Start for more in depth tips, tricks and techniques you can use for your Power System i.

Category: Computers and Technology
Keywords: as400, iseries, system i, power system, ibm