IBM iSeries Integration (AS/400)

This topic describes how to integrate IBM iSeries (AS/400) computers running Precisely Assure Security with your Illumio PCE. This integration differs from the typical switch integration in the following ways:

  • Although the IBM iSeries is not a switch, you will use the PCE switch integration user interface to perform the integration.

  • Instead of generating ACLs as you would do when integrating a switch, you'll generate a Precisely-formatted CSV file to configure relevant policy on your IBM iSeries AS/400 computer that is running Precisely.

  • No flow information is collected from iSeries computers.

Add Unmanaged Workloads and IBM iSeries Definitions

To create a security policy, add unmanaged workloads representing each iSeries computer included in the PCE policy. A set of csv data is generated for each configured iSeries unmanaged workload. To define the IBM iSeries computers and the workloads attached to them as unmanaged workloads in the PCE web console, complete the following steps:

  1. Log into the PCE web console.

  2. Define the iSeries computers as unmanaged workloads by selecting Workloads and VENs > Workloads > Add > Add Unmanaged Workload. You will associate these unmanaged workloads with their IBM Precisely integration later. See Workload Setup Using PCE Web Console in the Security Policy Guide for information on adding unmanaged workloads.

  3. Define the IBM Precisely integration and associated workloads by selecting Infrastructure > Switches.

  4. Click +Add.

  5. Enter details:

    • NEN hostname: This field is populated with the FQDNs of the NENs paired with your organization's PCE. Select the appropriate NEN.

    • Description: This field is populated with "Illumio Network Enforcement Node" and the FQDN of the NEN. You cannot edit this field.

    • Switch Name: Enter a unique name that's easy to remember.

    • Switch IP: IP address of the IBM iSeries computer.

    • Manufacturer: Select IBM.

    • Model: Select Precisely.

  1. Click Save.

  2. Click Interfaces.

  3. Click Edit and then enter details:

    • Total Interfaces: Enter 1.

    • Interface 1: Enter a name. For example, interface 1.

    • Workloads: Select the unmanaged workload representing the appropriate iSeries computer. Only workloads assigned to the IBM iSeries computer interfaces are secured. You can attach one or more workloads to an interface.

    • Monitor Traffic: Ignore this setting. It doesn't apply to this integration.

  1. Click Save.

NOTE:

If your unmanaged AS 400 computer has two or more network interfaces (workload/computer interfaces), the generated ACL file will include duplicate entries for Inbound Rules, one pair of entries for each interface. This is expected behavior.

Fields in the PCE web console > Infrastructure > Switches > Add Switch page: