Re: [ADSM-L] Securing TSM Client
2010-05-12 07:19:32
Leandro -
The problem you're dealing with is a personnel management one, which can't be
solved by technology alone. The management there is the only avenue of
solution.
Technology can help, though. You can harvest records from the dsmaccnt.log to
compile a report to management demonstrating the times and data amounts that
inappropriate people have been performing TSM actions on that client, by virtue
of field 7 containing a username whenever dsmc is invoked by an individual.
You could go further by having a dsmadmc-based monitor performing Query SEssion
Format=Detailed to look for sessions from that node: where the User Name is
inappropriate, the monitor could then cancel the session and send a
notification of the usage violation.
Richard Sims at Boston University
|
|
|