Many entries appear in the 'Rejected Entries' view related to exit points that have not yet had secu (NETIQKB31036)

  • 7731036
  • 02-Feb-2007
  • 08-Oct-2007

Resolution

fact
VigilEnt Security Agent for iSeries 5.4/7.0

fact
Remote Request Management (RRM)

symptom
Many entries appear in the 'Rejected Entries' view related to exit points that have not yet had security enabled.

cause

If you have specified *ALL or *REJECTED for the Collection Mode of your exit points, then any incoming transactions that do not apply to an existing secured entry that would approve the transaction will be placed in the Rejected Entries view, in the 'Work With Collected Entries' screen.  Most installations use a global rule of *PUBLIC (user), *ALL (network), *ALL (operation), *PASS (action) to allow all transactions, and then they create rules to deny requests for specific users, network addresses, operations, and objects. 

fix

To verify your settings, perform the following steps:

  1. On a command line, type PSSMENU and press Enter.
  2. Select Option 2 PSSECURE, and press Enter.
  3. Select Option 3 Remote Request Management, and press Enter.
  4. Select Option 8 Work With Exit Points, and press Enter.
  5. Press F11 once, so that the Collection Mode column is displayed; this parameter controls what type of transactions will be collected for each exit point independently.
  6. You can page down to see the settings for all of your exit points.

Remote Request Management in version 7.0 enables "simulated security mode" by collecting transactions based on whether they *PASS or *FAIL if security is turned on. 

Additional Information

Formerly known as NETIQKB31036