2.1 Security Enforcement/ Hardening
In this release, TLS 1.2 support for network connection between TCP Gateway on open system and CICS/IMS on Mainframe are added. Network connections between TCP Gateways and TMA TCP IMSs support SSL/TLS.
The following section describes the TLS support functionality:
| From | To | Supported Protocol |
|---|---|---|
| TCP Gateway | TCP CICS | no-TLS, two-way TLS |
| TCP Gateway | TCP IMS | no-TLS, one-way TLS |
| TCP CICS | TCP Gateway | no-TLS, two-way TLS |
| TCP IMS | TCP Gateway | no-TLS, one-way TLS |
By default, supported cipher suites include:
TLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_256_GCM_SHA384TLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256