[Info-vax] What would you miss if DECnet got the chop? Was: "bad select 38" (OpenSSL on VMS)

[Dirk Munk]

Neil Rieck wrote:
> Example-1
>
> In a traditional proxy-server/firewall situation (10,000 ft view), you need to control communications between the internet and intranet.
>
> In one of our applications, we have an OpenVMS node on the public internet then a DECnet-only connection between that node and our primary business system. Now to be clear, this application is not a proxy-server per se; our customers "send an email" or "fire a webpage" on the public system. This event triggers home-grown software to send a formatted data message to the business system via DECnet. (there is no TCP/IP connections between these systems; if the smaller system was every compromised, someone would need DECnet skills to get across the DECnet link)
>
> ###
>

Indeed a scenario I have been thinking about too. No IP connection 
between your frontend and backend. Very difficult to breach, even if you 
can compromise the frontend.


> Example-2
>
> In our computer center, all of our systems employ a private DECnet network to backup their individual drives to a single very large drive on one system (our newest rx2800). Then we employ a private TCP/IP network to FTP all these savesets to a terabyte drive connected to a windows-7 system via USB (we bought 20 of these drives for under $100 each; these drives are in an off-site rotation).
>
> Primary recovery could be done by booting the OpenVMS boot media (once we get DECnet started then are able to connect to the rs2800). Secondary recovery (only if the rx2800 is down) would require us getting a system running with TCP/IP then FTPing from Windows-7.
>
> ###
>
> So dropping DECnet would cause us some problems.
>
> Neil Rieck
> Waterloo, Ontario, Canada.
>
>