Intranet

Enhanced Definition

An Intranet is a private, internal computer network within an organization that uses Internet protocols and technologies (like TCP/IP, HTTP) to share information, operational systems, and computing services exclusively among its employees. In the mainframe context, it refers to the internal network infrastructure through which z/OS applications and data are made accessible to authorized users and other systems within the enterprise, often via web browsers or client applications.

Key Characteristics

- Private Access: Restricted to authorized users within the organization, unlike the public internet.
- Standard Protocols: Utilizes common internet protocols such as TCP/IP, HTTP/HTTPS, FTP, and SMTP for communication.
- Mainframe as Backend: z/OS systems frequently serve as robust backend servers, hosting critical applications, databases (like DB2, IMS), and transaction processing systems (CICS, IMS TM) that are accessed via the Intranet.
- Security Focus: Emphasizes internal security measures, including firewalls, intrusion detection, and strong authentication mechanisms, to protect sensitive corporate data.
- Connectivity: Mainframes connect to the Intranet via Open Systems Adapter (OSA) cards, enabling high-speed, reliable IP connectivity.
- Application Delivery: Facilitates the delivery of internal web-based applications, portals, and services to employees.

Use Cases

- Employee Self-Service Portals: Hosting internal HR, benefits, payroll, or company news applications where the mainframe provides the underlying data and transaction processing.
- Internal Business Applications: Providing web-based access to core enterprise applications such as inventory management, financial reporting, or customer relationship management, with CICS or IMS transactions on z/OS handling the business logic.
- Data Reporting and Analytics: Delivering internal dashboards and reports generated from mainframe-resident data (DB2, IMS DB, VSAM) to web browsers or client applications over the Intranet.
- API Gateways: Mainframes expose RESTful or SOAP APIs through z/OS Connect EE or CICS Web Support, allowing internal applications on various platforms to consume mainframe services over the Intranet.
- Legacy Application Modernization: Presenting traditional green-screen mainframe applications (e.g., TSO, CICS 3270 screens) through web interfaces via terminal emulators or screen scrapers accessible over the Intranet.

Related Concepts

The Intranet relies heavily on z/OS Communications Server for TCP/IP networking, which enables the mainframe to participate as a full -fledged IP host. OSA adapters are the physical connection points from the mainframe to the Intranet's network infrastructure. Components like CICS Web Support, z/OS HTTP Server, and z/OS Connect EE allow mainframe applications to serve web content and APIs, making them accessible to Intranet clients. Security products like RACF are crucial for authenticating and authorizing users accessing mainframe resources via the Intranet, ensuring data integrity and confidentiality.

Best Practices:

Network Segmentation: Implement network segmentation and DMZ configurations to isolate mainframe-serving Intranet applications and data, enhancing security.
Strong Authentication and Authorization: Utilize robust security mechanisms like RACF, ACF2, or Top Secret for all Intranet-accessible mainframe resources, often integrated with enterprise identity management systems.
TLS/SSL Encryption: Always enforce HTTPS for all sensitive data transmission between Intranet clients and mainframe applications to protect data in transit.
Performance Monitoring and Tuning: Continuously monitor z/OS Communications Server performance, OSA utilization, and application response times to ensure optimal Intranet service delivery.
API Management: For mainframe APIs exposed over the Intranet, implement proper API management practices, including versioning, rate limiting, and comprehensive logging.