First of all, you probably want to restrict users who will be signing on via Webulator/400 to the applications that you have selected for their use. This means that the user should not be presented with a command line. The command line allows users to enter commands, including commands that you may not want them to execute - such as the CALL command to call a program, or STRPASTHR to access another system. At minimum, the SNDMSG command in the wrong user's hands can be a real nuisance. This includes the availability of the command line on some IBM provided displays. An operation as simple as the WRKJOB command (to allow the user to view and affect aspects of their individual job), while automated as part of a menu, still has a command line associated with it.
Inquiries and simple data entry that is run through a verification and authentication process are probably the best applications for global Internet access. These applications allow users the ability to view information about your company and its products, as well as enter limited information to order products or request more detailed inquiries. They also allow for the entry of order requests that can easily be followed up or verified after the fact.