IBM z/OS DFSMS control data sets must reside on separate storage volumes.

An XCCDF Rule

Description

<VulnDiscussion>Configuration settings are the set of parameters that can be changed in hardware, software, or firmware components of the system that affect the security posture and/or functionality of the system. Security-related parameters are those parameters impacting the security state of the system, including the parameters required to satisfy other security control requirements. Security-related parameters include, for example: registry settings; account, file, directory permission settings; and settings for functions, ports, protocols, services, and remote connections.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-223559r991589_rule
Severity: Medium
References: CCI-000366 CCI-000549
Updated: 17 days ago

Allocate the primary and backup SMS Control data sets on separate volumes.

Source Control Data Set (SCDS) contains a SMS configuration, which defines a storage management policy.

 Active Control Data Set (ACDS) contains a copy of the most recently activated configuration. All systems in a SMS complex use this configuration to manage storage.
Communications Data Set (COMMDS) contains the name of the ACDS containing the currently active storage management policy, the current utilization statistics for each system managed volume, and other system information.

The ACDS data set will reside on a different volume than the COMMDS data set.

Allocate backup copies of the ADCS and COMMDS data sets on a different shared volume from the primary ACDS and COMMDS data sets.

IBM z/OS DFSMS control data sets must reside on separate storage volumes.

Description

Remediation - Manual Procedure