DSMTC Subsystem
DSM/TC Subsystem
The Distributed Systems Management Tape Catalog (DSM/TC) subsystem manages tape files for the HP NonStop server systems. The DSM/TC subsystem supports the following functions:
A tape file can be accessed by name
Tape files are protected from being accidentally overwritten
Multiple tape file generations and versions within a generation can be managed
BACKUP tapes are more easily tracked
Scratch tapes can be assigned to users
Tapes can be managed and shared between nodes
Control of tapes can be centralized on one node
Tape catalog is stored in a NonStop SQL/MP database
Database is protected by NonStop TMF software
NonStop SQL/MP software can be used to query the database
The Corporate Security Policy should detail procedures for securing tapes in a tape library.
RISK Tapes can contain sensitive data. Securing the backup tapes and the utilities that can read or copy the data is imperative.
RISK Access to DSM/TC and its database facilitates identification of physical tapes. If a general user has access to identifying tapes and those tapes are not physically secure, the tapes are more vulnerable.
RISK Inappropriate usage of the DSM/TC catalog and the unauthorized manipulation of the catalog can destroy accessibility to physical tapes by the system software. Tapes can become orphaned from the catalog.
The components of DSM/TC are:
MEDIACOM
MEDIADBM
MEDIAMSG
MEDIASRV
MEDDEM
SQL/MP TAPE CATALOG
ZSVRCONF
ZSERVER
MEDIACOM
MEDIACOM is the interactive interface used to manage labeled-tape operations. It can:
Label new tapes and catalog them
Make tape mount requests
Manage the use of uncataloged tapes
Create scratch tapes
MEDIACOM must be enabled before it can be used on a system. It is enabled with a command in CONFTEXT file.
If MEDIACOM is enabled, both labeled and unlabeled tapes can be used.
If MEDIACOM is not enabled, only unlabeled tapes can be used.
Once MEDIACOM is enabled, all tape requests are routed through the tape server process of ZSERVER.
MEDIADBM
MEDIADBM is the SQL database manager process for DSM/TC. MEDIADBM is the interface for DSM/TC's SQL catalog and database tables.
MEDIAMSG
MEDIAMSG is a file containing the DSM/TC error and informative messages.
MEDIASRV
MEDIASRV is the interface between the management application and the other elements that make up the DSM/TC subsystem. MEDIACOM automatically opens a MEDIASRV server process whenever it needs to. One server process accommo-dates ten MEDIACOM users at a time. The default MEDIASRV process is named $XDMS.
MEDIASRV is also the programmatic interface to the DSM/TC subsystem. Management application control of the DSM/TC subsystem takes place by using procedures to communicate with the DSM/TC programmatic process, MEDIASRV.
MEDDEM
MEDDEM is ZSERVER's automatic tape expiration program. DSM/TC can be configured for this feature or it can be disabled.
SQL Tape Catalog and Database
The DSM/TC tape library is stored in an NonStop SQL/MP database. DSM/TC requires NonStop SQL/MP database to be installed and running. DSM/TC requires a DSM/TC system catalog and a tape database. DSM/TC can share the NonStop SQL/MP system catalog or defines its own.
AP-ADVICE-DSMTC-01 The SQL configuration of DSM/TC can be customized. Consult with the system manager to determine the location of the SQL/MP catalog and database for DSM/TC.
RISK The security of the DSM/TC SQL catalog and database might allow users with SQLCI access to access the DSM/TC catalog files outside of the DSM/TC controlled interface.
ZSERVER
ZSERVER is the labeled tape server process. There is one ZSERVER process pair for each system, usually named $ZSVR. The $ZSVR process pair is normally started as part of the standard system startup procedure.
Securing DSM/TC Components
BP-FILE-DSMTC-01 MEDIACOM should be secured "UUCU".
BP-OPSYS-OWNER-01 MEDIACOM should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 MEDIACOM must reside in $SYSTEM.SYSnn.
BP-FILE-DSMTC-02 MEDIADBM should be secured "UUCU".
BP-OPSYS-LICENSE-01 MEDIADBM must be LICENSED.
BP-OPSYS-OWNER-01 MEDIADBM should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 MEDIADBM must reside in $SYSTEM.SYSnn.
BP-FILE-DSMTC-03 MEDIAMSG should be secured "CUCU".
BP-OPSYS-OWNER-01 MEDIAMSG should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 MEDIAMSG must reside in $SYSTEM.SYSnn.
BP-PROCESS-MEDIASRV-01 $ZDMS process should be running.
BP-FILE-DSMTC-04 MEDIASRV should be secured "UUCU".
BP-OPSYS-LICENSE-01 MEDIASRV must be LICENSED.
BP-OPSYS-OWNER-01 MEDIASRV should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 MEDIASRV must reside in $SYSTEM.SYSnn.
BP-FILE-DSMTC-05 MEDDEM should be secured "UUCU".
BP-OPSYS-OWNER-01 MEDDEM should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 MEDDEM must reside in $SYSTEM.SYSnn.
BP-PROCESS-ZSERVER-01 $ZSVR process should be running.
BP-FILE-DSMTC-06 ZSERVER should be secured "UUCU".
BP-OPSYS-LICENSE-01 ZSERVER must be LICENSED.
BP-OPSYS-OWNER-01 ZSERVER should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-01 ZSERVER must reside in $SYSTEM.SYSnn.
BP-FILE-DSMTC-07 DSM/TC SQL Catalog should be secured "CCCU".
BP-OPSYS-OWNER-03 DSM/TC SQL Catalog should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-03 DSM/TC SQL Catalog resides in $<vol>.?.
BP-FILE-DSMTC-08 DSM/TC SQL Database should be secured "CCCU".
BP-OPSYS-OWNER-03 DSM/TC SQL Database should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-03 DSM/TC SQL Database resides in $<vol>.?.
MEDIACOM Commands with Security Implications
MEDIACOM allows users access to copy or destroy sensitive data on tape media and to manipulate the DSM/TC catalog. The following list of commands is controlled by DSM/TC for SUPER Group only.
ADD
ALTER
CREATE
DELETE
DROP
LABEL
TAPEDRIVE
3P-ACCESS-MEDIACOM-01 If a third party product is used to grant access to MEDIACOM running as a SUPER group userid , these commands should be denied to all SUPER users other than the designated SUPER user responsible for tapes.
MEDIACOM allows any users access to RECOVER a tape to disk. It is not necessary to be in the SUPER Group to perform the RECOVER command.
RECOVER
3P-ACCESS-MEDIACOM-02 If a third party product is used to grant access to MEDIACOM, secure the RECOVER command should be denied to all users other than the designated SUPER user responsible for tapes.
If available, use Safeguard software or a third party object security product to grant access to MEDIACOM object files only to users who require access in order to perform their jobs.
BP-SAFE-DSMTC-01 Add a Safeguard Protection Record to grant appropriate access to the MEDIACOM object file.
| Discovery Questions | Look here: | |
|---|---|---|
| FILE-DSMTC | Is DSM/TC used for tape cataloging? | Policy |
| PROCESS-MEDIASRV-01 | Is the $ZDMS process running? | Status |
| PROCESS-ZSERVER-01 | Is the $ZSVR process running? | Status |
| OPSYS-OWNER-01 | Who owns the MEDIACOM object file? | Fileinfo |
| OPSYS-OWNER-01 | Who owns the MEDIADBM object file? | Fileinfo |
| OPSYS-OWNER-01 | Who owns the MEDIAMSG object file? | Fileinfo |
| OPSYS-OWNER-01 | Who owns the MEDIASRV object file? | Fileinfo |
| OPSYS-OWNER-01 | Who owns the MEDDEM object file? | Fileinfo |
| OPSYS-OWNER-01 | Who owns the ZSERVER object file? | Fileinfo |
| OPSYS-OWNER-03 | Who owns the DSM/TC tape catalog and databases? | SQLCI |
| OPSYS-LICENSE-01 | Is the MEDIADBM object file licensed? | Fileinfo |
| OPSYS-LICENSE-01 | Is the MEDIASRV object file licensed? | Fileinfo |
| OPSYS-LICENSE-01 | Is the ZSERVER object file licensed? | Fileinfo |
| FILE-POLICY | Who is allowed to execute MEDIACOM on the system? | Policy |
| FILE-DSMTC-01 | Is the MEDIACOM object file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
| FILE-DSMTC-02 | Is the MEDIADBM object file secured correctly? | Fileinfo |
| FILE-DSMTC-03 | Is the MEDIAMSG object file secured correctly? | Fileinfo |
| FILE-DSMTC-04 | Is the MEDIASRV object file correctly secured with the Guardian or Safeguard system? | Fileinfo Safecom |
| FILE-DSMTC-05 | Is the MEDDEM file secured correctly? | Fileinf |
| FILE-DSMTC-06 | Is the ZSERVER file secured correctly? | Fileinfo |
| FILE-DSMTC-07 | Is the DSM/TC tape SQL catalog secured correctly? | SQLCI |
| FILE-DSMTC-08 | Are the DSM/TC tape SQL database objects secured correctly? | SQLCI |
Related Topics
DSM/SCM
TAPECOM
NonStop SQL database
