Initialization Best Practices › Protect Critical System and User Data Sets › Systems Data Sets

Systems Data Sets

Each system data set is commonly referred to by its z/OS DDNAME. The actual data set name is dependent on the options chosen during installation.

The following is a list of the critical system data sets that must be protected:

CXX

Contains the definitions of all databases accessible in this CA Datacom environment.

• Required to do any function in CA Datacom
• Contains condensed metadata about the CA Datacom/DB databases
• Should be externally secured
  • Must be fully accessible to the user ID used to submit the MUF startup
  • Must be fully accessible to user IDs of users who want to execute any DBUTLTY functions opening the CXX

LXX

Contains user transaction data (including data rows) used to support transaction back out and database restart (after a failure).

• Required to start the MUF
• Contains user data from CA Datacom/DB databases
• Should be externally secured
  • Must be fully accessible to the user ID used to submit the MUF startup
  • Must be fully accessible to the user ID used to execute any DBUTLTY function that empties or reports on the contents of the LXX

FXX

Contains user transaction data (not including data rows) used to support fast database restart (after a failure).

• Required to start the MUF
• Does not contain any user data from CA Datacom/DB databases
• Should be externally secured
  • Must be fully accessible to the user ID used to submit the MUF startup
  • Must be fully accessible to the user ID used to execute the DBUTLTY function that empties the contents of the FXX

RXX

Contains user transaction data (including data rows) used to support database recovery from a backup after a data loss.

• Typically not required to start the MUF. For more information, see LOGRECV=YES in the CA Datacom/DB Database and Systems Administration Guide.
• Contains user data from CA Datacom/DB databases
• Should be externally secured
  • Must be fully accessible to the user ID used to submit the MUF startup with LOGRECV=YES specified
  • Must be fully accessible to the user ID used to execute the DBUTLTY function to spill LXX records to the RXX
  • Must be read accessible to the user ID used to execute any DBUTLTY function that reports on the contents of the RXX

The external security administrator should be very careful in granting access to the LXX and RXX data sets as user data rows from any table in the environment can appear on the data set. This data set should be as secure as the highest secured table in the environment.

Access to the CXX and FXX is typically not as secure. However, any inadvertent damage to the CXX could completely shut down the CA Datacom environment.