CA VM:Secure product Rules Facility must be installed and operating.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-237897 | IBMZ-VM-000010 | SV-237897r858923_rule | CCI-000015 | high |
| Description | ||||
| Enterprise environments make account management for operating systems challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other errors. IBM z/VM requires an external security manager to assure proper account management. Satisfies: SRG-OS-000001-GPOS-00001, SRG-OS-000080-GPOS-00048 | ||||
| STIG | Date | |||
| IBM zVM Using CA VM:Secure Security Technical Implementation Guide | 2022-08-31 | |||
Details
Check Text (C-237897r858923_chk)
Verify an "ACCESS RULE" record exists on the system using the following command:
VMSECURE CONFIG PRODUCT
If there is no "ACCESS RULE" record, this is a finding.
Verify that CA VM:SECURE RULES can be added using the following command:
VMSECURE RULES USER
If a rules file does not open, this is a finding.
Fix Text (F-41066r858922_fix)
Ensure the Rules Facility is installed and the Product Config file contains an "ACCESS RULES" statement.