z/OS DFSMS Software Support for IBM System Storage TS1140, TS1130, and TS1120 Tape Drives (3592)
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Modifying your dump classes

z/OS DFSMS Software Support for IBM System Storage TS1140, TS1130, and TS1120 Tape Drives (3592)
SC23-6854-00

The method for requesting encryption depends on whether you plan to use hardware encryption or host-based encryption, as follows:
  • To request hardware encryption for a dump class, specify it in the SMS data class for the dump data.
  • To request host-based encryption for a dump class, use the DFSMShsm DEFINE DUMPCLASS(ENCRYPT) command. With ENCRYPT, include the RSA or KEYPASSWORD subparameters to specify the type of host-based encryption. ENCRYPT(NONE) specifies host-based encryption should not be done.

If your dump classes are currently defined to use host-based encryption (and possibly host-based compression before encryption), it is recommended that you remove the host-based encryption requests from any dump classes for which you plan to use tape hardware encryption.

During the process of migrating your dump classes to use hardware encryption, you might have some dump classes that are still defined to use host-based encryption, while their associated SMS data classes are defined to use tape hardware encryption. Here, DFSMSdss ignores requests for host-based encryption for these tape volumes and, instead, uses hardware encryption. This processing allows you to complete the migration to hardware encryption without having to modify your dump-requesting jobs. However, removing host-based encryption requests from a dump class when tape hardware encryption is also requested can avoid confusion concerning which process is active.
Note:
  1. To determine whether hardware encryption or host-based encryption was used for a particular tape volume, check the associated dump volume record (DVL).
  2. If more than one dump class is specified (creating more than one dump copy), those dump classes specify host-based encryption, each dump class has a unique data class assigned, and some but not all of the associated data classes request tape hardware encryption, then all dump copies will fail. In other words, tape hardware encryption can override host-based encryption for all dump classes associated with a source volume or none of the dump classes, but it cannot override a subset of those dump classes.
Related reading:
Parent topic: DFSMShsm considerations for the TS1140 tape drive

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014