As I recall, there is a "shadow sysplex" within the main sysplex that keeps the PCI data separate from "general data".
See if you can find a copy of "PCI COMPLIANCE with z/OS Communcations Server and System z" from Gwen Dente at IBM. It will answer many of your questions.... If you can't find it , contact Gwen (gdente at us.ibm.com) HTH, <snip> We are in the process of implementing the Payment Card Industry Data Security Standards and in an effort to cover everything and not be obliged to look at each instance in a one-off we are curious how other sysplex implementations were done. We would like to understand if we can approach this as virtually a single system image with the appropriate obfuscation, data and network access controls or if it gets more complicated than that. We're running a single zOS sysplex that hosts all our workload and we'd like to keep it that way. We've read the PCI-DSS standard documentation and were impressed by how much they leave open to interpretation and we have read the atsec doc on large system implementations. </snip> ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
