The IBM z/OS Policy Agent must contain a policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-223792	RACF-OS-000360	SV-223792r958902_rule		Medium

Description

DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.

STIG	Date
IBM z/OS RACF Security Technical Implementation Guide	2025-06-24

Details

Check Text (C-25465r515064_chk)

Examine the Policy Agent policy statements.

If it can be determined that policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces, this is not a finding.

Fix Text (F-25453r515065_fix)

Develop Policy application and policy agent to protect against or limit the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.