Mainframe Software

 View Only

Announcing the General Availability of the Advanced Authentication Mainframe feature for CA ACF2™ and CA Top Secret® at No Additional Cost To Licensed Customers

By dubma04 posted Apr 18, 2016 10:41 AM


We are excited to announce the general availability of the Advanced Authentication Mainframe feature for CA ACF2™ and CA Top Secret® at no additional cost to licensed customers. This initial release of the functionality supports use of RSA® SecurID® tokens as the second factor. Click here for more information on RSA SecurID.


CA Technologies continues to invest in mainframe data protection, in this case, the CA ACF2 and CA Top Secret offerings.


This continued investment is why CA now offers the option for two-factor authentication of mainframe users using RSA® SecurID® tokens. In this latest enhancement, the Advanced Authentication Mainframe feature for CA ACF2 and CA Top Secret gives customers an increased level of diligence for qualifying whether a user seeking access to z/OS is who they say they are. This is a recognized best practice that all are encouraged to adopt.


The authentication requires that the user enter the value provided by the RSA token, which is then checked against a synchronization server before authentication is granted. The value changes frequently, making it far more difficult for cyber criminals to gain access.


The Advanced Authentication Mainframe feature is designed to prevent data breaches and address customer compliance requirements by leveraging the existing enterprise security infrastructure, delivering compliant two-factor authentication for privileged users, or all users, on the mainframe, automatically updating controls, and addressing regulatory requirements for two-factor authentication.


More specifically, the Advanced Authentication Mainframe feature:


• Addresses NIST standards, supporting RSA SecurID hard and soft tokens for two-factor authentication to z/OS.

• Leverages CA Top Secret and CA ACF2 R16 installations along with current RSA SecurID v7.x or v8.x infrastructure for implementation.

• Enables a consistent two-factor authentication approach across mainframe and enterprise infrastructures, for those organizations using RSA SecurID.

• Requires any individual user, group of users, or all users to authenticate successfully with two factors before logging into z/OS applications.

• Maps user IDs between the mainframe and RSA Synchronization Server.

• Requires selected applications to use two-factor authentication and leverages all authentication options offered through RSA SecurID.


There has been a growing recognition in the industry and amongst security practitioners that mainframes are subject to attacks in ways never originally contemplated. Innovations such as adding the Advanced Authentication Mainframe feature to CA ACF2 and CA Top Secret is therefore critical to our customers and the wider mainframe ecosystem in which we participate.


For any questions regarding the CA ACF2 and CA Top Secret Advanced Authentication Mainframe feature, please contact John Pinkowski at


To learn more, read Mainframe General Manager Ashok Reddy’s latest Highlight blog:

1 comment
1 view