Chart Key
Average Rating
Average rating based on reviews
Views
Number of total page views
Comparisons
Number of times compared to another product
Reviews
Total number of reviews on IT Central Station
Followers
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score. The score is calculated as follows: The product with the highest count in each area gets the highest available score. (20 points for Reviews; 16 points for Views, Comparisons, and Followers.) Every other product gets assigned points based on its total in proportion to the #1 product in that area. For example, if a product has 80% of the number of reviews compared to the product with the most reviews then the product's score for reviews would be 20% (weighting factor) * 80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our rating scale of 1-10. If a product has fewer than ten reviews, the point contribution for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews; two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old, as well as those written by resellers, are completely excluded from the ranking algorithm.

What is Mainframe Security?

Mainframe Security is a macro term that refers to a broad collection of tools and practices aimed at mitigating risks that affect mainframe systems (e.g. legacy systems, Z-series, etc.) Mainframe Security is about assuring the efficacy of a system’s security from aggressive attacks by unplanned access and unknown players.

Along with the alarming levels of viruses and malware, access to data and where that data ends up is at risk, exposing all of an organization’s human and non-human resources to these security breach attacks. IT Central Station InfoSec experts rely on secure protection of their IT environments on Mainframe hardware and installed software.

Mainframe Security planning should be thought of in terms of what particular data needs to be accessed and which users have permissions to access programs, databases, transactions, files, etc. and how strong or how many levels of permissions should the access allow? The key to today’s security issues is a proactive defense rather than having to explain and play “catch up.” It is recommended that Enterprises have experts who are responsible for systems security and must detect breaches as soon as possible with logs relevant to document the breach.

Mainframe Security is a multi-billion dollar industry supporting industries across the board and they themselves are tasked with constant updates and communications with those who use their services. Mainframe platforms are vulnerable - as we have seen global governments, and industries such as healthcare, banks and credit cards, entertainment, Internet providers and the military have unfortunately fallen victim to bad actor attacks. Systems are with criminal intent - the goal of exploiting stolen data.

For example, Mainframe Security professionals use Security and Incident and Event Management (SIEM) systems to track multiple device logs across a legacy environment. This might include collecting SIEM data on z/OS mainframes, DB2 database servers, firewalls and so forth. Usually, the tools provide dashboard views in a standard web browser designed for event messages.


Mainframe Security Reviews

Read reviews of Mainframe Security that are trending in the IT Central Station community:
Your trust is our top concern, so companies can't alter or remove reviews.
02e629cd 0b9d 43a1 948a 4630690737ab avatar
Real User
Chief Strategist at Mainframe analytics
Dec 07 2016

What is most valuable?

The most valuable feature of CA Data Content Discovery is the ability to recognize, in an intelligent and accessible way, which data sets on the mainframe contain sensitive data that needs to be protected from a governance and regulatory... more»

How has it helped my organization?

It allows people who are essentially technical, to go in and look at data from a business value perspective. They can recognize how regulatory compliance and other types of exposure help the company's business stay secure in a broader than... more»

What needs improvement?

It is still the initial phase of being rolled out and it is already an outstanding solution. However, there is no question that as more companies implement CA DCD, that opportunities to improve the product will be identified. I think the next... more»
Anonymous avatar x80
Real User
Sr. Information Security Architect MF at a financial services firm with 1,001-5,000 employees
Dec 01 2016

What is most valuable?

From a security perspective, the most interesting thing is the number of classifiers the product has right out of the box. When I first started with the product, it had 88 and now it has 133. So you know that CA has been working to add more... more»

How has it helped my organization?

It improves our understanding of where data is as opposed to having data, but not understanding the relationship of the data to things like PHI and PII and PCI information. These are now becoming more and more critical in organizations. When... more»

What needs improvement?

I'm on the sprint team so it means that I'm constantly talking with the developers. The product comes with 133 classifiers as I stated, but I have about 168. I've added classifiers that were important to me that the product didn't have. Those... more»
Mainframe security report from it central station 2018 04 29 thumbnail
Find out what your peers are saying about CA Technologies, IBM, Syncsort and others in Mainframe Security.
269,560 professionals have used our research since 2012.
Ca2
CA Technologies
Anonymous avatar x80
Real User
Head of Enterprise Partnerships | Wealth & Investment Management at a financial services firm with 1,001-5,000 employees
Dec 15 2016

What is most valuable?

Authentication and authorization. It is a security manager, so it has to validate all accounts that use the mainframe. In terms of authorization, it controls what access those accounts have with the two resources on the mainframe. That's the... more»

How has it helped my organization?

By securing the mainframe platform and the data that's on it.

What needs improvement?

I've got about 20 or 30 items. I would like to see the ability to create a CFILE backup from a backup. A CFILE is a sequential version of what you've got on your database. If you do it against your live database, you impair performance. I... more»
Ca2
CA Technologies
Anonymous avatar x80
Real User
Operating System Engineering at a financial services firm with 1,001-5,000 employees
Sep 11 2016

What do you think of CA VM:Secure for z/VM?

Valuable Features The most valuable features of the product are probably the capabilities, the functionality, and then the reliability. • Improvements to My Organization It gives us a consolidated management tool to keep track of the user directories on our z/VM platform, as opposed to having to use a bunch of disparate products to accomplish the task. • Room for Improvement It might be nice if it had more of a modern-type GUI interface. Right now, it's all green screen-based. Other than that, it does what it needs to do. • Use of Solution I've been using it for about eight years, since I joined the team. • Deployment Issues The upgrades I've been involved in have been smooth and compared to other products they seem to be pretty smooth. • Stability Issues We...
Ca2
CA Technologies
02e629cd 0b9d 43a1 948a 4630690737ab avatar
Real User
Chief Strategist at Mainframe analytics
Dec 04 2016

What is most valuable?

This product provides excellent quality for security in the mainframe environment.

How has it helped my organization?

Basically, it ensures that data is handled only by those who should be handling it and only in the way that they should be handling it. This product provides visibility and security as to how the data is being used.

What needs improvement?

There is always room for improvement in this product. If possible, I would recommend to have an Eclipse interface which can provide simplicity in programmable access. This will help in putting together more flexible solutions that interact... more»
Ca2
CA Technologies
Dfb04c17 9e85 47f1 b87d 69d3585aa853 avatar
Real User
Project Manager at a tech consulting company with 1,001-5,000 employees
Jan 08 2017

What is most valuable?

The most valuable feature is strict and reliable access control to CICS Resources. Valid access is positive; a block is a genuine block.

How has it helped my organization?

ACF2 provides us with compliance with SOX controls and full evidence of SoD adherence.

What needs improvement?

LIDs based on names are rapidly becoming useable. A primary key based on SSO IDs is preferred for LIDs in the UID string. This will also serve as a primary (and secure) key to owners of personal accounts. Functional and service accounts... more»
Ca2
CA Technologies
Anonymous avatar x80
Real User
Security Analyst
Dec 31 2017

What is most valuable?

One of the values in this industry is how it manages user security. We use this tool to quickly assign privileges to different users as soon as they come in. As soon as we onboard the users, we use CA ACF to assign privileges and assign rules to all the users. When the rule changes, we use CA ACF to change the rules or deprovision them from those rules and... more»

What needs improvement?

I would like to see browser support whereby we can work from our desktops instead of using the mainframe tool called 3270. I would like my team and me to be able to use simple browsers, like Chrome, to be able to access mainframe data and provision users using the browser.
Ca2
CA Technologies
Anonymous avatar x80
Real User
Information Security Engineer at a financial services firm with 1,001-5,000 employees
Feb 06 2018

What is most valuable?

We make use of almost all the features of Top Secret: * Authentication * Authorization checks * Reporting on violations * Audit reporting We have implemented two-factor authentication, which is a new piece of CA Top Secret. I think that those... more»

How has it helped my organization?

It's an integral part of all of our mainframe security functions. It's the core of our mainframe security functions. It helps ensure that we are compliant with all of the various banking regulations, security regulations and requirements.

What needs improvement?

I almost don't have any specific issues with the product. Any problems that we do encounter are always quickly addressed by the CA Top Secret support folks. It would be helpful if they removed limitations on user record sizes.
Ca2
CA Technologies
Anonymous avatar x80
Real User
Director
Feb 06 2018

What do you think of CA Top Secret?

Primary Use Case To protect our assets from being accessed. First, that our employees do not have access to the data/information that is not valid for their positions. Second, to prevent illegal access to our systems. • Valuable Features All the features that we use are valuable. I cannot think of any special feature that is more valuable than other, especially as there are not many features that you can optionally use. • Room for Improvement The user interface. Sometimes, it is not simple to understand where a certain definition should be defined, and I go through a number of screens until I find where to do some of them. • Use of Solution More than five years. • Stability Issues No stability issues. • Scalability Issues No scalability issues. • Customer...
Anonymous avatar x80
Real User
Mainframe Systems Programmer at a tech company with 51-200 employees
Mar 28 2017

What is most valuable?

* The zSecure Admin provides us with a much more user-friendly administration of the RACF database. * TopSecret and ACF2 are also supported (if they were ordered). * The Database Cleanup utility feature: Used for identifying and removing old... more»

How has it helped my organization?

* Simplifies browsing and working with the RACF database. * You no longer need to search for records. With the zSecure Admin, you can browse and change security records in the security database. * Lots of our customers have old security... more»

What needs improvement?

The reporting feature needs to improve. It would be nice to have more control of the output formatting. Sometimes the customers want a specific layout of reports, which is not always possible.
2be8aa9b 9218 4e29 87b5 89466f6a293d avatar
Real User
Mainframe Security Specialist, RACF and zSecure Technician, CA-TSS Specialist, Security Team Leader at a tech services company
Mar 08 2017

What is most valuable?

* Perfectly integrated with the z/OS operating system and all the other products in the IBM z/OS family. * Product updates are automatic and are released by IBM in conjunction with the z/OS upgrades. * The organizational process of the access... more»

How has it helped my organization?

It's very difficult for me to describe a concrete example. However, since we have been using RACF, our access permissions structure is much better organized and explained. We now have a one-to-one correspondence between a resource and access... more»

What needs improvement?

I would like the generation of RACF on-screen listings and reports to be more flexible. We security administrators often have to act quickly. Certain information should be available as quickly as possible.
Ca2
CA Technologies
Anonymous avatar x80
Real User
Technical Architect at a healthcare company with 1,001-5,000 employees
Jan 31 2018

What is most valuable?

* The level of protection that ACF2 provides. * The NOACCESS by default is another very good feature. * Access rules are straightforward, and easy to understand.

How has it helped my organization?

By providing a high level of access control to the z/OS systems, ACF2 allows us to maintain tight controls on dataset and system access. It also helps us keep unauthorized users from accessing PHI or PII data.

What needs improvement?

It needs longer rules. The max rule is 32K. It would be nice if the rules could be moved above the bar, which would allow for longer rules.
Anonymous avatar x80
Real User
Senior systems engineer at Unum
Mar 31 2017

What do you think of IBM Resource Access Control Facility?

Valuable Features It's completely secure. That's the best answer I can give you. We're able to do role-based security so when new people join the company we're able to quickly add them to the proper security through role-based security groups. Our resources are secured with this product. • Room for Improvement I would welcome something that is more easily integrated with distributor platforms. • Stability Issues The stability is excellent. • Scalability Issues It's only a mainframe product so it doesn't cross platforms. It does integrate with some of our distributed solutions which is good. Some of that we haven't fully implemented. • Customer Service and Technical Support I haven't personally used the technical support. • Previous Solutions We have other...
Anonymous avatar x80
Real User
IT Security Analyst Senior at a tech services company with 1,001-5,000 employees
Mar 09 2017

What do you think of IBM Resource Access Control Facility?

Valuable Features The granularity and ease of setting up role-based access. • Improvements to My Organization Through the use of ISPF tables, we were able to configure panels to aid with provisioning and administration functions. • Room for Improvement The way to pull security logs could be better. Currently, violations are written to SMF records. You need to run jobs to pull this info unless you are running tools to do this for you. • Use of Solution I have used it personally for five years. I have used it with the company for over 30 years. • Stability Issues We have not had any stability problems. • Scalability Issues We have not had any scalability problems. • Customer Service and Technical Support Technical support is exceptional. • Previous...
52db8f8f ff48 415f a7cc 3dca7a5b6b00 avatar
Real User
Senior Mainframe Security Engineer at a government with 1,001-5,000 employees
Mar 08 2017

What do you think of IBM Security zSecure?

Valuable Features Restoring the deleted object functionality (RA.4 – Recreate user/grp/ds/RES) The RACF database reporting feature: Is customizable through the CARLa programing language Event reporting from SMF • Improvements to My Organization The productivity and consistency in our organization has been improved by: The ability to easily generate reports A common interface for the security administrators • Room for Improvement There should be more supplied reports and CARLa samples. • Use of Solution I have used this tool for over ten years. • Stability Issues There were no stability issues. • Scalability Issues We did not experience any scalability issues. • Customer Service and Technical Support I would give the technical support a rating of 9/10....
Anonymous avatar x80
Real User
System Architect Z/OS at a tech services company with 501-1,000 employees
Mar 12 2017

What do you think of IBM Security zSecure?

Valuable Features All the features are valuable. These are the most valuable: Audits for rules Checks on databases • Improvements to My Organization Automates and simplifies management tasks Simplifies the management of multiple RACF databases: Integrates them quickly and efficiently • Room for Improvement I would like to see improvements in the certification (SSL). It must be less complicated. • Use of Solution It has been in use for over ten years. • Stability Issues We have not had any stability issues. • Scalability Issues We have not had any scalability issues. • Customer Service and Technical Support Technical support is optimal. • Previous Solutions I used CA Top Secret. • Pricing, Setup Cost and Licensing I do not have any...
Ca2
CA Technologies
Anonymous avatar x80
Real User
Director at a financial services firm with 1,001-5,000 employees
Jan 05 2017

What do you think of CA Top Secret?

Valuable Features: The most valuable feature is ease of use. • Improvements to My Organization: This benefits our organization because it is an enterprise-wide solution. • Room for Improvement: I would like to see better reporting, more emphasis on audit reporting, and better scrubbing of the canned reports.  • Stability Issues: The tool is stable. • Scalability Issues: The solution scales easily. • Other Advice: When selecting a vendor, the most important thing is support. If you are looking for mainframe security, get this solution.
Mainframe security report from it central station 2018 04 29 thumbnail
Find out what your peers are saying about CA Technologies, IBM, Syncsort and others in Mainframe Security.
269,560 professionals have used our research since 2012.

Sign Up with Email