We just raised a $30M Series A: Read our story

IBM Resource Access Control Facility OverviewUNIXBusinessApplication

What is IBM Resource Access Control Facility?

In 1976, IBM set the standard for security products when RACF was introduced!

From the beginning, the RACF Development Team has proudly brought you RACF, the premier product for securing your most valuable corporate data. Working closely with your operating system's existing features, IBM's award-winning Resource Access Control Facility (RACF) licensed program provides improved security for an installation's data. RACF protects your vital system resources and controls what users can do on the operating system.

You decide which resources you want to protect and which users need access to them. RACF provides the functions that let you:

  • identify and verify system users
  • identify, classify, and protect system resources
  • authorize the users who need access to the resources you've protected
  • control the means of access to these resources
  • log and report unauthorized attempts at gaining access to the system and to the protected resources
  • administer security to meet your installation's security goals

IBM Resource Access Control Facility is also known as IBM RACF.

IBM Resource Access Control Facility Video

Archived IBM Resource Access Control Facility Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
KC
Senior systems engineer at Unum
Real User
Leaderboard
We're able to do role-based security so when new people join the company we're able to quickly add them to the proper security through role-based security groups.

What is most valuable?

It's completely secure. That's the best answer I can give you. We're able to do role-based security so when new people join the company we're able to quickly add them to the proper security through role-based security groups. Our resources are secured with this product.

What needs improvement?

I would welcome something that is more easily integrated with distributor platforms.

What do I think about the stability of the solution?

The stability is excellent.

What do I think about the scalability of the solution?

It's only a mainframe product so it doesn't cross platforms. It does integrate with some of our distributed solutions which is good. Some of that we haven't fully implemented.

How are customer service and technical support?

I haven't personally used the technical support.

Which solution did I use previously and why did I switch?

We have other solutions in place, and we had CA Top Secret in place before we used RACF. The purchase was a decision outside of my hands.

How was the initial setup?

I was responsible for the implementation for the products for which I'm responsible that need RACF security.

Which other solutions did I evaluate?

We looked for transportability in evaluated products but that was twenty-five years ago so I have no idea what was evaluated.

What other advice do I have?

I would recommend it as a mainframe solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user622731
IT Security Analyst Senior at a tech services company with 1,001-5,000 employees
Consultant
ISPF tables aid with provisioning and administration functions.

What is most valuable?

The granularity and ease of setting up role-based access.

How has it helped my organization?

Through the use of ISPF tables, we were able to configure panels to aid with provisioning and administration functions.

What needs improvement?

The way to pull security logs could be better. Currently, violations are written to SMF records. You need to run jobs to pull this info unless you are running tools to do this for you.

For how long have I used the solution?

I have used it personally for five years. I have used it with the company for over 30 years.

What do I think about the stability of the solution?

We have not had any stability problems.

What do I think about the scalability of the solution?

We have not had any scalability problems.

How are customer service and technical support?

Technical support is exceptional.

Which solution did I use previously and why did I switch?

We had CA Top Secret. We switched for easier maintenance and better integration with IBM z/OS.

How was the initial setup?

The initial setup was straightforward. The IBM books walk you through the setup. The technical staff at IBM is a great resource.

What's my experience with pricing, setup cost, and licensing?

It can be costly, but necessary, for an IBM mainframe running z/OS.

Which other solutions did I evaluate?

We evaluated ACF2 and Top Secret.

What other advice do I have?

If you are running ACF2 or Top Secret, the switch is well worth it. Do it.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a test site for new IBM hardware.
it_user621837
Mainframe Security Specialist, RACF and zSecure Technician, CA-TSS Specialist, Security Team Leader
Vendor
Access rights management is reliable. Generating on-screen listings and reports could be more flexible.

What is most valuable?

  • Perfectly integrated with the z/OS operating system and all the other products in the IBM z/OS family.
  • Product updates are automatic and are released by IBM in conjunction with the z/OS upgrades.
  • The organizational process of the access rights management is very simple and reliable.
  • We can affirm that only authorized users gain access to protected resources.

How has it helped my organization?

It's very difficult for me to describe a concrete example. However, since we have been using RACF, our access permissions structure is much better organized and explained. We now have a one-to-one correspondence between a resource and access rights of that resource.

What needs improvement?

I would like the generation of RACF on-screen listings and reports to be more flexible. We security administrators often have to act quickly. Certain information should be available as quickly as possible.

For how long have I used the solution?

I have been using it since May, 2015.

How are customer service and technical support?

I would give technical support a rating of 4/5.

Which solution did I use previously and why did I switch?

Before May 2015, my company was using CA Top Secret, the most relevant competitor to IBM RACF in the mainframe security administration.

CA Top Secret is also a good product, but my company has preferred IBM RACF for the valuable features.

How was the initial setup?

In our case, the initial configuration was not easy because we performed a conversion from CA Top Secret to IBM RACF. But with our strong will, we have succeeded.

Disclosure: I am a real user, and this review is based on my own experience and opinions.