ACF2 Overview

This one-day course has been designed and written by internationally-known mainframe security expert, Mark Wilson, and is taught by specialist security consultants. The course provides an overview on how to administer an ACF2 system in a z/OS environment. It outlines the security functionality provided by native z/OS and ACF2, and will provide an overview of practical security administration. The course describes the ACF2 architecture, and the commands used to secure z/OS.

This course is only available for exclusive, one-company presentations.

What you will learn

On successful completion of this course you will be able to:

  • recognise all of the major ACF2 components
  • describe how a well structured ACF2 database should be set up
  • begin to administer a ACF2 system.

Who Should Attend

The course is suitable for anyone wishing to gain a basic understanding of ACF2 security concepts.


Familiarity with the mainframe (IBM Z Series) server environment.


1 day

Fee (per attendee)


Course Code



Introduction to ACF2

Need for security; General threats; Tightening security; Security policy; Naming standards; Security administration; Auditing.

Security Features

ACF2 terminology; Security features; User identification; Resource types; Types of access permission.

ACF2 Architecture

ACF2 architecture; ISPF interface; Databases; Logonids; Access rules; Resource rules; UID string; MVS implementation; ACF2 initialisation; ACF2 interfaces; Messages.

ACF2 Resources

ACF2 resources; Access rules; Control statements; Access rule entries; Modes; Example rule set; De-compiling; Compiling; Nextkeys; Resource rules; Control statements; Rule entries; Examples of a rule set; Listing a rule set; De-compiling; Compiling; ACF2 resource types; Logonids; Inserting a Logonid; Changing a Logonid; Listing a Logonid; Example Logonid; Logonid attributes.

Access Authorisation

Access authorisation; UID strings; Nextkeys; Compiling; ;De-compiling; How ACF2 checks authority; ACF2 SAF interface.

ACF2 System Options

ACF2 system options; GSO record types; Example display; Refresh the GSO options.

Further ACF2 Topics

Miscellaneous ACF2 information; ACFFDR; ACF2 and CICS; ACF2 CICS installation; CICS startup with ACF2 CICS; CICS system entry protection; CICS resource protection; CICS MRO protection; ACF2 CICS parameter options; Reporting; Messages; ACF2 and RACF; Mandatory Access Control (MAC); Distributed Database Feature (DDF); Common Propagation Feature; User defined security records and user exits; Session Managers and ACF2; Debugging and Tuning; DF/SMS support and program pathing.

Question & Answer Session

© RSM Technology 2021