CA-ACF2 Overview

This one-day course was designed and written by internationall- known mainframe security expert, Mark Wilson. It is taught by specialist security consultants from RSM Partners Ltd. The course provides an overview on how to administer a CA-ACF/2 system in a z/OS environment. It outlines the security functionality provided by native z/OS and CA-ACF/2, and will provide an overview of practical security administration. The course describes the CA-ACF/2 architecture, and the commands used to secure z/OS.

The Virtual Classroom Environment presentation of this course scheduled for 8 March will be presented on Eastern Standard Time (i.e. GMT + 5 hours).

Virtual Classroom Environment dates - click to book!

8 March 2019

What is a 'Virtual Classroom Environment'?


What do I need?

  • webcam
  • headphones with microphone
  • sufficient bandwidth, at least 1.5 Mb/s in each direction.


On successful completion of this course you will be able to:

  • recognise all of the major CA-ACF/2 components
  • describe how a well structured CA-ACF/2 database should be set up
  • begin to administer a CA-ACF/2 system.

Who Should Attend

The course is suitable for anyone wishing to gain a basic understanding of CA-ACF/2 security concepts.


Familiarity with the mainframe (IBM z/Series) server environment.


1 day

Fee (per attendee)

£525 (ex VAT)

Course Code



Introduction to CA-ACF/2

Need for security; General threats; Tightening security; Security policy; Naming standards; Security administration; Auditing.

Security Features

CA-ACF/2 terminology; Security features; User identification; Resource types; Types of access permission.

CA-ACF/2 Architecture

CA-ACF/2 architecture; ISPF interface; Databases; Logonids; Access rules; Resource rules; UID string; MVS implementation; CA-ACF/2 initialisation; CA-ACF/2 interfaces; Messages.

CA-ACF/2 Resources

CA-ACF/2 resources; Access rules; Control statements; Access rule entries; Modes; Example rule set; De-compiling; Compiling; Nextkeys; Resource rules; Control statements; Rule entries; Examples of a rule set; Listing a rule set; De-compiling; Compiling; CA-ACF/2 resource types; Logonids; Inserting a Logonid; Changing a Logonid; Listing a Logonid; Example Logonid; Logonid attributes.

Access Authorisation

Access authorisation; UID strings; Nextkeys; Compiling; ;De-compiling; How CA-ACF/2 checks authority; CA-ACF/2 SAF interface.

CA-ACF/2 System Options

CA-ACF/2 system options; GSO record types; Example display; Refresh the GSO options.

Further CA-ACF/2 Topics

Miscellaneous CA-ACF/2 information; ACFFDR; CA-ACF/2 and CICS; CA-ACF/2 CICS installation; CICS startup with CA-ACF/2 CICS; CICS system entry protection; CICS resource protection; CICS MRO protection; CA-ACF/2 CICS parameter options; Reporting; Messages; CA-ACF/2 and RACF; Mandatory Access Control (MAC); Distributed Database Feature (DDF); Common Propagation Feature; User defined security records and user exits; Session Managers and CA-ACF/2; Debugging and Tuning; DF/SMS support and program pathing.

Question & Answer Session

© RSM Technology 2018