CA-ACF2 Overview

This one-day course is designed, written and presented by an industry-recognised specialist security consultant. It provides an overview on how to administer a CA-ACF/2 system in a z/OS environment. The course will outline the security functionality provided by native z/OS and CA-ACF/2, and will provide an overview of practical security administration. The course describes the CA-ACF/2 architecture, and the commands used to secure MVS.

This course is only available for one-company, on-site presentations.


On successful completion of this course you will be able to:

  • recognise all of the major CA-ACF/2 components
  • describe how a well structured CA-ACF/2 database should be set up
  • begin to administer a CA-ACF/2 system.

Who Should Attend

The course is suitable for anyone wishing to gain a basic understanding of CA-ACF/2 security concepts.


Familiarity with the mainframe (IBM z/Series) server environment.


1 day

Fee (per attendee)


Course Code



Introduction to CA-ACF/2

Need for security; General threats; Tightening security; Security policy; Naming standards; Security administration; Auditing.

Security Features

CA-ACF/2 terminology; Security features; User identification; Resource types; Types of access permission.

CA-ACF/2 Architecture

CA-ACF/2 architecture; ISPF interface; Databases; Logonids; Access rules; Resource rules; UID string; MVS implementation; CA-ACF/2 initialisation; CA-ACF/2 interfaces; Messages.

CA-ACF/2 Resources

CA-ACF/2 resources; Access rules; Control statements; Access rule entries; Modes; Example rule set; De-compiling; Compiling; Nextkeys; Resource rules; Control statements; Rule entries; Examples of a rule set; Listing a rule set; De-compiling; Compiling; CA-ACF/2 resource types; Logonids; Inserting a Logonid; Changing a Logonid; Listing a Logonid; Example Logonid; Logonid attributes.

Access Authorisation

Access authorisation; UID strings; Nextkeys; Compiling; ;De-compiling; How CA-ACF/2 checks authority; CA-ACF/2 SAF interface.

CA-ACF/2 System Options

CA-ACF/2 system options; GSO record types; Example display; Refresh the GSO options.

Further CA-ACF/2 Topics

Miscellaneous CA-ACF/2 information; ACFFDR; CA-ACF/2 and CICS; CA-ACF/2 CICS installation; CICS startup with CA-ACF/2 CICS; CICS system entry protection; CICS resource protection; CICS MRO protection; CA-ACF/2 CICS parameter options; Reporting; Messages; CA-ACF/2 and RACF; Mandatory Access Control (MAC); Distributed Database Feature (DDF); Common Propagation Feature; User defined security records and user exits; Session Managers and CA-ACF/2; Debugging and Tuning; DF/SMS support and program pathing.

Question & Answer Session

© RSM Technology 2018