Improve Security and Cut Help Desk Costs by Eliminating Static Passwords from Your Mainframe
When static passwords are forgotten, they can contribute to large aggregate costs in wasted help-desk time. When static passwords are written down, shared, or stolen, they can quickly place valuable systems, production workloads, and sensitive enterprise or customer data at grave risk. Data loss, tampering, and breach are all-but-certain to carry non-trivial competitive penalties, particularly in the current regulatory climate.
Rocket Strong Authentication Expert for z/OS meets your needs by extending strong, two-factor authentication to the mainframe. It enables two-factor authentication in as many or as few end points as needed, and supports a variety of external authentication servers and token devices.
- Replaces or supplements static passwords to improve security and accountability for your most powerful mainframe user accounts
- Integrates with IBM RACF, CA-ACF2, or CA-TopSecret user authentication exit points (ESM mode)
- Granular provisioning model simplifies roll-out for a variety of access control plans
- ESM mode allows two-factor credentials to be required for a subset of system users (other users can continue to log in with their usual User ID and Password)
- VTAM mode allows two-factor credentials to be required for a subset of access terminals
- Certified compatible with RSA Authentication Manager v7.x, and various RSA SecurID tokens and PIN pads
- Successfully tested with a variety of RADIUS server/token combinations
- z/OS V1R9, V1R10, V1R11 or V1R12
- If using ESM Mode, compatible security Manager - IBM RACF, CA ACF/2 or CA Top Secret
- If using RSA SecurID, network accessible RSA Authentication Manager Server
- If using Radius, suitable network accessible Radius Server