The Advanced Adapter for CA-ACF2 provides a native interface between your application or identity infrastructure and the ACF2 security manager installed on a z/OS Mainframe. The adapter functions as a trusted virtual administrator on the target system, performing tasks, such as creating login IDs, changing passwords and managing access rule permissions. The adapter enables provisioning and reconciliation events with the ACF2 security manager, automating some of the functions that administrators usually perform manually. The Advanced Adapter for CA-ACF2 enables you to use ACF2 either as a managed (target) resource or as an authoritative (trusted) source of identity information for your application or identity infrastructure.

The IdF Advanced Adapter for ACF2 enables an identity infrastructure to support and manage your policy, profiles, identity events and other resources on your mainframe. This tool reduces administration time, increases operational efficiency and reduces security risk. It is very important to note that the IdF mainframe solution provides the mechanism to retrieve critical data required that would meet corporate and regulatory polices. Capturing real-time event data helps monitor policy information which helps track who made critical changes to users and users permissions.

Product Features

  • Authentication | Authorization
  • Bi-Directional User Profile Synchronization
  • Password Management
  • Real-Time Reconciliation
  • Alias Management
  • Access & Resource Rule Management
  • Real-Time Audit and Compliance Capture
  • Extend custom attributes and legacy applications

Product Benefits

  • Risk Reduction
  • Policy and Regulatory Compliance
  • Increase operational efficiency
  • Reduced administration costs
  • Improved Security
  • Extends current technology investments

Component Overview

The IdF Advanced Adapter for ACF2 is comprised of the Pioneer provisioning agent and the Voyager reconciliation agent. Both components in conjunction with the IdF LDAP Gateway enables the IdF Advanced Adapter for ACF2 the ability to provide for bi-directional support for transformation of native ACF2 commands to LDAP and LDAP commands to ACF2.

The Pioneer (provisioning) agent receives identity and authorization change events, effectuating requested changes upon the target system. The Pioneer agent is a mainframe component that executes native requests that are sent from your application or identity infrastructure.

The Voyager (reconciliation) agent sends real-time notification events of user profile changes to the identity application from the target host system. The agent detects events such as user addition and deletion and changes in status, attribute, group membership and/or password.