For the best web experience, please use IE11+, Chrome, Firefox, or Safari

Defender Mainframe Edition

Two-factor authentication for mainframe

Achieve two-factor authentication (2FA) for your entire IBM System z mainframe network – or single business transactions – with Defender Mainframe Edition (ME). It enhances security by enabling your organization to authenticate users at three levels: application selection, business transaction or network entry. Defender ME incorporates the latest cryptographic hardware technologies and supports the most widely used password tokens.


Network security

Validate users before they enter the network by extending security defenses from the kernel of the individual mainframe systems to the network periphery.

Application/transaction protection

Restrict user access to permitted applications only by using their ID and passwords to log in. And for higher level access, you can require that users provide additional personal token information, such as two-factor authentication (2FA), at the transaction level, the application level or both.


Select a solution that fits your organization’s needs with support for any OATH-compliant token (from any OATH-compliant hardware vendor).

RSA SecureID support

Provides security and reliability, while controlling costs, with support for the RSA SecureID AES token with nine-digit serial numbers and for 128-bit AES tokens. Plus, save hassle for your users with AES tokens as they no longer will need to connect to a RSA ACE®, UNIX or Windows server to be authenticated.


Accelerates message warnings (including NewView alerts) to a central host or operator console.

MVS system support

Supports Multiple Virtual Storage (MVS) systems with Defender’s three levels:


  • Defender ME VSSE – Controls which LU-to-LU sessions will be allowed or denied by VTAM, including application-to-printer, peer-to-peer, terminal-to-application and Network Job Entry (NJE) sessions.
  • Defender ME Secure – Restricts your users to permitted applications only, providing your organization with information protection and active network security. Also enables you to validate through a user ID.
  • Defender ME Authenticator – Provides you with all the features of Defender ME Secure, in addition to incorporating multi-factor authentication: user ID, personal device-generated code and user-changeable password.

Transaction-level interface (TLI)

Broadens security outside the VTAM network front end to your users’ business transactions. Requests password validation and user ID from within the transaction to protect your organization’s sensitive transactions.

Home-node processing

Allows your users to specify the name of the machine on which they would like to be authenticated, which is especially beneficial if your users access from both home and remote locations.


  • IBM z Series
Operating System
  • IBM z/OS (all levels)
Security system

Get started now

Support & Services

Product Support

Self-service tools will help you to install, configure and troubleshoot your product.

Support Offerings

Find the right level of support to accommodate the unique needs of your organization.