NC-Pass
Control user ID and passwords for increased network security
NC-Pass enables you to increase network security by directing users via user ID and passwords to permitted applications only. NC-Pass gives you full control of logins, passwords and profiles from existing CA-ACF2, RACF, or CA-Top Secret databases. Plus, you can protect sensitive information by requiring users to provide additional personal token authentication information either at the application level, at the transaction level, or both.
- Increase your organization’s security by permitting or denying connection to specific applications
- Restrict terminal use to specific users and only for specific applications
- Limit full use of SME facility to non-sensitive applications, unless allowed by SME table
- Audit every action to central host, SMF or VSAM archive datasets
Features
Flexible transaction-level interface (TLI)
NC-Pass broadens your organization’s security beyond the VTAM network frontend to your user's business transaction. You can implement user authentication through the TLI from any point in the network by using the TCP/IP TLI. You can also use the TLI to request user ID and password validation from within the transaction, thus protecting sensitive transactions in excess of a certain value.
Home node processing
NC-Pass databases can be held on individual nodes supporting definitions for users and terminals assigned to that node in multi-node networks. Your users can specify the name of the machine to be authenticated, if connecting to a node that is not their regular connection machine. Home node processing is especially beneficial on large networks where users need access from home and remote locations.
Choice of three levels of NC-Pass for MVS systems
For MVS systems, you can choose from three levels of NC-Pass:
- NC-Pass VSSE (VTAM Session Security Exit) with the VTAM Session Management Exit (SME), you can allow only authorized connections. It controls which LU-to-LU sessions VTAM will allow or deny. Includes application-to-printer, peer-to-peer, terminal-to-application and network job entry (NJE) sessions.
- NC-Pass Secure gives your organization active network security and information protection by limiting users to permitted applications only, via user ID and passwords. It also includes the features of NC-Pass VSSE, enabling you to protect sensitive applications with user ID.
- NC-Pass Authenticator incorporates the full range of NC-Pass Secure features and includes three-factor authentication using personal devices. This option allows you to validate a user's identity via a user ID, a personal device-generated code and a user-changeable password.
Specifications
- Software environment
-
- IBM OS/390 or z/OS
- IBM OS/390 Security Server (RACF)
- CA-ACF2
- CA-Top Secret
- VTAM
- JES2 and JES3 .
- Devices
-
- ActivCard X9.9
- Defender
- CryptoCard
- Racal Safe S220
- RSA SecurID
- Digiline DigiPass
- Defender Go-1 and Defender Go-3
Resources
NC Pass Datasheet
Increase network security by limiting users to permitted applications via a user ID and password
- More Resources
- Research Docs
Take the next step
Related Products
NC-Syncom
Synchronize passwords across multiple systems, servers, networks and applications
Defender Mainframe Edition
Enable two-factor authentication for IBM System z mainframe networks or single business transactions
Support & Services
Product Support
Self-service tools will help you to install, configure and troubleshoot your product.
Support Offerings
Find the right level of support to accommodate the unique needs of your organization.