For the best web experience, please use IE11+, Chrome, Firefox, or Safari


Control user ID and passwords for increased network security.

NC-Pass enables you to increase network and mainframe security by directing users via user ID and passwords to permitted applications only. NC-Pass gives you full control of logins, passwords and profiles from existing CA-ACF2, RACF, or CA-Top Secret databases. Plus, you can protect sensitive information by requiring users to provide additional personal token authentication information either at the application level, at the transaction level, or both.

Control user ID and passwords for increased network security

Key Benefits

Increase your organization’s mainframe security by permitting or denying connection to specific applications

Restrict terminal use to specific users and only for specific applications

Limit full use of SME facility to non-sensitive applications, unless allowed by SME table

Audit every action to central host, SMF or VSAM archive datasets


Flexible transaction-level interface (TLI)

NC-Pass broadens your organization’s mainframe security beyond the VTAM network frontend to your user's business transaction. You can implement user authentication through the TLI from any point in the network by using the TCP/IP TLI. You can also use the TLI to request user ID and password validation from within the transaction, thus protecting sensitive transactions in excess of a certain value.

Home node processing

NC-Pass databases can be held on individual nodes supporting definitions for users and terminals assigned to that node in multi-node networks. Your users can specify the name of the machine to be authenticated, if connecting to a node that is not their regular connection machine. Home node processing is especially beneficial on large networks where users need access from home and remote locations.

Choice of three levels of NC-Pass for MVS systems

For MVS systems, you can choose from three levels of NC-Pass:
  • NC-Pass VSSE (VTAM Session Security Exit) with the VTAM Session Management Exit (SME), you can allow only authorized connections. It controls which LU-to-LU sessions VTAM will allow or deny. Includes application-to-printer, peer-to-peer, terminal-to-application and network job entry (NJE) sessions.
  • NC-Pass Secure gives your organization active network and mainframe security and information protection by limiting users to permitted applications only, via user ID and passwords. It also includes the features of NC-Pass VSSE, enabling you to protect sensitive applications with user ID.
  • NC-Pass Authenticator incorporates the full range of NC-Pass Secure features and includes three-factor authentication using personal devices. This option allows you to validate a user's identity via a user ID, a personal device-generated code and a user-changeable password.


Software environment
  • IBM OS/390 or z/OS
  • IBM OS/390 Security Server (RACF)
  • CA-ACF2
  • CA-Top Secret
  • VTAM
  • JES2 and JES3
  • .
  • ActivCard X9.9
  • Defender
  • CryptoCard
  • Racal Safe S220
  • RSA SecurID
  • Digiline DigiPass
  • Defender Go-1 and Defender Go-3

Get started now

Support & Services

Product Support

Self-service tools will help you to install, configure and troubleshoot your product.

Support Offerings

Find the right level of support to accommodate the unique needs of your organization.