ACF2 Reviews

Name: ACF2
Brand: Broadcom
Rating: 4.5 (6 reviews)

4.5 out of 5

6 reviews
100% willing to recommend

What is ACF2?

CA ACF2™ for z/OS provides innovative, comprehensive security for your business transaction environments—including Linux, UNIX and z/OS on System z—helping you realize the reliability, scalability and cost-effectiveness of the mainframe. CA ACF2 provides an Advanced Authentication Mainframe feature, system entry validation, resource control, auditability, accountability, and administrative control. In conjunction with distributed security solutions from CA Technologies, CA ACF2 provides mobile-to-mainframe enterprise class security and compliance management.

Get the Mainframe Security Buyer's Guide and find out what your peers are saying about ACF2, IBM Security Guardium Data Protection, IBM Security zSecure and more!

ACF2 is the #6 ranked solution in top Mainframe Security solutions and #16 ranked solution in top Database Security solutions. PeerSpot users give ACF2 an average rating of 9.0 out of 10. ACF2 is most commonly compared to IBM Security Guardium Data Protection: ACF2 vs IBM Security Guardium Data Protection. ACF2 is popular among the large enterprise segment, accounting for 83% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 30% of all views.

Buyer's Guide

Mainframe Security

June 2025

Get the category report

Helped 861,390 peers since 2012

Featured ACF2 reviews

reviewer1077621

IT Examiner at a financial services firm with 10,001+ employees

It is a good product. It has been used for years. As long as it is configured correctly, it is a very stable product. It depends on how an institution or a company configures it. It depends on an institution's risk appetite. You need to make sure it is configured as per the concept of least privilege, and the logging features, detection and control mechanism, and other things like that are enabled. If you configure it to give access to the public, then there could be compromises. You should also have someone who independently checks it to make sure that it is configured keeping security in mind. If it has been configured for a while, when there are enhancements to the product or when you enhance it, you need to make sure that security is also looked at, and it is configured according to an institution's security policies. I would rate it a nine out of 10.

Read full review

reviewer1077621

IT Examiner at a financial services firm with 10,001+ employees

Any solution that would eliminate manual intervention further is a great improvement. A solution that requires less in the form of manual processing saves more time and effort. The user access review could also be improved. It produces a lot of false positives. Improvement that will minimize false positives and enhance the reliability of the results would be a welcome change.

Read full review

it_user811302

Technical Architect at a healthcare company with 10,001+ employees

To provide security for the z/OS operating system By providing a high level of access control to the z/OS systems, ACF2 allows us to maintain tight controls on dataset and system access. It also helps us keep unauthorized users from accessing PHI or PII data. The level of protection that ACF2…

Read full review

ACF2 mindshare

Product category:

As of July 2025, the mindshare of ACF2 in the Mainframe Security category stands at 11.4%, up from 9.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Mainframe Security

Key learnings from peers

Valuable Features

ACF2 excels in mainframe security by offering strict, reliable access control and user security management. Organizations value its automatic privilege assignments and rule management. NOACCESS by default and straightforward access rules enhance protection. Logging and monitoring are crucial, with real-time reporting on event logs saving time and optimizing resource allocation. Its security and resilience features make it essential in mainframe environments.

"Logging and monitoring are most valuable. It is for the mainframe environment, and it is at the forefront for security and resilience."
"Excellent real-time reporting that saves time and resources."
"The NOACCESS by default is another very good feature. Also, access rules are straightforward, and easy to understand."

Room for Improvement

ACF2 requires improvements such as an Eclipse interface for simpler programmable access, longer rules exceeding 32K, and browser support for tasks instead of 3270. It should reduce manual intervention and false positives in user access checks. Organizations suggest focusing on integration with distributed applications and adaptability to cloud environments. There's a call for unique, secure naming conventions for accounts and user IDs.

"They can work on its ability to work in a distributed environment. It's a mainframe product. As many companies move to the cloud, depending on what cloud models they choose, such as a public, hybrid, or private cloud, it should be deployable. I am not sure if it can be deployed on those platforms. It has been there since the '50s or '60s, and it's still scalable. It has survived all these years, and it's scalable to many platforms, but I don't know about the cloud."
"Reporting can sometimes include false positives."
"It needs longer rules. The max rule is 32K."

Popular Use Cases

Organizations primarily utilize ACF2 to manage security and user access on mainframe systems. They handle user authentication, profile access, and deprovisioning from applications. ACF2 is also used for monitoring log events through reporting. Additionally, it encompasses access management for z/OS operating systems, supporting authentication and access to various resources. Companies use the latest version of ACF2, which they host in-house.

Service and Support

ACF2 technical support is praised for its exceptional responsiveness and expertise, often prioritizing solving issues efficiently. Users appreciate the team's knowledge and ownership of problems. While current support staff are seen as helpful, there may be challenges related to outdated UID information and the need to rely on external resources. ACF2 customers generally express high satisfaction with technical support quality and reliability.

Deployment

Some users found ACF2's initial setup complex, especially if relying on contractors, as errors require a deep understanding of ACF2. Others weren't involved but heard it performed reliably. For some, achieving goals took time but was completed within six months, suggesting it's widely adopted by the IT group. Another described the setup as straightforward, while one reviewed ACF2's security assessment without handling deployment. ACF2 has unexplored capabilities still being considered.

Scalability

ACF2 exhibits robust scalability, seamlessly accommodating large organizations. It efficiently handles user authentication and role changes across thousands of employees. Users reported no issues even when integrating with LDAP or AD groups, ensuring secure extensions. With its ability to support numerous deployments, ACF2 remains an integral security manager for mainframe environments despite its legacy status. Users trust it to manage corporate access while efficiently adapting to staff changes.

Stability

ACF2 is 100% stable and exhibits many years of reliable use. Users experience no issues, emphasizing its robust nature. Stability depends on system administrators' configurations. When configured with security in mind, ACF2 maintains its stability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Mainframe Security Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Financial Services Firm

30%

Manufacturing Company

10%

Retailer

Insurance Company

Comms Service Provider

Computer Software Company

Government

Real Estate/Law Firm

University

Educational Organization

Healthcare Company

Hospitality Company

Wholesaler/Distributor

Consumer Goods Company

Energy/Utilities Company

Legal Firm

Logistics Company

Media Company

Museum Or Institution

Outsourcing Company

Performing Arts

Compare ACF2 with alternative products

Learn more about ACF2

ACF2 Features

ACF2 offers some of the following features:

Authentication: ACF2 is used for authenticating users and granting them access to profiles and various resources on the mainframe.
Access Control: The solution provides resource control, allowing administrators to control who can access specific mainframe resources.
Logging and Monitoring: Organizations can easily track and monitor activities on the mainframe. This feature enables the creation of audit trails for follow-up and helps with security analysis.
Metrics and Reporting: ACF2 allows the configuration of tools to produce different types of metrics and reports. These can then be used by senior management for making informed security decisions.
Comprehensive Security: The solution provides comprehensive security for mainframe environments, ensuring the protection of valuable data assets. It offers advanced authentication, system entry validation, and administrative control.
Streamlined Administration: It simplifies the administration of mainframe security by providing streamlined management capabilities. ACF2 also enables administrators to monitor and adjust security policies and accommodate various organizational structures.
Scalability: ACF2 offers reliable and scalable security, allowing businesses to expand their mainframe environments while maintaining a high level of protection.
Compliance Management: Organizations can meet compliance requirements by providing auditability, accountability, and comprehensive security controls.
Integration: ACF2 can integrate with distributed security solutions from CA Technologies, providing enterprise-class security and compliance management for mobile-to-mainframe environments.
Flexibility: ACF2 allows flexibility in adapting security policies to accommodate different organizational structures and requirements.