IT Central Station is now PeerSpot: Here's why

CA Top Secret OverviewUNIXBusinessApplication

What is CA Top Secret?

CA Top Secret for z/OS provides innovative, comprehensive security for your business transaction environments— including z/OS, UNIX and Linux on System z—helping you realize the reliability, scalability and cost-effectiveness of the mainframe. CA Top Secret provides an Advanced Authentication Mainframe feature, system entry validation, resource control, auditability, accountability, administrative control, and SAF compatibility. In conjunction with distributed security solutions from CA Technologies, CA Top Secret provides mobile-to-mainframe enterprise class security and compliance management.

CA Top Secret Customers

First Tennessee Bank

CA Top Secret Video

Archived CA Top Secret Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
it_user814482 - PeerSpot reviewer
Information Security Engineer at a financial services firm with 1,001-5,000 employees
Real User
Leaderboard
All the features help ensure we are compliant with banking regulations
Pros and Cons
  • "We have implemented two-factor authentication, which is a new piece of CA Top Secret."
  • "It would be helpful if they removed limitations on user record sizes."

What is our primary use case?

Top Secret is our external security manager for our mainframe systems.

How has it helped my organization?

It's an integral part of all of our mainframe security functions. It's the core of our mainframe security functions. It helps ensure that we are compliant with all of the various banking regulations, security regulations and requirements.

What is most valuable?

We make use of almost all the features of Top Secret:

  • Authentication
  • Authorization checks
  • Reporting on violations
  • Audit reporting

We have implemented two-factor authentication, which is a new piece of CA Top Secret. I think that those are the key areas.

What needs improvement?

I almost don't have any specific issues with the product. Any problems that we do encounter are always quickly addressed by the CA Top Secret support folks.

It would be helpful if they removed limitations on user record sizes.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Stability is a nine out of 10. Very rarely do we end up having program crashes, it's very rare. It's been very stable over the years that I've used it.

What do I think about the scalability of the solution?

I would say scalability is an eight out of 10.

How are customer service and support?

I would give them a 10 out of 10.

Which solution did I use previously and why did I switch?

It's not like I installed Top Secret and had something previously. Both of the shops that I have worked in already had Top Secret installed as a base product.

How was the initial setup?

We set up the security system for new systems when we installed those, so I would say that it's comparable to other products. I would say it's an eight out of 10.

What other advice do I have?

The security environment is constantly changing. The support for CA Top Secret is constantly upgrading the product to ensure that it's current with the industry needs for mainframe security.


Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user814479 - PeerSpot reviewer
Director with 51-200 employees
Real User
Leaderboard
Ensures that employees and others do not illegally access our systems
Pros and Cons
    • "The user interface could be improved. Sometimes, it is not simple to understand where a certain definition should be defined, and I go through a number of screens until I find where to do some of them."
    • "Make sure that there is a post-sale department in your country. We have experienced some post-sale problems to do with integration of CA products into our systems."

    What is our primary use case?

    To protect our assets from being accessed. First, that our employees do not have access to the data/information that is not valid for their positions. Second, to prevent illegal access to our systems.

    What is most valuable?

    All the features that we use are valuable. I cannot think of any special feature that is more valuable than other, especially as there are not many features that you can optionally use.

    What needs improvement?

    The user interface. Sometimes, it is not simple to understand where a certain definition should be defined, and I go through a number of screens until I find where to do some of them.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    No stability issues.

    What do I think about the scalability of the solution?

    No scalability issues.

    How are customer service and technical support?

    Excellent. Any issue that we have had in working with the product received the best response that we could have hoped for. The technicians that respond have great knowledge of how the product works and promptly responded with solutions to any problems that we have had over the years.

    Which solution did I use previously and why did I switch?

    As far as I know this is the only solution ever used. As Top Secret was installed before I started working for our office, I assume the challenge was to protect our assets.

    How was the initial setup?

    Initial setup was before my time, but over the years of using and upgrading through the releases of Top Secret I would say that the setup is very straightforward.

    What's my experience with pricing, setup cost, and licensing?

    I am not involved in this aspect of the business.

    What other advice do I have?

    Make sure that there is a post-sale department in your country. We have experienced some post-sale problems to do with integration of CA products into our systems.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    it_user558438 - PeerSpot reviewer
    Director at a financial services firm with 10,001+ employees
    Vendor
    Easy to use, enterprise-wide solution. I would like to see more emphasis on audit reporting.

    What is most valuable?

    The most valuable feature is ease of use.

    How has it helped my organization?

    This benefits our organization because it is an enterprise-wide solution.

    What needs improvement?

    I would like to see better reporting, more emphasis on audit reporting, and better scrubbing of the canned reports. 

    What do I think about the stability of the solution?

    The tool is stable.

    What do I think about the scalability of the solution?

    The solution scales easily.

    What other advice do I have?

    When selecting a vendor, the most important thing is support. If you are looking for mainframe security, get this solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user558108 - PeerSpot reviewer
    Head of Enterprise Partnerships | Wealth & Investment Management at a financial services firm with 1,001-5,000 employees
    Vendor
    In terms of authorization, it controls what access accounts have with the two resources on the mainframe.

    What is most valuable?

    Authentication and authorization. It is a security manager, so it has to validate all accounts that use the mainframe. In terms of authorization, it controls what access those accounts have with the two resources on the mainframe. That's the primary function of the product.

    How has it helped my organization?

    By securing the mainframe platform and the data that's on it.

    What needs improvement?

    I've got about 20 or 30 items. I would like to see the ability to create a CFILE backup from a backup. A CFILE is a sequential version of what you've got on your database. If you do it against your live database, you impair performance. I want to be able to create that from a backup of the database. That's one of our primary items that we need. Another item that we need is more capabilities around two-factor authentication (2FA). They are working on two-factor authentication and have been making good progress. It's not quite where it needs to be for us yet.

    What do I think about the stability of the solution?

    We push it harder than any other organization in the world. We're a very large organization and we run it harder than anybody should. We tend to find its limits. I would say that we're at the forefront of finding issues of scalability. To that extent, we often break it.

    What do I think about the scalability of the solution?

    There are scalability issues for extreme size. We are extreme. I think last month in terms of security calls, what they call "rock route calls", we executed 165 billion of them.

    How is customer service and technical support?

    We have an ongoing relationship with technical support. They are excellent.

    How was the initial setup?

    I've been involved in the setup of multiple CA security systems. Getting it going is very straightforward. To configure it to do what you want, you have to have an extreme knowledge of the z/OS operating system. I wouldn't say the software is hard to setup, but to configure it properly takes much more knowledge than just knowing the software. I've been doing this for 30-some-odd years now.

    What other advice do I have?

    When selecting a vendor, make sure they can keep up with you. The ongoing development, security, is an ever-changing item and they need to have sufficient development staff and capabilities to keep up with the industry. That is an area where I have a concern, because I don't see them keeping pace with what we're doing. Admittedly, we're at the forefront of a lot of stuff. It's all about the configuration. It's how you use it.

    There are only three players in mainframe security. There is RACF from IBM, there's ACF2 and Top Secret from CA. Each has its strengths and weaknesses. RACF is very robust at this point in time, but it takes third-party tools or an extreme knowledge of the z/OS operating system to use it properly.

    Top Secret is probably one of the easiest to use, but it's not quite as easy to customize. ACF2 is very, very easy to customize, it takes less technical knowledge than RACF but more than Top Secret. It's really a matter of finding a product that is suited to the way your organization does business. If it's a small organization with little in-depth security expertise, I would recommend Top Secret. If it's a very, very large organization, I would recommend something like RACF or ACF2.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user373287 - PeerSpot reviewer
    Manager of Operations Security at a financial services firm with 1,001-5,000 employees
    Video Review
    The reporting is everything to me as far as being able to respond quickly to either in-house, client, management, or auditor's concerns.

    What is most valuable?

    I find the ease of installation and the ease of understanding and reporting on the product is excellent. We are always debugging things. The reporting is everything to me as far as being able to respond quickly to either in-house concern, client concerns, or auditor's concerns, or management for that matter.

    What needs improvement?

    To me, I like the way they do the future stuff. I noticed they have a thing now where the password complexity is now going to be used for administrations as a control option. I'd like to see that more granular, see where you could get the passwords that are being enforced, but you can enforce it at different hierarchical layers between the product. Currently, it's all or nothing. I would like to see it a little bit more granular.

    For how long have I used the solution?

    With Top Secret, I'm very familiar with it, I've been with it for 27 years so to me the familiarity of the product is the biggest thing and I'm able to do things quickly because of that familiarity and my expertise.

    What do I think about the stability of the solution?

    The stability of the product is wonderful. The people who support the product, the ease of getting in touch with the support area, is great. The agile development teams and being involved in it, which we were, excellent. I love the way CA is doing things.

    What do I think about the scalability of the solution?

    We have a fairly large security database, multiple LPARs running the product. Very scalable to our current environment.

    How are customer service and technical support?

    The best. Believe me, I'm not not only responsible for Top Secret, I'm responsible for other security products. By far the best vendor that we have. The responsiveness. They come back immediately. If they don't know the answer, they get the answer, which is all you can ask for.

    Which solution did I use previously and why did I switch?

    For my group, we're decentralized administration. We have tons and tons of administrators across the platform. We have over a 130,000 users on the database and probably another 2,000 administrators. My group, I believe, should have the ability to turn that function off because we're a group of 5 people that are running the thing from the top. That's just my thought on the whole thing.

    How was the initial setup?

    I think it's straightforward, absolutely straightforward. For me, it's second nature.

    What other advice do I have?

    I'd give it a 9.5/10. I think it's a pretty good product. It was very well written and the ease of administration and the ease of the commands and the ease in which you can report on it are top notch.

    I'd start by calling support and getting their best recommendations for the current environment. I think the support group does a great job and they will direct you. Also, read the installation guide to do best practices through that. For the most part, the product installs fairly easily and if you have an understanding of the product before you start to install is a key thing. If you don't, you can make some grave mistakes in implementing the product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user350628 - PeerSpot reviewer
    Information Security Engineer at a financial services firm with 1,001-5,000 employees
    Vendor
    It protects our enterprise by providing an access monitor authentication protocol, although I'd like integration of cleanup data.

    Valuable Features

    HFS SEC is the most valuable feature for us because it's managed consistently as other resources are managed. It uses standard resource names instead of bit settings.

    Improvements to My Organization

    It protects our enterprise by providing an access monitor authentication protocol. All competitors do the same thing, but this does it the best.

    Room for Improvement

    I'd like integration of cleanup data with Top Secret.

    Deployment Issues

    I haven't had issues with deployment.

    Stability Issues

    The stability of it is pretty good. We've had no issues with stability. Our statistics show that we’re doing 115 billion security calls per month for just half of our system.

    Scalability Issues

    We’re running one of the largest installations in the world, and it’s scaled fine.

    Customer Service and Technical Support

    Technical support is excellent.

    Initial Setup

    I was not involved, as the initial setup was done in 1985. In new releases, installation is not easy and can take about four months to roll out.

    Other Advice

    Choose wisely because you’re getting married for life. Once you install it, it’s expensive and painful to go with something else.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user349389 - PeerSpot reviewer
    Sr. Supervisor Auditor at a financial services firm with 1,001-5,000 employees
    Vendor
    We implement the constant updates as they roll out, and they've met our needs.

    Valuable Features

    Being in risk and security, the biggest thing is the ability to adapt because right now we’re changing to model IDs. We work with HR to build out a system for personnel to be matched with levels of access to information.

    Improvements to My Organization

    It allows us to be more secure as enhancements come out. They’ve been great for us and we implement as they roll out. In banking, security is a priority, and we constantly get updates that meet our needs.

    Room for Improvement

    As an IT auditor, the UI is the tough part. You have to really know the commands. I’m more Windows/GUI, but with this, you need to read books or find someone to get the right commands. From the IT auditing standpoint, it needs to be a more simple to use.

    Stability Issues

    I haven’t seen any instances of instability from the auditing perspective. Any time there are issues, such as latency, they’re related to other aspects of our system, not Top Secret.

    Scalability Issues

    Not from my perspective. We always have projects going on that use it more and other systems talk with it, but I don’t know of any issues scaling.

    Customer Service and Technical Support

    We get great support from CA with questions. In the past, we’ve had issues with other vendors. We get great feedback. Whether by email or other communications, we hear back and get our questions answered pretty quickly. I’ve heard no complaints from the security side.

    Initial Setup

    I was not involved, but I did talk to someone who said they had bumps in the beginning, but not sure if it was just because we didn’t have enough expertise on our end. We had someone come in and take over the administration of Top Secret. But the recent releases and enhancements have had no major issues.

    Other Advice

    We’re always trying to evolve, and the enhancements help, but its intertwining of everything else we use isn’t as smooth as it should be, but that’s because we use software from IBM.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    it_user346125 - PeerSpot reviewer
    VP Enterprise Architecture Manager at FirstBank Puerto Rico
    Vendor
    ​It's centralized all the user security on a single tool, although I'd like to see integration with LDAP's services, because today we have the mainframe and Windows AD separated.

    What is most valuable?

    The most valuable feature for us is integration with the native mainframe security, extending the security.

    How has it helped my organization?

    It centralizes all the user security on a single tool, which has truly been the best part for us. Otherwise, it's a simple non-fancy product.

    What needs improvement?

    I'd like to see integration with LDAP's services, because today we have the mainframe and Windows AD separated. I would like to integrate both so they can work together.

    What do I think about the stability of the solution?

    It's perfect, but it's related to the stability of the mainframe itself. We have had no issues.

    What do I think about the scalability of the solution?

    We have 3,000 people using it with no issues of scalability.

    How are customer service and technical support?

    We use an internal support team, but we've had no problems.

    Which solution did I use previously and why did I switch?

    When we got our mainframe, we got this, and it's the standard in the market.

    How was the initial setup?

    I wasn't involved in the setup.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Product Categories
    Mainframe Security
    Quick Links