No more typing reviews! Try our Samantha, our new voice AI agent.

ACF2 vs CA VM:Secure comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ACF2
Ranking in Mainframe Security
4th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Database Security (12th)
CA VM:Secure
Ranking in Mainframe Security
10th
Average Rating
9.0
Reviews Sentiment
7.3
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Mainframe Security category, the mindshare of ACF2 is 12.4%, up from 11.4% compared to the previous year. The mindshare of CA VM:Secure is 4.7%, up from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Mainframe Security Mindshare Distribution
ProductMindshare (%)
ACF212.4%
CA VM:Secure4.7%
Other82.9%
Mainframe Security
 

Featured Reviews

reviewer1077621 - PeerSpot reviewer
IT Examiner at a financial services firm with 10,001+ employees
A reliable, scalable product for security and auditing of our mainframe environment
It is a good product. It has been used for years. As long as it is configured correctly, it is a very stable product. It depends on how an institution or a company configures it. It depends on an institution's risk appetite. You need to make sure it is configured as per the concept of least privilege, and the logging features, detection and control mechanism, and other things like that are enabled. If you configure it to give access to the public, then there could be compromises. You should also have someone who independently checks it to make sure that it is configured keeping security in mind. If it has been configured for a while, when there are enhancements to the product or when you enhance it, you need to make sure that security is also looked at, and it is configured according to an institution's security policies. I would rate it a nine out of 10.
it_user507375 - PeerSpot reviewer
Operating System Engineering at a financial services firm with 1,001-5,000 employees
It gives us a consolidated management tool to keep track of the user directories on our z/VM platform.
We had an issue a few weeks ago in a test environment after putting an upgrade on, but we think it turned out to be that it wasn't really CA's fault. We think it's a problem with IBM and the GDPS product, and a test was being done with it the night before. It caused some weirdness with other products that we found out later, because it allowed two machines to get read/write access to a single minidisk, which never should have happened. That caused problems for CA but it wasn't really their product. We ended up on the phone with them for quite a while until we realised it was something else.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is a good product."
"The NOACCESS by default is another very good feature. Also, access rules are straightforward, and easy to understand."
"I love their support. The support is great. They are number one."
"The most valuable feature is strict and reliable access control to CICS Resources."
"We use this tool to quickly assign privileges to different users as soon as they come in."
"Logging and monitoring are most valuable. It is for the mainframe environment, and it is at the forefront for security and resilience."
"Know that this tool is a great tool, a good tool to use, because you can quickly automate, quickly provision, and deprovision new users, which is essential when you are bringing new people onboard."
"Excellent real-time reporting that saves time and resources."
"As far as the functionality, stability and integration with the other products in their suite, I think this product would be hard-pressed to beat."
 

Cons

"They can work on its ability to work in a distributed environment. It's a mainframe product. As many companies move to the cloud, depending on what cloud models they choose, such as a public, hybrid, or private cloud, it should be deployable. I am not sure if it can be deployed on those platforms. It has been there since the '50s or '60s, and it's still scalable. It has survived all these years, and it's scalable to many platforms, but I don't know about the cloud."
"I would like my team and me to be able to use simple browsers, like Chrome, to be able to access mainframe data and provision users using the browser.​"
"It needs longer rules. The max rule is 32K."
"They can work on its ability to work in a distributed environment."
"The user access review could also be improved. It produces a lot of false positives."
"Initial setup could be complex if you rely on contractors to help with implementation."
"Reporting can sometimes include false positives."
"It might be nice if it had more of a modern-type GUI interface. Right now, it's all green screen-based."
report
Use our free recommendation engine to learn which Mainframe Security solutions are best for your needs.
904,748 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Educational Organization
10%
Manufacturing Company
10%
Comms Service Provider
8%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise4
No data available
 

Also Known As

CA ACF2
CA VM:Secure for z/VM
 

Overview

 

Sample Customers

Sky, Rogers Communications
Neovera, Vodafone Turkey, Comcast
Find out what your peers are saying about Idira by Palo Alto Networks, IBM, Broadcom and others in Mainframe Security. Updated: June 2026.
904,748 professionals have used our research since 2012.