Try our new research platform with insights from 80,000+ expert users

ACF2 vs IDERA SQL Compliance Manager comparison

Broadcom and IDERA are both solutions in the Database Security category. Broadcom is ranked #16, while IDERA is ranked #12. Broadcom holds a 0.8% mindshare in DS, compared to IDERA’s 0.8% mindshare. Additionally, 100% of Broadcom users are willing to recommend the solution, compared to 100% of IDERA users who would recommend it.
ACF2
Read 6 ACF2 reviews
  • 79 Views
  • 44 Comparison Views
100% willing to recommend
IDERA SQL Compliance Manager
Read 5 IDERA SQL Compliance Manager reviews
  • 190 Views
  • 68 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Apr 6, 2025

IDERA SQL Compliance Manager and ACF2 are competing products in the data management and security space. IDERA SQL Compliance Manager is often preferred for its competitive pricing and customer support, while ACF2 is chosen for its superior features in data protection.

Features: IDERA SQL Compliance Manager offers valuable features like comprehensive auditing, tracking SQL statements, and customizable alerts. Its straightforward database structure enhances usability for users requiring detailed compliance oversight. ACF2 provides robust features such as strict and reliable access control to CICS resources, excellent security quality in mainframe environments, and straightforward access rules for enhanced protection.

Room for Improvement: IDERA SQL Compliance Manager could improve by expanding its feature set beyond compliance to include more advanced security functions. Simplifying its database queries for even easier access would be beneficial, as well as enhancing automated reporting features. ACF2 could focus on simplifying its deployment process, reducing its complexity for quicker setup. Improving the interface for better usability and enhancing customer support for smoother troubleshooting would be advantageous.

Ease of Deployment and Customer Service: IDERA SQL Compliance Manager is noted for its straightforward deployment and responsive customer support, making it accessible to organizations of various scales. In contrast, ACF2 involves a more complex deployment model requiring more time and expertise, potentially complicating setup and troubleshooting interactions.

Pricing and ROI: IDERA SQL Compliance Manager attracts budget-conscious buyers with its cost-effective pricing and favorable ROI, making it a viable option for organizations focusing on compliance management. ACF2, while more expensive initially, delivers strong ROI through its advanced security features, appealing to entities prioritizing data protection at a higher cost.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed ACF2 vs. IDERA SQL Compliance Manager Report (Updated: April 2025).
Buyer's Guide
ACF2 vs. IDERA SQL Compliance Manager
April 2025
Download the complete report
Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ACF2
Ranking in Database Security
16th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Mainframe Security (6th)
IDERA SQL Compliance Manager
Ranking in Database Security
12th
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
5
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2025, in the Database Security category, the mindshare of ACF2 is 0.8%, up from 0.6% compared to the previous year. The mindshare of IDERA SQL Compliance Manager is 0.8%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Database Security
 

Featured Reviews

reviewer1077621 - PeerSpot reviewer
A reliable, scalable product for security and auditing of our mainframe environment
It is a good product. It has been used for years. As long as it is configured correctly, it is a very stable product. It depends on how an institution or a company configures it. It depends on an institution's risk appetite. You need to make sure it is configured as per the concept of least privilege, and the logging features, detection and control mechanism, and other things like that are enabled. If you configure it to give access to the public, then there could be compromises. You should also have someone who independently checks it to make sure that it is configured keeping security in mind. If it has been configured for a while, when there are enhancements to the product or when you enhance it, you need to make sure that security is also looked at, and it is configured according to an institution's security policies. I would rate it a nine out of 10.
Read full review
Database5b8b - PeerSpot reviewer
Enables us to track changes to databases and tables, but the dashboard doesn't always work as expected
What would really be nice is if it were a bit more flexible, in several ways. The assistant for creating rules is nice, as it looks like Microsoft Outlook, but it's not flexible enough. What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name. Because in our environment, we're suffering from the fact that we have a huge amount of login events. A really huge amount of login events. We have gigabytes of login and logout from the same application; sometimes, several thousand times within one second. These are very badly coded applications for sure, but we have a lot of that. We didn't code them ourselves. It's bought software. We need filter rules for certain combinations as I mentioned above. These rules have to be maintained and have to be audited by the people that take care of the applications that cause the login events. It's difficult for us because we don't want to give them access to Compliance Manager. What would very much easier for us is to give them some kind of self-service to take care of a list of a combination of host, account, and application name, because only they know whether this combination is valid or not. They know how their application service is named and what services they're using. They have to maintain this list. It would be much easier if there was a table that we would maintain, or they would maintain via self-service, and we could use this table to establish these filter rules. At the moment, we have to check all the rules after this table is maintained by our colleagues who maintain or run the applications. After that, I wrote a stored procedure that creates, depending on the table, new rules in Compliance Manager, but that's a workaround. It's not a really nice solution, so it would be much better if Compliance Manager would have functionality like that built in. That's one thing. Another nice feature would be concerning GDPR: some kind of base-lining of database access or some kind of inventory for tables or certain columns or types of columns. IDERA already has several other tools, free tools, to search for certain criteria of columns holding things like credit card numbers, for example. It would be nice if that would be a feature within Compliance Manager, as it's very a very similar thing, it goes hand in hand.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The NOACCESS by default is another very good feature. Also, access rules are straightforward, and easy to understand."
"We use this tool to quickly assign privileges to different users as soon as they come in."
"Excellent real-time reporting that saves time and resources."
"Logging and monitoring are most valuable. It is for the mainframe environment, and it is at the forefront for security and resilience."
"I love their support. The support is great. They are number one."
"The tool can track logins and login failures. I made my own alert so that if there is a certain number of login failures for a server, it emails me. That is really useful. If I want logins to automatically lock out after a certain number of failed attempts, I can know when that happens."
"The ability to track activity including the SQL statements is definitely valuable. I really like how the database is laid out. It's straightforward. I can query the back-end tables. I've made a few of my own email alerts based on the data and the tables. It's accessible."
"The initial setup was straightforward."
 

Cons

"They can work on its ability to work in a distributed environment. It's a mainframe product. As many companies move to the cloud, depending on what cloud models they choose, such as a public, hybrid, or private cloud, it should be deployable. I am not sure if it can be deployed on those platforms. It has been there since the '50s or '60s, and it's still scalable. It has survived all these years, and it's scalable to many platforms, but I don't know about the cloud."
"It needs longer rules. The max rule is 32K."
"I would like my team and me to be able to use simple browsers, like Chrome, to be able to access mainframe data and provision users using the browser.​"
"Reporting can sometimes include false positives."
"What would really a good thing is if you could refer to an external list or table for filtering on, say, certain applications, IP addresses, or host names; or perhaps even combinations of host name and application name."
"The set up is kind of clunky, in my opinion. It's not really intuitive. If they had either a smoother install or better instructions, that would be nice."
"I submitted a ticket (last year) about archiving/grooming of old records because the GUI functionality was not working. Per their recommendation, I ended up using a command line to do it."
"Its filtration and navigation are not the best."
"There is an agent that collects the data on SQL Server. Sometimes it will stop collecting. I'm not exactly sure what's happening but I have to go in and manually restart the agent. It would be nice if the central collection server could send a request to the agent to restart."
 

Pricing and Cost Advice

Information not available
"I feel the product's pricing is a good value."
"The pricing is pretty good."
"It's a good price value... The other tools weren't cheaper."
"The product is cheaper than other products I checked but it is still a good idea to check again and compare."
report
See which vendors are best for you
Use our free recommendation engine to learn which Database Security solutions are best for your needs.
See recommendations
850,236 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
33%
Computer Software Company
8%
Insurance Company
8%
Retailer
8%
No data available
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is a good length for a password in ACF2 so it's safe?
A set length of 12 characters can ensure the safety of a system. Longer passwords provide an added layer of security, especially when combined with other password complexity requirements. With a le...
See all answers
Is ACF2 suitable for beginners?
ACF2 can be suitable for beginners with the right guidance and support. While it may have a steep learning curve for many due to its complexity, it offers extensive documentation and resources that...
See all answers
What types of auditing and reporting capabilities does ACF2 offer?
ACF2's reporting capabilities are highly valuable. It offers various predefined reports that provide insights into our system's security posture. These reports include information on user access pr...
See all answers
Ask a question
Earn 20 points
 

Comparisons

Top Secret vs ACF2 Logo
Top Secret vs ACF2
Compared 49% of the time
IBM Resource Access Control Facility vs ACF2 Logo
IBM Resource Access Control Facility vs ACF2
Compared 35% of the time
IBM Security Guardium Data Protection vs ACF2 Logo
IBM Security Guardium Data Protection vs ACF2
Compared 16% of the time
More ACF2 Competitors
No data available
 

Product Reports

Buyer's Guide
Mainframe Security
April 2025
ACF2 reportDownload ACF2 product report
Buyer's Guide
IDERA SQL Compliance Manager
April 2025
IDERA SQL Compliance Manager reportDownload IDERA SQL Compliance Manager product report
 

Also Known As

CA ACF2
IDERA SQL CM
 

Overview

CA ACF2™ for z/OS provides innovative, comprehensive security for your business transaction environments—including Linux, UNIX and z/OS on System z—helping you realize the reliability, scalability and cost-effectiveness of the mainframe. CA ACF2 provides an Advanced Authentication Mainframe feature, system entry validation, resource control, auditability, accountability, and administrative control. In conjunction with distributed security solutions from CA Technologies, CA ACF2 provides mobile-to-mainframe enterprise class security and compliance management.

ACF2 Features

ACF2 offers some of the following features:

  • Authentication: ACF2 is used for authenticating users and granting them access to profiles and various resources on the mainframe.

  • Access Control: The solution provides resource control, allowing administrators to control who can access specific mainframe resources.

  • Logging and Monitoring: Organizations can easily track and monitor activities on the mainframe. This feature enables the creation of audit trails for follow-up and helps with security analysis.

  • Metrics and Reporting: ACF2 allows the configuration of tools to produce different types of metrics and reports. These can then be used by senior management for making informed security decisions.

  • Comprehensive Security: The solution provides comprehensive security for mainframe environments, ensuring the protection of valuable data assets. It offers advanced authentication, system entry validation, and administrative control.

  • Streamlined Administration: It simplifies the administration of mainframe security by providing streamlined management capabilities. ACF2 also enables administrators to monitor and adjust security policies and accommodate various organizational structures.

  • Scalability: ACF2 offers reliable and scalable security, allowing businesses to expand their mainframe environments while maintaining a high level of protection.

  • Compliance Management: Organizations can meet compliance requirements by providing auditability, accountability, and comprehensive security controls.

  • Integration: ACF2 can integrate with distributed security solutions from CA Technologies, providing enterprise-class security and compliance management for mobile-to-mainframe environments.

  • Flexibility: ACF2 allows flexibility in adapting security policies to accommodate different organizational structures and requirements.

ACF2 Benefits

Some of the benefits that ACF2 provides are:

  • Enhanced security and resilience

  • Streamlined administration

  • Reliable and scalable security

  • Comprehensive audit capabilities

  • Cost-effectiveness

  • Integration with other security solutions

  • Simplified identity and access management

  • Compliance management

  • Efficient monitoring and reporting

Reviews from Real Users

According to an IT Examiner at a financial services firm with 10,000+ employees, "ACF2 is extremely beneficial for the mainframe environment, and it is at the forefront for security and resilience."

Broadcom

SQL Compliance Manager helps database administrators to monitor, audit, and alert on SQL Server user activity and data changes. Unlike its competition, it provides quick configuration of audit settings, a broad list of regulatory guideline templates for audit settings and reports, before and after data values for both regulatory compliance and forensic data investigations, differentiation of data access and between regular and privileged users and applications, easy specification of and reporting on sensitive data columns access and changes, and extensive customization of audit settings for databases and servers.

IDERA
 

Sample Customers

Sky, Rogers Communications
Hanger; AmerisourceBergen; CMS Energy; Manulife Financial; Patterson Companies; Pfizer; Rockwell Automation; TrialCard; Unum; Verizon Communications; Skygen USA; Calpine Energy Solutions; Standard Chartered PLC; TrialCard, Inc.; Raffles Hospital; Houston Methodist; Community America Credit Union; Noble Americas Energy Solutions LLC; QuikTrip Corporation; HUK COBURG; OneBeacon Insurance Group, Ltd.
Buyer's Guide
ACF2 vs. IDERA SQL Compliance Manager
April 2025
Free Report: ACF2 vs. IDERA SQL Compliance Manager
Find out what your peers are saying about ACF2 vs. IDERA SQL Compliance Manager and other solutions. Updated: April 2025.
DOWNLOAD NOW
850,236 professionals have used our research since 2012.
See our ACF2 vs. IDERA SQL Compliance Manager report.
See our list of best Database Security vendors.

We monitor all Database Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.