What EF for z/VSE can do for your business

The IBM Encryption Facility for z/VSE® (EF for z/VSE) applies the powerful encryption capabilities of the IBM mainframe to allow you to encrypt sensitive information to be exchanged with your partners, suppliers and customers. EF for z/VSE provides software-based encryption capabilities and makes use of IBM Z® crypto and compression hardware and key management.

It can encrypt single SAM files, VSAM files, VSE Library members, complete backups that were made using any z/VSE backup utility (such as IDCAMS, LIBR, POFFLOAD) or a vendor product. Encrypted data can also be exchanged between different operating systems.


Password-based creation of session keys

Uses data encryption with a randomly generated symmetric session key using AES-128 or Triple-DES algorithms.

Asymmetric encryption

Features asymmetric encryption of randomly generated symmetric keys using the RSA algorithm with key lengths of 512-bit, 1024-bit and 2048-bit.

Multi-file encryption

Supports encryption of single SAM files, VSAM files or z/VSE Library members. EF for z/VSE can also encrypt virtual or real tapes.

Complete backup encryption

Encrypts complete backups made with any backup tool either from IBM or vendors.

Compression capability

Supports hardware-accelerated compression before encryption.

Output flexibility

Provides output of encrypted data on disk, virtual tape or real tape.

Four good reasons to use EF for z/VSE

  • Address the need for heightened security
  • Gain flexibility of encrypted data exchange
  • Choose between two data encryption methods
  • Take advantage of the openPGP protocol