Who knows more about protecting zSystems than zSystems people?

Who knows more about protecting zSystems than zSystems people? Join your zSystems Security Community now!

See the product details for IBM Z Multi-Factor Authentication - Updated for V2.0

What Multi-factor Authentication can do for your business

Mainframe systems are the foundation of trusted digital experiences for most of the world’s largest companies and organizations. However, passwords protecting critical users, data and applications are a relatively simple point of attack for hackers to exploit because passwords rely on user education and compliance for both implementation and control. Using a variety of methods such as social engineering and phishing, criminals have exploited employees, partners, and general users to hack into even the most secure platforms.

IBM Z Multi-Factor Authentication (IBM Z MFA) raises the level of assurance of your mission-critical systems with expanded authentication capabilities and options for a comprehensive, user-centered strategy to help mitigate the risk of compromised passwords and system hacks. Our designers are also IBM Z MFA users. Across every new version, we incorporate their growing knowledge and expertise of real-world mainframe security scenarios.

Enhance logon security

Require multiple authentication factors to protect accounts and reduce risk for critical applications and data—even if one of the factors is discovered.

Ease regulatory compliance

Address regulatory and industry requirements for strong user authentication and audit support, including PCI-DSS, NIST, GDPR, PSD2 and emerging mandates such as CCPA in California and LGPD in Brazil.

Centralize and simplify management

Centralize factor information in RACF to simplify control, accelerate factor deployment and improve administrative efficiency.

Latest IBM Z Multi-Factor Authentication features (v2.2)

  • Pluggable authentication modules
  • Configure multiple instances of select MFA factors
  • Addition of a “Console Modify” command
  • Documentation and formal support for customer use of policy authentication
  • MFA configuration option to request browser clients receiving cache token credentials mask the display of such credentials
  • Support for RSA SecurID authentication
  • Web-based ESM password reset feature

Additional IBM Z Multi-Factor Authentication features (v2.1)

  • Expanded across z/VM operating systems (new in 2.1)
  • Supports production of secure credentials within and beyond the boundary of a Sysplex cluster where the credential was generated (new in 2.1)
  • Extensions for RACF, ACF2 and TopSecret with auditing and provisioning
  • Centralized RACF, ACF2 and TopSecret database support
  • RADIUS support: RSA, Gemalto and generic
  • IBM ISAM integration
  • IBM CIV integration
  • Native Yubico support
  • IBM TouchToken and generic TOTP
  • Certificate-based authentication, PIV, CAC card support
  • Compound authentication
  • Fault tolerance and application exemption