The SECLVL parameter on the application program's APPL definition statement indicates the degree of Level 2 session-level verification to be used if session-level verification is active.
Some products allow only Level 1 session-level security and some products allow Level 1 or Level 2 session-level security.
Products that allow both levels fall into two classes:
Level 1 is useful in a VTAM that can be backed out to an earlier level of VTAM that can only use Level 1 session-level security. This will prevent the class 2 products (restricted choice) from locking out subsequent sessions to the earlier release of VTAM.
Level 2 is useful when all the communicating products are capable of Level 2 session-level security to insure that an attempt at penetration, using the weaker Level 1 protocols, will be prevented.
For LU 6.2 sessions to use Level 2 session verification, each application program must be running under VTAM or under another product that supports Level 2 session verification.
If you choose the first alternative, you specify the SECLVL=LEVEL2 operand, which means that Level 2 session verification is used between LU 6.2 application programs that support Level 2 verification, and sessions are not allowed with partner LUs that do not support Level 2 verification.
If you choose the second alternative, you specify the SECLVL=ADAPT operand, which means that Level 2 session verification is used between LU 6.2 application programs that support Level 2 verification, and the earlier level of session verification is used when the partner LU does not support Level 2 verification.
If communicating with a Class 2 product and this level of VTAM can be backed out and replaced by a VTAM that does not support Level 2, then Level 1 must be specified.