NC-Pass Modernization Guide

NC-Pass is a security application that runs on z/OS. It restricts user access to specific VTAM applications and can enforce multi-factor authentication using personal tokens. This helps organizations control access to sensitive mainframe resources.

NC-Pass is an application that enhances the security of existing VTAM applications on z/OS. It is not a system or a toolset, but rather a security layer that integrates with existing mainframe infrastructure.

Organizations that rely on VTAM applications on z/OS and need to restrict user access based on application or require stronger authentication methods would benefit from NC-Pass. This includes financial institutions, government agencies, and any enterprise with sensitive mainframe data.

A company should consider NC-Pass when they need to limit which VTAM applications users can access, or when they need to implement multi-factor authentication for mainframe access. This is especially important when dealing with sensitive data or compliance requirements.

Alternatives to NC-Pass include other mainframe security products that offer access control and authentication features. Examples include IBM Resource Access Control Facility (RACF) and Computer Associates ACF2. These products provide broader security features, but NC-Pass focuses specifically on VTAM application access.

NC-Pass runs on the z/OS operating system and requires VTAM to be active. It operates within an LPAR and integrates with existing security systems like RACF, ACF2, or Top Secret. It needs access to user authentication databases and token management systems.

NC-Pass is deployed on-premise within the z/OS environment. It requires technical expertise in z/OS, VTAM, and mainframe security. Implementation involves configuring access rules, integrating with authentication systems, and testing the configuration.

NC-Pass enhances the security of VTAM applications. It does not replace VTAM, but rather adds a layer of access control and authentication. It works in conjunction with VTAM to provide a more secure environment.

NC-Pass integrates with existing security systems on z/OS, such as RACF, ACF2, or Top Secret. It uses these systems for user authentication and authorization. It can also integrate with external authentication systems via standard protocols.

NC-Pass helps organizations reduce the risk of unauthorized access to sensitive mainframe applications and data. By limiting access to specific VTAM applications and enforcing multi-factor authentication, it prevents data breaches and ensures compliance with security regulations.

Without NC-Pass, organizations are more vulnerable to unauthorized access to VTAM applications and sensitive data. This can lead to data breaches, compliance violations, and financial losses. NC-Pass provides a critical layer of security to protect mainframe resources.

The licensing model for NC-Pass is typically based on the number of users or the number of VTAM applications protected. The total cost of ownership includes the licensing fees, implementation costs, and ongoing operational expenses.

NC-Pass integrates with enterprise ecosystems by leveraging existing security systems and authentication protocols. It can integrate with LDAP directories, SIEM platforms, and other enterprise security tools to provide a comprehensive security solution.

NC-Pass supports authentication methods such as password-based authentication, multi-factor authentication using tokens, and integration with external authentication systems. It uses an access control model based on roles and application assignments.

NC-Pass uses encryption to protect sensitive data in transit and at rest. It supports standard encryption protocols such as TLS/SSL for communication and encryption algorithms for data storage. Specific encryption methods depend on the configuration.

NC-Pass provides audit logging capabilities to track user access to VTAM applications, authentication attempts, and configuration changes. These logs can be used for security monitoring, compliance reporting, and forensic analysis.

NC-Pass uses an access control model based on roles and application assignments. Users are assigned roles, and roles are granted access to specific VTAM applications. This allows administrators to control which applications users can access based on their job function.

Ongoing operational requirements for NC-Pass include monitoring the system for security events, performing regular maintenance tasks, and managing user access. This requires skilled personnel with expertise in z/OS, VTAM, and mainframe security.

NC-Pass provides administrative interfaces such as a command-line interface (CLI) and potentially a web-based console. These interfaces allow administrators to configure access rules, manage users, and monitor system activity.

User management in NC-Pass is typically handled through integration with existing security systems such as RACF, ACF2, or Top Secret. User accounts and roles are managed within these systems, and NC-Pass leverages this information for access control.

Common implementation challenges for NC-Pass include integrating with existing security systems, configuring access rules to meet specific business requirements, and ensuring that the configuration does not disrupt existing VTAM applications. Thorough testing is essential.