Notice: will be retired soon. Please visit our new site at
NC-Pass Network Security Managers protect information by directing the user via user ID and password to permitted applications only.
Read now »


Control Logins, Profiles and Passwords

NC-Pass allows you to increase network security by limiting users to permitted applications via a user ID and password system. With NC-Pass, you’ll have full control of logins, profiles and passwords from existing RACF, CA-ACF2 or CA-Top Secret databases. In addition, you can protect sensitive information by requiring users to provide additional authentication information at the application level, at the transaction level, or both.

  • Boost security by allowing or denying connection to specific applications
  • Limit terminals to specific users for specific applications
  • Restrict full use of SME facility to non-sensitive applications, unless permitted by SME table
  • Audit all actions to SMF, VSAM archive datasets or central host


  • Flexible Transaction-Level Interface (TLI) - NC-Pass extends security beyond the VTAM network front end to the user's own business transaction. User authentication through the TLI can be implemented from any point in the network using the TCP/IP TLI. The TLI can also be used to protect sensitive transactions in excess of a certain value by requesting user ID and password validation from within the transaction.
  • Home Node Processing - In multi-node networks, NC-Pass databases may be held on individual nodes supporting definitions for users and terminals assigned to that node. Users connecting to a node that is not their normal connection machine can specify the name of the machine where they want to be authenticated. Home node processing is useful on large networks where users access their system from both home and remote locations.
  • Three Levels of NC-Pass Available for MVS Systems - For MVS systems, three levels of NC-Pass are available:
    NC-Pass VSSE (VTAM Session Security Exit) uses the VTAM Session Management Exit (SME) to allow only authorized connections. It controls which LU-to-LU sessions VTAM will allow or deny. Includes terminal-to-application, application-to-printer, peer-to-peer and network job entry (NJE) sessions.
    NC-Pass Secure provides active network security and information protection by directing the user to permitted applications only, by requiring user ID and password. Incorporates the features of NC-Pass VSSE to allow sensitive applications to be protected by user ID.
    NC-Pass Authenticator maintains the full range of NC-Pass Secure features, as well as incorporating three-factor authentication using personal devices. With this option, it is possible to validate a user's identity via a user ID, a user-changeable password and a personal device-generated code.

Sys Reqs

Supported Environment

Software: • IBM OS/390 or z/OS
• IBM OS/390 Security Server (RACF)
• CA-Top Secret
• JES2 and JES3

Devices: • ActivCard X9.9
• Defender
• CryptoCard
• Racal Safe S220
• RSA SecurID
• Digiline DigiPass
• Defender Go-1 and Defender Go-3