Use this grid to identify which Broadcom product releases are compatible with MultiFactor Authentication and Passphase. If maintenance is required:
Launch Mainframe Compatibility Main Page
The following grid contains a list of all Broadcom mainframe products and releases. The column values include:
NO | The product collects user credentials (ID/PSWD) but the password length is limited to 8-bytes and there are no plans to update this version of the product to support strong credentials. |
In Progress | Currently in the process of researching whether the product support strong authentication credentials or in the process of updating the product to provide support. |
YES | The product collects user credentials and supports passphrases (9-100 bytes). The product may be using interfaces such as API/ML or ESM/MS which enables the support for stronger credentials |
N/A | The product does not collect user credentials and relies either on TSO, Batch or other sub-systems (CICS, DB2, etc). Therefore, MFA processing does not directly apply to this product. |
Product List
Please refer to the Product Lifecycle Page for additional information.Fix Category: CA.Function.Multi-FactorAuthentication
CA 7 12.0 Supports passphrases up to 100 characters for online logon and the CA 7 Web Client logon. Passphrases are not supported for batch processing or program-to-program interfaces. Requires PTFs RO91472, RO91505 and SO00645.
Fix Category: CA.Function.Multi-FactorAuthentication
CA 7 12.1 Supports passphrases up to 100 characters for online logon and the CA 7 Web Client logon. Passphrases are not supported for batch processing or program-to-program interfaces. No PTFs are required.
Fix Category: CA.Function.Multi-FactorAuthentication
One detail missing: Leveraging IDTA on RACROUTE to support linking MFA calls (affects expired password reset user experience)
Fix Category: CA.Function.Multi-FactorAuthentication
One detail missing: Leveraging IDTA on RACROUTE to support linking MFA calls (affects expired password reset user experience)
Fix Category: CA.Function.Multi-FactorAuthentication
ESP REST API - YES Intelligent Experience - YES ESP Workstation - YES Workload Agent Manager - YES AAI Integration - N/A Report Server - N/A
Fix Category: CA.Function.Multi-FactorAuthentication
Gen supports Strong Passwords up to 200 characters for CICS cooperative applications when using the Gen Client Manager Remote-Enhanced option. Distributed PTFs CCN86301, RTN86301, RTI86301, RTL86301, RTX86301, and RTR86301 enable Strong Password support in the Client Manager. z/OS PTFs LU06644, LU06645 and LU06986 enable Strong Password support in CICS. Other Gen cooperative targets/options support passwords up to 64 characters when using Gen Enhanced Security.
Fix Category: CA.Function.Multi-FactorAuthentication
z/OS SSH is used
Fix Category: CA.Function.Multi-FactorAuthentication
Multi-Factor Authentication (MFA) and Advanced Authentication Mainframe (AAM) Support TPX supports sign-in with MFA/AAM. MFA/AAM provides an extra level of security for TPX by letting users sign in with a combination of authentication factors, such as a passcode. A passcode can be either a password, password phrase, or MFA/AAM code. MFA/AAM support allows you to sign in to TPX with your User ID and one of the following combinations: - RSA token - PIN + RSA token - RSA token + PIN - RADIUS - RADIUS Compound-I-Band - OTHERS *********************************************************************** Important - TPX supports RACF password phrase and MFA through the SAF interface. Sites using IBM RACF must configure TPX to use SAF security. If your site uses IBM RACF, set SMRT Security System to SAF and SAMT to SAF. - Ensure that the Multi-Factor Authentication (MFA) /Advanced Authentication Mainframe (AAM) product and mainframe security products at your site are current with enhancements and maintenance. - Implement Pass Ticket before you implement MFA/AAM. For more information about why you should implement Pass Ticket before MFA/AAM, see Knowledge Base article 73106. *********************************************************************** Panel TEN1003 is updated to support passcode entry. For more information on sign-on panels, see Password Verification. You must add security messages to the Security Access Message Table (SAMT) for MFA/AAM support. See Security messages to add to TPX SAMT when employing MFA/AAM for more information. Apply the following PTFs for MFA/AAM support: RO93703 (Base) RO93704 (English Panel TEN1003) R093702 (Uppercase Panel TUP1003) RO94337 (LOCK MFA Support) plus RO094331 to RO94346 Language Panels. SO0804 Remove restricion that infterfere MFA with RADIUS Compound-In-Band Support For more information, see the Knowledge Base article How to set up TPX with Multi-Factor Authentication (MFA) and Advanced Authentication Mainframe (AAM) Support.
Fix Category: CA.Function.Password-Phrase
PTFs SO11290 and SO11291 00000100
Fix Category: CA.Function.Multi-FactorAuthentication
Fix Category: CA.Function.Multi-FactorAuthentication
Fix Category: CA.Function.Multi-FactorAuthentication
Fix Category: CA.Function.Multi-FactorAuthentication
Fix Category: CA.Function.Multi-FactorAuthentication
Fix Category: CA.Function.Multi-FactorAuthentication
Fix Category: CA.Function.Multi-FactorAuthentication
This page last updated 21 Dec 2024 03:50:07