Only CICS transactions are validated and on the ACF2 SAFELIST. Is that OK?

book

Article ID: 145313

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - z/OS CA ACF2 - MISC

Issue/Introduction

The CICS region is being upgraded and and only transactions are validated.  All transactions have rules and are on the ACF2 SAFELIST in the ACF2/CICS parm deck.  Is that OK?

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

The first thing that ACF2 does is check to see what is validated, and what is on the SAFELIST and the PROTLIST.  If a transaction is only on the SAFELIST, then no validation is done and the rules are never checked.  Only the IBM transactions should be on the SAFELIST, like the signon transactions (CESN, CESL, CESF, etc.) and other important IBM transactions.  All other transactions and high security IBM transactions, (like CEMT, CEDA, etc.) should be on the PROTLIST, as well as all user defined transactions.  Then rules will be checked after signon.  ACF2 has a sample transaction list supplied with the install of ACF2/CICS in library   ACF2.CAX1MAC1(ACFPARM)