Access Analysis for ACF2 has always printed reports on the rules
governing resources such as CICS transactions.
However, in many cases, the system administrator is not aware of all the transactions
and the possible ways to have set security.
For example:
Transactions that are on the SAFELIST will always be unprotected by ACF2
even if rules are subsequently written.
Transactions can also be added to the list using masks.
For instance, C*** will allow all transactions starting with
a "C" to be unprotected unless a follow-up
transaction like CEDF is placed on the PROTLIST.
In this case, all transactions starting with C are unprotected
(except for CEDF, which would then have ACF2 rules applied)
There may be a sense that some transactions are protected when, in fact,
because of the use of the SAFELIST and masking,
a transaction may have no security at all.
The New E-SRF Utility Programs...
Read the CICS Sytem Definitions (CSD) file and create a file of all transactions defined to the system.
It uses the ACF2 CICS log to determine what transactions are on either the
SAFELIST or PROTLIST and then creates the RSLIST input needed for E-SRF Access Analysis
programs to generate the final Access reports.
Reports allow auditors to determine if appropriate security is applied to all transactions in the system.
Help in determining what accesses need to be enabled for similar transactions
or if transactions or security parameters need to be modified.