The SECLVL parameter on the application program's APPL definition statement indicates the degree of Level 2 session-level verification to be used if session-level verification is active.

Some products allow only Level 1 session-level security and some products allow Level 1 or Level 2 session-level security.

Products that allow both levels fall into two classes:

1. Free choice of Level 1 or Level 2 (VTAM® is in this class).
2. Restricted choice. Once Level 2 is used for a particular partner, only Level 2 can be used to that partner from then on.

Level 1 is useful in a VTAM that can be backed out to an earlier level of VTAM that can only use Level 1 session-level security. This will prevent the class 2 products (restricted choice) from locking out subsequent sessions to the earlier release of VTAM.

Level 2 is useful when all the communicating products are capable of Level 2 session-level security to insure that an attempt at penetration, using the weaker Level 1 protocols, will be prevented.

For LU 6.2 sessions to use Level 2 session verification, each application program must be running under VTAM or under another product that supports Level 2 session verification.

If you choose the first alternative, you specify the SECLVL=LEVEL2 operand, which means that Level 2 session verification is used between LU 6.2 application programs that support Level 2 verification, and sessions are not allowed with partner LUs that do not support Level 2 verification.

If you choose the second alternative, you specify the SECLVL=ADAPT operand, which means that Level 2 session verification is used between LU 6.2 application programs that support Level 2 verification, and the earlier level of session verification is used when the partner LU does not support Level 2 verification.

If communicating with a Class 2 product and this level of VTAM can be backed out and replaced by a VTAM that does not support Level 2, then Level 1 must be specified.