Compliance
- Compliance with United States Government Configuration Baseline (USGCB) security policy requirements
Authentication
- Microsoft Active Directory single sign-on
- Kerberos for Windows Single Sign-On
- Support for NTLM 2
- Public Key Infrastructure (PKI) support
- Certificate Revocation List (CRL) support
- Online Certificate Status Protocol (OCSP) support
- Certificate policy support
- X.509 certificate support for CAC, PIV, and other smart cards
- Kerberos 5 with Microsoft Active Directory
- Directory Support, including support for Active Directory, NetIQ eDirectory, OpenLDAP, and other RFC compliant directory servers
- Support for Micro Focus Advanced Authentication
Authorization (Access Control)
- LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
- Access control for session access based on individual identity or LDAP group membership
- LDAP-based access control enforced through secure token authorization technology
- Dynamic LDAP group support
- Secure terminal and file transfer connections to multiple hosts through a single port in the firewall
Auditing
- MSS Management Server log
- MSS Security Proxy Server log
- MSS Metering Server log
- Log data tracks usage by LDAP-distinguished names
Encryption and Security
- FIPS 140-2-validated cryptographic module (Certificate #3152)
- TLS and HTTPS
- 256-bit AES, 128-bit AES, and Triple DES
- RSA
- DSS/Diffie-Hellman
Support for MSS add-On components*
- Security Proxy Add-On: Deliver end-to-end encryption and enforce access control at the perimeter with patented security technology.
- Advanced Authentication Add-On: Enable multifactor authentication to authorize access to your valuable host systems.
- Automated Sign-On for Mainframe Add-On: Enable automated sign-on to IBM 3270 applications via your identity and access management system.
- PKI Automated Sign-On Add-On: PKI-enable automated application sign-on to your critical enterprise systems.
- Terminal ID Management Add-On: Dynamically allocate terminal IDs based on username, DNS name, IP address, or address pool.
*Requires an additional license
- Installation support
- Automated installer for Windows and Linux with all necessary components
- Automated installer for Linux on Z runs with your supplied Java runtime
- Native 64-bit installer support for 64-bit versions of Windows and Linux
System requirements
Server platforms supported**
- SUSE Linux Enterprise Server (SLES) 11 SP4
- Red Hat Enterprise Linux 7.6
- Windows 2012
- Linux on Z Systems
- SUSE Linux Enterprise Server (SLES) 11 SP4
- Red Hat Enterprise Linux 7.6
** Supported versions include those listed and higher
- Workstations running Micro Focus client software (see Micro Focus Clients Supported above)
- A web browser that supports Java 8 or above if using links list feature
- Java Runtime Environment 8 or above if using links list feature
- MSS Administrative Console
- A web browser that supports JavaScript and Cookies
- MSS Administrative Server, Metering Server, and Terminal ID Management Add-On
- Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2
- MSS Security Proxy Add-On
- Java Runtime Environment 8 or above
- MSS Advanced Authentication Add-On
- Micro Focus Advanced Authentication Appliance 5.2 or above
- MSS Automated Sign-On for Mainframe Add-On
- IBM Digital Certificate Access Service (DCAS) running on z/OS
- OS/390 V2R10 or above
- RACF configured for DCAS
Micro Focus clients supported