Emulation Types
- IBM System z (Mainframe)
- 3179, 3180, 3196, 3197, 3270, 3278, 3477, 3486, and 3487
- Models 2 (24x80), 3 (32x80), 4 (43x80), and 5 (27x132)
- IBM System i (AS/400)
- UNIX, Linux and OpenVMS
- VT52, VT100, VT220, VT320, and VT420
- HP e3000
Network Protocols
- All host types
- IBM System z
- TN3270, TN3270E, and SSL/TLS
- IBM System i
- UNIX, Linux, OpenVMS, and HP e3000
- Telnet, NS/VT, SSL/TLS, and Secure Shell (SSH2)
File transfer
- SFTP (SSH2) support
- IBM System z
- Works with any conventional FTP server
- Secure access to multiple FTP hosts through one firewall port
- LDAP-based access control using secure token authorization
- Reflection Security Proxy Server hides the FTP server name/port and protects the host from external exposure
- Standalone FTP client (independent of emulator)
- FTP command line interface
- FTP with automatic detection of ASCII and binary formats and preset file transfer configurations
- Autoconnect support for FTP client
- IBM System z IND$FILE file transfer for CMS, TSO, or CICS
- Browse host files for IND$FILE (for quick access to host file lists)
- IBM System i data transfer
- Ability to save frequently used IND$FILE, FTP, and System i file transfers
Compliance
- Complies with United States Government Configuration Baseline (USGCB) security policy requirements
Authentication
- Microsoft Active Directory single sign-on
- Kerberos v5 with Microsoft Active Directory
- Support for NTLM v2
- LDAP integration with Microsoft Active Directory, RACF, NetIQ eDirectory, Oracle Directory Server, IBM Tivoli Directory Server, OpenLDAP, and other standards-based directories.
- Public Key Infrastructure (PKI) support
- Certificate Revocation List (CRL) support
- Online Certificate Status Protocol (OCSP) support
- Certificate policy support
- X.509 certificate support for CAC, PIV, and other smart cards
- Automatic Kerberos sign-on (System i)
Encryption
- Cryptographic module (The Legion of the Bouncy Castle - BC-FJA version 1.0.1) for FIPS 140-2-validated currently in process
- TLS 1.2 (via the Reflection Security Proxy Server or direct to host)
- SHA-256 support
- SFTP (SSH2) support
- IBM System z
- Works with any conventional FTP server
- Secure Shell (SSH2)
- 256-bit and 128-bit AES and Triple DES
Authorization (access control)
- LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
- Personalization of a wide variety of parameters, such as LU/device name, based on user identity, DNS name, or IP address
- LDAP-based access control through secure token technology
- Dynamic LDAP group support
- Secure terminal and file transfer connections to multiple hosts through a single port in the firewall
Auditing
- Host Access Management and Security Server (MSS), Management Server log
- Host Access Management and Security Server (MSS), Security Proxy Server log
- Host Access Management and Security Server (MSS), Metering Server log
- Log data tracks usage by LDAP distinguished names
Key exchange
Printing
- Screen printing, with configurable headers and footers
- Configurable support for form feeds in IBM 3270 LU3 printer sessions
- IBM 3287
- IBM 3812 (HPT and non-HPT)
- VT logging and controller-mode printing
- HP pass-through printing
Programming and automation
- JavaScript macro recorder and editor
- Macro sharing
- Centralized creation and management of macros by administrators
- Macro mapping to keystrokes, mouse triggers, and customizable toolbar buttons
- URL recognition and opening from emulation client
- Password prompt for recorded macros
- Java-based API for scripting applets with JavaScript, VBScript, or Java
- Compatibility with Host Access Class Library (HACL)
- Programmatic access to FTP file transfer
- Customizable tooltips on the Button Palette
- Keyboard mapping, compatible with Windows, Linux, or other keyboards
- Mouse action mapping, compatible with Windows, Linux, or other mice
- Customizable toolbar
- Toolbar buttons mappable to commands, terminal keys, keyboard actions, macros, file transfer requests
- 3270 and 5250 light pen support
Web-based administrative tools
- Host Access Management and Security Server (MSS), Management Server
- Automated management server data replication for load-balanced environments
- Step-by-step configuration for web-based host sessions
- LDAP-based control of host access
- Host Access Management and Security Server (MSS), Metering Server
- Usage logging
- Session number limitation
- License enforcement
- Works in Citrix scenarios
International support
- English, French, and German language support
- Extensive international code page and keyboard support, including Eastern European and Cyrillic code pages and character sets
- ROECE Latin code page (Eastern Europe) for IBM System z and IBM System i
System requirements
- Server Requirements
- Server Class Operating System – Windows, Linux
- An OpenJDK (non-Oracle) JRE 1.8.0_ is installed by the automated installer, where is the most recent security release as of this product release date
- Client Requirements
- Administration and Launcher Mode
- Any current web browser.
- Reflection for the Web Launcher installs a JRE from OpenJDK. The JRE includes the most recent security update as of the Reflection for the Web release date.
- JavaScript is a soft requirement
- When the Reflection for the Web Launcher is configured for Launcher deployment in MSS, browsers that support JavaScript will automatically launch the links list applet and emulator sessions. Otherwise, the user will need to click Display Links List to launch the links list and the sessions.
- Standard Mode
- This mode requires Internet Explorer 11 and Oracle JRE or Java Plug In 1.8
Note: Administration using Internet Explorer 11 and Oracle JRE or Java Plug In 1.8 is supported.
Application Modernization
