Features

Leverage IAM access controls

Use existing IAM platforms (e.g., Active Directory, NetIQ® eDirectory, and RACF) to validate user credentials and grant access to host resources using group/role definitions. No schema changes are required.

MSS puts an access control point in front of the host so that the user has to authenticate before gaining access to host resources. This control point can be centrally managed through integration with an existing enterprise identity management system, such as LDAP.

Move from weak to multifactor host authentication

Ditch risky eight-character host passwords ASAP. Leverage your IAM system to quickly and economically replace them with strong, complex passwords. Ratchet up security further with multi factor authentication. Multiple authentication options give you freedom to choose the best solution for your business.

Encrypt data in motion

Secure host data with SHA-256 digital signatures, AES 128/256, TLS, and cryptographic modules validated for FIPS 140-2—one of the U.S. government's top security standards. This high level of security protects your critical data and helps you keep pace with evolving regulatory standards.

Audit host sessions

Log and monitor access to host resources from a central metering server. Create license pools to control access to sessions and hosts. Address specific needs with granular logging options—ensuring that you know who and when someone is accessing your critical systems. Only authorized users and clients will get in.

Deliver automatic mainframe sign-on

Leave mainframe passwords in the past. Now authenticated, authorized users can skip the mainframe logon step entirely. Host Access Management and Security Server (MSS) works with the IBM Digital Certificate Access Server to do the job for them. No more mainframe passwords to remember. No more mainframe password resets. It’s a win-win for everyone.

Add layers of security with MSS add-ons

Gain additional critical functionality when you pair MSS with these products:

Security Proxy Add-On: Deliver end-to-end encryption and enforce access control at the perimeter with patented security technology.
Advanced Authentication Add-On: Enable multifactor authentication to authorize access to your valuable host systems.
Automated Sign-On for Mainframe Add-On: Enable automated sign-on to IBM 3270 applications via your identity and access management systems.
PKI Automated Sign-On Add-On: PKI-enable automated application sign-on to your critical enterprise systems.
Terminal ID Management Add-On: Dynamically allocate terminal IDs based on username, NDS name, IP address, or address pool.

Team with MSS and everybody wins.

HIGHLIGHTS

Integrate the host and IAM

Streamline and secure your host-access operation by teaming Reflection®, Rumba®+, or InfoConnect emulators with MSS. Working with your Identity and Access Management (IAM) system, MSS seamlessly propagates changes to application settings and user-specific content—right here, right now, from a central server. Next time users launch a session, they’ll receive the changes.

Take centralized control

Manage host-access operations from your central MSS console. Lock down 100s (or 1,000s) of far-flung desktops with ease. Grant or deny access based on group or role. Apply changes quickly to align with business needs. Make post-install adjustments on the fly. Do it on your schedule, not someone else’s.

Reinforce security as you remove passwords

Finally, you can bring your host into the IAM fold. That means you can replace weak, eight-character passwords with strong, complex ones. Implement best-fit multifactor authentication methods. Say goodbye to host passwords and automatically sign users on to their mainframe applications. It’s safe, manageable, and economical with MSS.