Tech Specs - Reflection for the Web Unisys Edition

Emulation types

Unisys Clearpath Dorado Systems
- UTS20, UTS40, UTS60, and UTS70
Unisys Clearpath Libra Systems
- T27
IBM System z (Mainframe)
- 3179, 3180, 3196, 3197, 3270, 3278, 3477, 3486, and 3487
- Models 2 (24x80), 3 (32x80), 4 (43x80), and 5 (27x132)

Network protocols

IBM System z
- TN3270, TN3270E, and SSL/TLS
IBM System i
- TN5250 and SSL/TLS
UNIX, Linux, OpenVMS, and HP e3000
- Telnet, NS/VT, SSL/TLS, and Secure Shell (SSH2)

File transfer

SFTP (SSH2) support
Secure FTP (SSL/TLS-wrapped)
- Works with any conventional FTP server
- Secure access to multiple FTP hosts through one firewall port
- LDAP-based access control using secure token authorization
- Reflection Security Proxy Server hides the FTP server name/port and protects the host from external exposure
Standalone FTP client (independent of emulator)
FTP command line interface

FTP with automatic detection of ASCII and binary formats and preset file transfer configurations
Autoconnect support for FTP client
IBM System z IND$FILE file transfer for CMS, TSO, or CICS
Browse host files for IND$FILE (for quick access to host file lists)
IBM System i data transfer
Ability to save frequently used IND$FILE, FTP, and System i file transfers

Compliance

Complies with United States Government Configuration Baseline (USGCB) security policy requirements

Authentication

Microsoft Active Directory single sign-on
Kerberos v5 with Microsoft Active Directory
Support for NTLM v2
LDAP integration with Microsoft Active Directory, RACF, NetIQ eDirectory, Oracle Directory Server, IBM Tivoli Directory Server, and OpenLDAP
Public Key Infrastructure (PKI) support
Certificate Revocation List (CRL) support
Online Certificate Status Protocol (OCSP) support
Certificate policy support
X.509 certificate support for CAC, PIV, and other smart cards
Automatic Kerberos sign-on (System i)

Encryption

Cryptographic module (The Legion of the Bouncy Castle - BC-FJA version 1.0.1) for FIPS 140-2-validated currently in process
TLS 1.2 (via the Reflection Security Proxy Server or direct to host)
SHA-256 support
Secure Shell (SSH2)
- 256- and 128-bit AES and Triple DES

Authorization (access control)

LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
Personalization of a wide variety of parameters, such as LU/device name, based on user identity, DNS name, or IP address
LDAP-based access control through secure token technology
Dynamic LDAP group support
Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

Dynamic LDAP group support
Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

Auditing

Key exchange

Printing

Programming and automation

JavaScript macro recorder and editor
Macro sharing
Centralized creation and management of macros by administrators
Macro mapping to keystrokes, mouse triggers, and customizable toolbar buttons
URL recognition and opening from emulation client
Password prompt for recorded macros
Java-based API for scripting applets with JavaScript, VBScript, or Java
Compatibility with Host Access Class Library (HACL)

Programmatic access to FTP file transfer
Customizable tooltips on the Button Palette
Keyboard mapping, compatible with Windows, Linux, or other keyboards
Mouse action mapping, compatible with any Windows, Linux, or other mice
Customizable toolbar
Toolbar buttons mappable to commands, terminal keys, keyboard actions, macros, and file transfer requests
3270 and 5250 light pen support

Web-based administrative tools

Host Access Management and Security Server (MSS), Metering Server
- Usage logging
- Session number limitation
- License enforcement
- Works in Citrix scenarios

Host Access Management and Security Server (MSS), Management Server
- Automated management server data replication for load-balanced environments
- Step-by-step configuration for web-based host sessions
- LDAP-based control of host access

International support

Extensive international code page and keyboard support, including Eastern European and Cyrillic code pages and character sets

Server installation support

Compatible with server platforms that support Java 8 or above, including Windows Server, Linux, zLinux, UNIX, and z/OS
Includes 64-bit installer support for 64-bit versions of Windows and Linux

Automated installer for Windows, Linux, and Solaris, with all necessary components including Tomcat servlet engine and Oracle Java Runtime Environment

System requirements

Reflection for the Web Clients and Administrative WebStation
- Web browser enabled for Java 8 or above, such as Internet Explorer or Mozilla Firefox
- TCP/IP network connection
- Hardware system that meets the minimum requirements for the Java Runtime Environment

Host Access Management and Security Server (MSS), Security Proxy Server
- Server running Java Runtime Environment 8 or above

Host Access Management and Security Server (MSS), Management Server, ID Management Server, and Metering Server
- JDK 8 or above
- Servlet engine or application server compliant with Java Servlet Specification 2.3 and Java Server Pages (JSP) 1.2, such as Tomcat (Note: Apache Tomcat is part of the installation for MSS)

Tech SpecsReflection for the Web Unisys Edition