Reflection for the Web 2011 Airlines Edition

Reflection for the Web 2011 Airlines Edition is terminal emulation software that securely connects browser users to applications on IBM TPF, ALCS, and Unisys systems commonly used in the airline and travel industries, as well as IBM 3270, IBM 5250, and HP hosts. With Reflection for the Web 2011, airline and travel industry users can securely connect to the industry’s wide range of legacy systems, while minimizing total cost of ownership.

Components

Reflection Management Server
Reflection Security Proxy Server
Reflection Metering Server
Reflection ID Management Server
Reflection Terminal Emulation Thin Clients
Reflection File Transfer Thin Clients 
Reflection Printing Thin Clients

Connection Basics

Emulation Types

• ALC to:
  • Galileo/Apollo Travel Services
  • Sabre
  • EDS Shares
  • Worldspan
  • Amadeus
  • MATIP hosts
  • Attachmate INFOConnect Airlines Gateway
• UTS to:
  • Unisys ClearPath Dorado Systems
  • MATIP hosts
  • Attachmate Lantern Gateway
  • Attachmate Pepgate Gateway
  • Attachmate INFOConnect Airlines Gateway
• T27 to:
  • Unisys ClearPath Libra Systems
• IBM System z (Mainframe):
  • 3179, 3180, 3196, 3197, 3270, 3278, 3477, 3486, and 3487
  • Models 2 (24x80), 3 (32x80), 4 (43x80), and 5 (27x132)
• IBM System i (AS/400):
  • 5250, 5251, and 5291
• UNIX, Linux, and OpenVMS:
  • VT52, VT100, VT220, VT320, and VT420
• HP e3000:
  • HP2392 and HP700/9x

Network Protocols

• All host types:
  • IPv4/IPv6
• ALC/TPF:
  • Sabre IP
  • MATIP
  • WSE MATIP
  • ATSTCP
  • Airgate
  • UDPFRAD
  • TCPFRAD
• UTS:
  • INT1
  • MATIP
  • Airgate
  • Pepgate
• T27:
  • TCPA
• IBM System z:
  • TN3270, TN3270E, and SSL/TLS
• IBM System i:
  • TN5250 and SSL/TLS
• UNIX, Linux, OpenVMS and HP e3000:
  • Telnet, NS/VT, SSL/TLS, and Secure Shell (SSH2)

File Transfer

• SFTP (SSH2) support
• Secure FTP (SSL/TLS-wrapped):
  • Works with any conventional FTP server
  • Secure access to multiple FTP hosts through one firewall port
  • LDAP-based access control using secure token authorization
  • Reflection Security Proxy Server hides the FTP server name/port and protects the host from external exposure
• Standalone FTP client (independent of emulator)
• FTP command line interface
• FTP with automatic detection of ASCII and binary formats and preset file transfer configurations
• IBM System z IND$FILE file transfer for CMS, TSO, or CICS
• Browse host files for IND$FILE (for quick access to host file lists)
•  IBM System i data transfer
• Ability to save frequently used IND$FILE, FTP, and System i file transfers

Security

Compliance

•  Complies with Federal Desktop Core Configuration (FDCC) and United States Government Configuration Baseline (USGCB) security policy requirements

Authentication

• Microsoft Active Directory single sign-on
• LDAP integration with Microsoft Active Directory, RACF, Novell eDirectory, Sun Java System Directory, IBM Tivoli Directory Server, OpenLDAP, and any other RFC 2256-compliant LDAP server
• Public Key Infrastructure (PKI) support
• Certificate Revocation List (CRL) support
• Online Certificate Status Protocol (OCSP) support
• Certificate policy support
• X.509 certificate support for smart cards
• Automatic Kerberos sign-on (System i)
• Kerberos v5 with Microsoft Active Directory
• Integration with IBM WebSphere Portal, Oracle WebLogic Portal, and CA SiteMinder

Encryption

• FIPS 140-2-validated cryptographic modules (Certificates #787 and #820)
• SSL/TLS on TCP-based connections (via the Reflection Security Proxy Server or direct to host if available)
  • 256- and 128-bit AES, Triple DES, and DES encryption
• Secure Shell (SSH2)
  • 256- and 128-bit AES, Triple DES, and DES encryption (128/192/256 bit; cbc/ctr)

Authorization (Access Control)

• LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
• Personalization of a wide variety of parameters, such as LU/device name, based on user identity, DNS name, or IP address
• LDAP-based access control through secure token technology
• Dynamic LDAP group support
• Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

Auditing

• Reflection Management Server log
• Reflection Security Proxy Server log
• Reflection Metering Server log
• Log data tracks usage by LDAP distinguished names

Key Exchange

• RSA
• DSS/Diffie-Hellman 

Printing

• Airlines/travel capabilities for printing on bi-directional devices, such as ATB2 printers over a wide variety of protocols
• Screen printing, with configurable headers and footers
• IBM 3287
• IBM 3812 (HPT and non-HPT)
• VT logging and controller-mode printing
• HP pass-through printing

Programming and Automation

•  JavaScript macro recorder and editor
• Assignment of macros to terminal sessions
• Macro sharing
• Centralized creation and management of macros by administrators
• Macro mapping to keystrokes, mouse triggers, and customizable toolbar buttons
• URL recognition and opening from emulation client
• Password prompt for recorded macros
• Java-based API for scripting applets with JavaScript, VBScript, or Java
• Compatibility with Host Access Class Library (HACL)
• Programmatic access to FTP file transfer
• Keyboard mapping, compatible with any Windows Linux, or Macintosh keyboard
• Mouse action mapping, compatible with any Windows, Linux, or Macintosh mouse
•  Customizable toolbar
•  Toolbar buttons mappable to commands, terminal keys, keyboard actions, macros, and file transfer requests
• 3270 and 5250 light pen support

Web-Based Administrative Tools

• Management Server:
  • Automated management server data replication for load-balanced environments
  • Step-by-step configuration for web-based host sessions
  • Session creation and management for certain Reflection Windows-based and PC X server products*
  •  LDAP-based control of host access
• Metering Server: 
  • Usage logging
  • Session number limitation
  • License enforcement

International Support

• Extensive international code page and keyboard support, including Eastern European and Cyrillic code pages and character sets
• ROECE Latin code page (Eastern Europe) for IBM System z and IBM System i

Server Installation Support

• Can be installed on any operating system that supports Java, including Windows, Linux, zLinux, UNIX, and z/OS
• Automated installer for Windows, Linux, zLinux, and Solaris, with all necessary components including Tomcat servlet engine, and Oracle (Sun) Java Runtime Environment
•  Includes native 64-bit installer support for 64-bit versions of Windows and Linux
• WAR file installer for J2EE application servers

System Requirements

• Reflection for the Web Clients:
  • Web browser enabled for Java 1.5+ 
  • TCP/IP network connection 
  • Any hardware system that meets the minimum requirements for the Java Runtime Environment 
  • Supported browsers include Internet Explorer 6.0+, Mozilla Firefox 1.5+, Safari 1.3+, Google Chrome 1.3+, and Java Web Start 5.0+
• Reflection Administrative WebStation:
  • Installs on web server; runs on any workstation in web browser that supports Java 1.5+
  • Any hardware system that meets the minimum requirements for the Java Runtime Environment 
  • Supported browsers same as terminal emulation client
• Reflection Management Server:
  • Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2, JDK 1.4+ 
  • Will run on any J2EE-compliant servlet engine or application server, including Tomcat, Oracle WebLogic, IBM WebSphere, or Sun Java System Application Server
• Reflection ID Management Server and Reflection Metering Server:
  • o Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2, JDK 1.5+
  • Will run on any J2EE-compliant servlet engine or application server, including Tomcat, Oracle WebLogic, IBM WebSphere, or Sun Java System Application Server
• Reflection Security Proxy Server:
  • Any server running Java Runtime Environment 1.5+

* This feature requires the purchase of an optional component