Reflection for the Web is remote host access software that securely connects browser users to applications on IBM, HP, UNIX, OpenVMS, and Unisys hosts. It delivers fully functioning host applications across the Internet, adding strong authentication and encryption to safeguard sensitive data in motion. It even includes a Secure Token Authorization capability that gives host applications an extra layer of protection and integrates them into your modern security infrastructure.
Components
Reflection Management Server
Reflection Security Proxy Server
Reflection Metering Server
Reflection thin client emulators
Version 9.5 Highlights
- Automated management server data replication for load-balanced environments
- Online Certificate Status Protocol (OCSP) for Public Key Infrastructure (PKI) environments
- Ability to restrict user access to menus and controls
- Support for eTrust SiteMinder version 6
- Support for Lightweight Directory Access Protocol (LDAP) interface to Resource Access Control Facility (RACF)
- Enhanced Smart Card support
- Unisys emulation option
- Support for Eastern European and Cyrillic international code pages and character sets
Secure File Transfer
- SFTP (SSH2) support
- Secure FTP (SSL/TLS-wrapped):
- Supports all traditional (RFC 959) FTP servers
- Uses Secure Token Authorization for LDAP-based access control
- Requires only one firewall port for secure FTP and emulation sessions to multiple hosts
- Requires no modifications to the host or FTP server
- Hides the FTP server name and port from external users
- Uses the Reflection Security Proxy Server to protect the host from external exposure
Authentication
Online Certificate Status Protocol (OCSP) support
- Support for eTrust SiteMinder version 6
- Support for Lightweight Directory Access Protocol (LDAP) interface to Resource Access Control Facility (RACF)
- Enhanced Smart Card support
- Certificate Revocation List (CRL) support
- Certificate policy support
- Automatic Kerberos sign-on (iSeries)
- Microsoft® Active Directory single sign-on
- LDAP: Microsoft Active Directory, Novell Directory Services (NDS), SunONE (iPlanet/Netscape), IBM Secureway, RACF, OpenLDAP, and generic LDAP-compliant option (RFC 2256)
- Kerberos v5 with Microsoft Active Directory
- Microsoft Internet Information Server (IIS)
- X.509 certificates/smart cards
- Integration with IBM WebSphere Portal, BEA AquaLogic, BEA WebLogic Portal, and eTrust SiteMinder
Encryption
- AES encryption
- Triple DES encryption
- DES encryption
- SSL/TLS via the Reflection Security Proxy Server
- SSL/TLS direct to an SSL/TLS-enabled host system or gateway
- Secure Shell (SSH2)
Authorization (Access Control)
- LDAP integration to verify authorized terminal session access
- Personalization of wide variety of parameters, such as LU/device name, user identity, DNS name, or IP address
- LDAP-based access control through patent-pending Secure Token technology (for Reflection web- and Windows-based products)
- Secure terminal and file transfer connections to multiple hosts through a single port in the firewall
Auditing
- Reflection Management Server log
- Reflection Security Proxy Server log
Key Exchange
Network Protocols
- Unisys OS2200 or ClearPath IX (optional)
- IBM System z (mainframe):
- TN3270, TN3270E, and SSL/TLS
- IBM System i (AS/400):
- Unix and OpenVMS:
- Telnet, SSL/TLS, and Secure Shell (SSH2)
- HP e3000:
- NS/VT, Telnet, and SSL/TLS
Host Types
- Unisys OS2200 or ClearPath IX (optional)
- IBM System z (3270)
- IBM System i (5250)
- Unix and OpenVMS
- HP e3000
Emulation Types
- Unisys OS2200 or ClearPath IX (optional)
- IBM System z (mainframe):
- 3179, 3180, 3196, 3197, 3270, 3278, 3477, 3486, and 3487
- Models 2 (24x80), 3 (32x80), 4 (43x80), and 5 (27x132)
- IBM System i (AS/400):
- Unix and OpenVMS:
- VT52, VT100, VT220, VT320, and VT420
- HP e3000:
File Transfer
- Browse host files for IND$FILE (for quick access to host file lists)
- Standalone FTP client (independent of emulator)
- FTP command line interface
- FTP with automatic detection of ASCII and binary formats and preset file transfer configurations
- SFTP (SSH2)
- Secure FTP via the Reflection Security Proxy Server
- IBM System z IND$FILE file transfer for CMS, TSO, or CICS
- IBM System z APVUFILE transfer for CMS, TSO, or CICS
- IBM System i data transfer
Printing
- Supports Java 2 Standard Edition (J2SE) printing enhancements:
- Print to default printer (just as you would with a Windows-based emulator)
- Avoid banner pages between multiple print jobs
- Accumulate print-to-file jobs in a single file
- Screen printing
- IBM 3287
- IBM 3812 (HPT and non-HPT)
- VT logging and controller-mode printing
- HP passthrough printing
Programming and Automation
- Assignment of macros to terminal sessions
- Macro sharing via importing and exporting of files
- Macro mapping to keystrokes, mouse triggers, and button palette
- Password prompt for recorded macros
- Java-based API for scripting applets with JavaScript, VBScript, or Java
- Support for Host Access Class Library (HACL)
- End-user macro record and playback
- Programmatic access to FTP file transfer
- HP host-initiated Reflection Command Language (RCL) commands
User Interface
- Ability to restrict user access to menus and controls
- Cursor ruler support
- Mouse mapping
- Dockable keyboard, button, and toolbar palettes
- Option to view operator information area (to provide additional status information in IBM sessions)
Web-Based Administrative Tools
- Administrative WebStation:
- Automated management server data replication for load-balanced environments
- Step-by-step configuration for web-based host sessions (local or remote)
- Session creation and management for Reflection Windows-based and PC X server products
- Authentication and authorization of Reflection sessions
- Usage metering:
- Usage logging
- Session number limitation
- License enforcement
- Usage metering for current Windows-based emulation and PC X server products, including generation of usage reports
- Portal integration (portlet and authentication):
- IBM WebSphere Portal
- BEA WebLogic Portal
- BEA AquaLogic User Interaction
- Portal browse-away support
- Web single sign-on:
International Support
- Support for Eastern European and Cyrillic code pages and character sets
- Extensive international code page and keyboard support
- ROECE Latin code page (Eastern Europe) for IBM System z and IBM System i
- English, French, German, and Japanese versions on one CD
Installation
- Can be installed on any operating system that supports Java, including Windows, Linux, UNIX, and z/OS
- Automated installer for Windows, Linux, Solaris, and HP-UX, with all necessary components, including Jakarta Tomcat servlet engine and Sun Java Runtime Environment
- WAR file installer for J2EE application servers
- ZIP file
System Requirements
- Terminal emulation client:
- Java 1.1/2-enabled web browser that runs trusted applets
- TCP/IP network connection
- Any system that meets the minimum requirements for the client operating system and Java Runtime Environment
- Supported client environments include Internet Explorer 6.0 or above, Netscape 7.0 or above, Firefox 1.0+, Mozilla 1.0+, Safari 1.0+ (Mac OS X), and Sun Java Web Start
- Administrative WebStation:
- Installs on web server; runs in web browser on any workstation
- Any system that meets the minimum requirements for the client operating system and Java Runtime Environment
- Internet Explorer 6.0 or above, Netscape 7.0 or above, Firefox 1.0+, Mozilla 1.0+, and Safari 1.0+ (Mac OS X); JavaScript
- Reflection Management Server/Reflection Metering Server:
- Installs on any machine running Java Runtime Environment 1.4 or higher with 185 MB of disk space
- Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2, JDK 1.4 or higher
- Will run on any J2EE-compliant servlet engine or application server including Jakarta Tomcat, BEA WebLogic, IBM WebSphere, or Sun Java Application Server (formerly SunONE/iPlanet)
- Minimum of 256 MB of RAM required
- Reflection Security Proxy Server:
- Any server running Java Runtime Environment 1.3 or higher
- 95 MB of disk space
- Minimum 512 MB of RAM required