Home » Products » Managed File Transfer » Reflection for Secure IT » Reflection for Secure IT, Windows Server
Contact Attachmate
1.800.872.2829
How to Buy
Evaluate

Reflection for Secure IT, Windows Server

New Release
Maybe it's time for an update
Version Comparison Chart

This solution is a Secure Shell server that provides secure file transfer and remote administration services for Windows servers. Reflection for Secure IT is a family of SSH clients and servers for Windows and UNIX—all designed to protect data in motion. With Reflection for Secure IT encryption, authentication, and logging features you can safely transfer files, manage remote servers, and access corporate applications over encrypted connections. These features can also help you comply with stringent data security regulations.

VERSION 7.1 HIGHLIGHTS

  • Improved support for PKI environments reduces administrative burden via centralized management of certificate functions. 
  • Support for RSA SecurID and RADIUS authentication leverages the added security provided through these systems. 
  • Enhancements to secure file transfer include Smart Copy, user least privilege support, and ability to reuse FTP scripts with active and passive mode support for tunneling FTP over SSH.
  • Updated FIPS 140-2 validated cryptographic module leverages newer and stronger encryption algorithms.
  • IPv6 support allows Reflection for Secure IT Windows Server to operate fully in a pure IPv6 environment.

Technical Specifications

Secure File Transfer

  • SCP1 (for compatibility with OpenSSH servers)
  • SCP
  • SFTP
  • FTP over SSH
  • Virtual directory and chroot support
  • SFTP file transfer resume after interrupted downloads
  • new SFTP Smart Copy eliminates redundant copying of identical source/target files
  • new Granular permissions for file transfer functions (upload/download/browse/delete) configurable at Global, Group, and User levels and by  Client address

    Security Protocols

    • SSH2 (IETF SecSh Internet drafts and RFCs 4250–4254, 4256, 4462, 4344, 4345, and 4716)

    Cryptographic Library Validation

    • FIPS 140-2 Level 1 (certificate #1027)

    Algorithms

    • Ciphers:
      • AES (128, 192, and 256 bit CBC) 
      • AES (128, 192, and 256 bit CTR)
      • 3DES (3 56-bit key EDE)
      • Blowfish (128 bit)
      • CAST (128 bit)
      • new Arcfour (128  and 256 bit)
    • MACs:
      • HMAC-MD5 (optional MD5 rejection available)
      • HMAC-SHA1, HMAC-SHA256
      • new HMAC-SHA512
      • RIPEMD
    • Key exchange:
      • RSA
      • DSA
      • Diffie-Hellman
      • GSS-API key exchange

    Authentication

    • Password:
      • Local
      • Windows Domain authentication
    • Keyboard interactive:
      • Keyboard-interactive password
      • RSA SecurID
      • RADIUS
    • SSH user keys:
      • Support for RSA and DSA keys  
      • OpenSSH public key interoperability
    • PKI (via the Reflection PKI Services Manager):
      • new Reflection PKI Services Manager
        • Centralized configuration and management of PKI functions across multiple Reflection for Secure IT Windows and UNIX servers
        • Standalone service module supported on most platforms supported by Reflection for Secure IT Windows and UNIX server
        • FIPS 140-2 Level 1 validated for most supported platforms (certificate #1048)
        • RFCs 2253, 2560, and 3280
        • X.509 certificates for server and client authentication (X.509 versions 1-3)
        • Version 2 X.509 CRL
        • OCSP revocation checks
        • Support for LDAP and HTTP certificate and CRL repositories
        • new Support for Microsoft Windows Certificate Store
        • Certificate extensions supported:
           • CDP
           • IDP
           • AIA
           • Policy Constraints
           • Basic Constraints
           • Name Constraints
           • Extended Key Usage
        • Customizable configuration on per trust anchor basis
        • Fully customizable mapping of SSH user account names to certificates
    • GSSAPI:
      • Microsoft SSPI logon credentials
      • Supports both user and host authentication using GSSAPI

    Tunneling

    • Local
    • Remote
    • FTP protocol (active and passive mode)
    • RDP protocol

    Auditing

    • Notification of exceeded maximum password attempts
    • Customizable and extensive Windows Event Viewer and text file logging
    • new Local or UTC time zone for log timestamps

    Administrative Tools

    • Granular access control customization (sub-configurations)
    • Assignable rights:
      • Terminal shell access
      • Exec requests
      • SCP1 access
      • SCP2 access
      • SFTP access
      • SFTP activities (Browse, Download, Upload, Delete, Rename)
    • Assignable to:
      • Global
      • Groups
      • Users
      • Per client system (by IP address or domain name)
    • Section 508 support in the Reflection SSH Server Configuration utility

    Operating Systems

    • Microsoft Windows Vista® (x86, x64)
    • Microsoft Windows XP (x86, x64)
    • Microsoft Windows Server 2008 (x86, x64)
    • Microsoft Windows Server 2003 (x86, x64, IA-64)
    • Microsoft Windows 2000 Server (x86)

    System Requirements

    • Any system that meets the minimum requirements for the Microsoft Windows operating system
    • Disk space varies depending on the features installed
    • Network interface card