Home » Products » Managed File Transfer » Reflection for Secure IT » Reflection for Secure IT, UNIX Client
Contact Attachmate
1.800.872.2829
How to Buy
Evaluate

Reflection for Secure IT, UNIX Client

New Release
Maybe it's time for an update
Version Comparison Chart

This solution is a Secure Shell client that provides secure file transfer and terminal access capabilities for UNIX platforms through utilities such as ssh, scp, and sftp. Reflection for Secure IT is a family of SSH clients and servers for Windows and UNIX—all designed to protect data in motion. With Reflection for Secure IT encryption, authentication, and logging features you can safely transfer files, manage remote servers, and access corporate applications over encrypted connections. These features can also help you comply with stringent data security regulations.

VERSION 7.1 HIGHLIGHTS

  • Improved support for PKI environments reduces administrative burden via centralized management of certificate functions.
  • Robust secure file transfer includes Smart Copy, reuse of FTP scripts, and ability to resume incomplete scp and sftp file transfers.
  • Additional platform support includes AIX 6.1 on POWER, Red Hat Enterprise Linux 5 on Itanium, and Red Had Enterprise Linux 4 on zLinux.
  • Installation improvements in Solaris and Linux let organizations customize the installation location.
  • PKCS#11 smart card support in Sun Solaris SPARC allows use of smart cards for public key authentication.
  • Updated FIPS 140-2 validated cryptographic module leverages newer and stronger encryption algorithms.

Technical Specifications:

Secure File Transfer

  • SCP2
    • Support for SCP2 remote-to-remote transfers
  • SFTP2 
    • Support for recursive directory copying
    • Automatic ASCII mode for specified file extension types
    • SFTP Smart Copy eliminates redundant copying of identical source/target files
  • FTP over SSH
    • Support for background and “one-shot” (single use) forwarding ports
  • Unattended scheduled file transfers
  • SFTP and SCP file transfer resume after interrupted downloads

Security Protocols

  • SSH2 (IETF SecSh Internet drafts and RFCs 4250–4254, 4256, 4462, 4345 and 4716)

Cryptographic Library Validation

  • FIPS 140-2 Level 1 (certificate #1027)

Algorithms

  • Ciphers:
    • AES (128, 192, and 256 bit CBC)
    • AES (128, 192, and 256 bit CTR) 
    • 3DES (3 56-bit key EDE)
    • Blowfish (128 bit)
    • CAST (128 bit)
    • new Arcfour (128 and 256 bit)
  • MACs:
    • HMAC MD5
    • HMAC-SHA1, HMAC-SHA256
    • new HMAC-SHA512 
    • RIPEMD
  • Key exchange:
    • RSA
    • DSA
    • Diffie-Hellman
    • GSS-API key exchange

Authentication

  • Password:
    • Traditional password
  • Keyboard interactive:
    • Traditional password
    • RSA SecurID
    • RADIUS
  • SSH user keys:
    • RSA and DSA user keys
    • Agent forwarding
    • Host name aliasing for host key storage
    • new PKCS#11 smart card support on Solaris 10 SPARC platforms
  • new PKI via the Reflection PKI Services Manager:
    • Centralized configuration and management of PKI functions across multiple Reflection for Secure IT Windows and UNIX servers
    • Standalone service module supported on most platforms supported by Reflection for Secure IT Windows and UNIX server
    • FIPS 140-2 Level 1 validated for most supported platforms (certificate #1048)
    • RFCs 2253, 2560, and 3280
    • X.509 certificates for server and client authentication (X.509 versions 1-3)
    • Version 2 X.509 CRL
    • OCSP revocation checks
    • Support for LDAP and HTTP certificate and CRL repositories
    • Certificate extensions supported
       • CDP
       • IDP
       • AIA
       • Policy Constraints
       • Basic Constraints
       • Name Constraints
       • Extended Key Usage
    • Customizable configuration on per trust anchor basis
    • Fully customizable mapping of SSH user account names to certificates
  • Kerberos:
    • gssapi-keyex authentication

Tunneling

  • Local
  • Remote
  • FTP protocol
  • X11 protocol

Accounting

  • Notification of exceeded maximum password attempts
  • Sun Solaris Projects support

Operating Systems

  • HP-UX 11i v1 (PA-RISC)
  • HP-UX 11i v2 (PA-RISC)
  • HP-UX 11i v2 (Itanium)
  • HP-UX 11i v3 (Itanium)
  • IBM AIX 5.2 (POWER)
  • IBM AIX 5.3 (POWER)
  • new IBM AIX 6.1 (POWER)
  • Red Hat Enterprise Linux 4 (Itanium)*
  • Red Hat Enterprise Linux 4 (x86)*
  • Red Hat Enterprise Linux 4 (x86-64)*
  • new Red Hat Enterprise Linux 5 (Itanium)*
  • Red Hat Enterprise Linux 5 (x86)*
  • Red Hat Enterprise Linux 5 (x86-64)*
  • Sun Solaris 8 (SPARC)*
  • Sun Solaris 9 (SPARC)*
  • Sun Solaris 10 (SPARC)*
  • Sun Solaris 10 (x86)*
  • Sun Solaris 10 (x86-64)*
  • SUSE Linux Enterprise Server 9 (Itanium)*
  • SUSE Linux Enterprise Server 9 (x86)*
  • SUSE Linux Enterprise Server 9 (x86-64)*
  • SUSE Linux Enterprise Server 10 (x86)*
  • SUSE Linux Enterprise Server 10 (x86-64)*
  • zLinux – Red Hat Enterprise Linux 4 (64-bit)*
  • zLinux – SUSE Linux Enterprise Server 9 (32-bit)*

new * Customizable installation directory available for Solaris and Linux platforms

System Requirements

  • Any system that meets the minimum requirements for the UNIX/Linux operating system
  • Network interface card
  • For all Itanium systems, the library libunwind is required (HP-UX, Red Hat Enterprise Linux,
    and SUSE Linux Enterprise Server)
  • For HP-UX 11i v1 on PA-RISC, the following patches (or their superseded patches) are
    required:
    • PHCO_28605 s700_800 11.11 libnss_files cumulative patch
    • PHCO_31923 s700_800 11.11 libc cumulative header file patch 
    • PHCO_34275 s700_800 11.11 libc cumulative patch 
    • PHKL_34805 s700_800 11.11 JFS3.3 patch; mmap
    • PHSS_33033 s700_800 11.11 ld(1) and linker tools cumulative patch
  • IBM AIX 5.3 Maintenance Level 5300-5
  • Sun Solaris UltraSPARC CPU