Reflection for the Web Overview

Reflection for the Web provides Java-based applets to deploy web-based terminal emulation sessions to your users. Reflection for the Web’s terminal sessions are centrally managed and secured using Management and Security Server’s Administrative Server.

Using Reflection for the Web and Management and Security Server, you can configure secure web-based terminal emulations sessions that connect to host applications located inside or outside the firewall.

Briefly, here’s how it works:

  1. An administrator installs Reflection for the Web on a server and either installs or uses an existing installation of Management and Security Server.

  2. The administrator uses the Administrative WebStation (in Management and Security Server) to create, configure, and secure terminal emulation sessions. Optional security settings can be configured on a per-session basis.

  3. The Reflection for the Web launcher is downloaded to the user's workstation.

  4. A user clicks a link to start a terminal session.

  5. The user connects to and communicates with the host system using the downloaded emulation applet.

________________________________________________________________________________

The diagram below depicts the interaction between Reflection for the Web, Management and Security Server (the Administrative Server), and the optional Security Proxy Server to provide enhanced security.

  1. Reflection for the Web user connects to the Administrative Server.

  2. User authenticates to a directory server (LDAP/Active Directory) or other identity management system – optional.

  3. Directory server provides user and group identity - optional.

  4. The Administrative Server sends the emulation session to the authenticated client.

  5. When the optional Security Proxy Server is configured for use by a session, emulation applet makes a TLS connection to Security Proxy Server and sends it a signed token.

  6. When present, the Security Proxy Server validates session token and establishes a connection to the host:port it specifies.

  7. When no Security Proxy Server is present or a session is not configured to use it, an authenticated user connects directly to the host.

Administrative Server

The Administrative Server, in Management and Security Server, includes the Administrative WebStation and terminal emulation files, which are installed together on a web server.

After you install (or point to an existing) Management and Security Server, you can open the Administrative WebStation, which is a self-contained web application. Use the Administrative WebStation to manage and configure web-based terminal sessions. With Reflection for the Web, Java-based applets deploy terminal emulation sessions to your users.

Optional Components

Your Reflection for the Web license entitles you to these optional components in Management and Security Server:

  • Metering Server monitors the use of terminal sessions.

  • Security Proxy Server * acts as a proxy for terminal sessions, routing encrypted network traffic to and from user workstations. (The Security Proxy is not included with the Reflection for the Web Limited Edition.)

  • Terminal ID Manager * spools terminal IDs, tracks ID usage, and manages inactivity timeout values for specific users.

* Your Reflection for the Web licence (except the Limited Edition) includes the Security Proxy and Terminal ID Manager, which are Add-On Products to Management and Security Server.

For information about installing, configuring, and using these components, see the Management and Security Server Installation Guide.