Host Access Management and Security Server version 12.5 released July 2018.
This document lists the product’s features, resolved issues, and known issues since version 12.4 SP1 released.
Host Access Management and Security Server 12.5 includes these features and upgrades (in addition to the features introduced in 12.4 SP1):
An updated Metering Console is available to Configure Metering and to Run Reports.
To log in to the Metering Console, click the Metering Server’s URL, http://<servername:port>/meter/AdminStart.html. This link is available in the Administrative Console > Configure Settings - Metering panel.
Management and Security Server requires 3.40 GHz (4 cores) and 8GB of RAM to run efficiently.
While previous versions may have run successfully on less, we recommend you allot 8 GB of RAM for a successful installation.
When using the X.509 authentication method, the ability to fall back to LDAP authentication is now optional on the Configure Settings- Authentication & Authorization panel.
Replaced Oracle JDK with Open JDK: Azul Zulu 8u172
Updated Apache Tomcat to 8.5.30
The configuration for the Micro Focus Advanced Authentication Add-On (for Reflection or InfoConnect Desktop and Rumba+ clients) includes the ability to Verify the server identity and test the connection.
Added support for SAML V2.0 Web Browser SSO Profile (for Reflection ZFE clients only).
Updated Replication (to add Reflection ZFE preferences).
Check the Known Issues for potentially incompatible secure protocol settings.
The Entropy Gathering Device (EGD) was changed to/dev/urandom to resolve issues where installation and starting of applications may be slow or appear to hang on headless UNIX systems.
If the use of /dev/urandom is not acceptable or permitted in your environment, you can configure the applications to use dev/random. See the alternative solutions detailed in the Installation Guide.
Incompatible secure protocol settings. New installations of the Security Proxy Server are set to use TLS 1.2 for secure connections. When the client, such as Reflection Desktop, is set to use a security protocol other than TLS 1.2, the setting is incompatible.
Resolution: Either configure the client (Reflection Desktop) to use TLS 1.2 (more secure), or configure the Security Proxy Server to use TLS v1.1 or TLS v1 (less secure).
Note: Existing protocol configurations are preserved when Management and Security Server and the Security Proxy Server are upgraded, and sessions continue to work as expected.
If you use LDAP with TLS (LDAPS): After you upgrade Management and Security Server, you must re-establish trust of your LDAPS server. For details, see Installation Guide- Upgrading.
SAML authentication (for Reflection ZFE clients). Management and Security Server 12.5 does not support a web proxy or load balancer if the device is configured to handle the Identity Provider's Response to a SAML Authentication Request.
Resolution: The Identity Provider must return the SAML Response directly to the MSS server, bypassing the networking device. If this solution is not possible, contact Micro Focus Support for a workaround.
SAML authentication (for Reflection ZFE clients). When Management and Security Server is configured for Debug logging, the list of hosts that are whitelisted for SAML is not printed in the logging message.
After installing the Windows Desktop Emulation activation file in Management and Security Server, the browser instance running the administrative console needs to be closed and restarted to complete and enable activation.
Security Updates: http://support.attachmate.com/security/?prod=MSS
Product Documentation: https://support.microfocus.com/manuals/reflection.html?prod=MSS
Technical Resources, including documentation and technical notes: https://support2.microfocus.com/product/?prod=MSS
Product information, including the Management and Security Server (MSS) Add-Ons: https://www.microfocus.com/products/mss/
Updated Cryptographic Modules in Host Access Management and Security Server
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.microfocus.com/about/legal/.
Copyright © 2018 Attachmate Corporation, a Micro Focus company. All rights reserved.
The only warranties for this product and any associated updates or services are those that may be described in express warranty statements accompanying the product or in an applicable license agreement you have entered into. Nothing in this document should be construed as creating any warranty for a product, updates, or services. The information contained in this document is subject to change without notice and is provided “AS IS” without any express or implied warranties or conditions. Micro Focus shall not be liable for any technical or other errors or omissions in this document. Please see the product’s applicable end user license agreement for details regarding the license terms and conditions, warranties, and limitations of liability.
Any links to third-party websites take you outside Micro Focus websites, and Micro Focus has no control over and is not responsible for information on third party sites.