Host Access Management and Security Server

Specs

Host Access Management and Security Server

  • Tech Specs for Host Access Management and Security Server (MSS)

    Compliance

    • Compliance with United States Government Configuration Baseline (USGCB) security policy requirements

    Authentication

    • Microsoft Active Directory single sign-on
    • Support for NTLM 2
    • Public Key Infrastructure (PKI) support
    • Certificate Revocation List (CRL) support
    • Online Certificate Status Protocol (OCSP) support
    • Certificate policy support
    • X.509 certificate support for CAC, PIV, and other smart cards
    • Kerberos 5 with Microsoft Active Directory
    • Directory Support, including support for Active Directory, NetIQ eDirectory, OpenLDAP, and other RFC compliant directory servers
    • Support for Micro Focus Advanced Authentication

    Authorization (Access Control)

    • LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
    • Access control for session access based on individual identity or LDAP group membership
    • LDAP-based access control enforced through secure token authorization technology
    • Dynamic LDAP group support
    • Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

    Auditing

    • MSS Management Server log
    • MSS Security Proxy Server log
    • MSS Metering Server log
    • Log data tracks usage by LDAP-distinguished names

    Encryption

    • FIPS 140-2-validated cryptographic module (Certificate #2468)
    • TLS and HTTPS
    • 256-bit AES, 128-bit AES, and Triple DES
    • RSA
    • DSS/Diffie-Hellman

    Support for MSS add-On components

    • Security Proxy Add-On: Deliver end-to-end encryption and enforce access control at the perimeter with patented security technology.
    • Advanced Authentication Add-On: Enable multifactor authentication to authorize access to your valuable host systems.
    • Automated Sign-On for Mainframe Add-On: Enable automated sign-on to IBM 3270 applications via your identity and access management system.
    • PKI Automated Sign-On Add-On: PKI-enable automated application sign-on to your critical enterprise systems.
    • Terminal ID Management Add-On: Dynamically allocate terminal IDs based on username, DNS name, IP address, or address pool.

    Installation support

    • Automated installer for Windows and Linux with all necessary components
    • Automated installer for Linux on Z runs with your supplied Java runtime
    • Native 64-bit installer support for 64-bit versions of Windows and Linux

    Server platforms supported

    • SUSE Linux Enterprise Server (SLES) 11.x
    • Red Hat Enterprise Linux 7
    • Windows 2008 Server R2 SP1
    • Linux on Z Systems
      • SUSE Linux Enterprise Server (SLES) 11
      • Red Hat Enterprise Linux 7

    System requirements

    • Workstations running Micro Focus client software (see Micro Focus Clients Supported above)
      • A web browser that supports Java 8 or above
      • Java Runtime Environment 8 or above
    • MSS Administrative Console
      • A web browser that supports Java 8 or above
      • Java Runtime Environment 8 or above
    • MSS Administrative Server, Metering Server, and Terminal ID Management Add-On
      • Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2
    • MSS Security Proxy Add-On
      • Java Runtime Environment 8 or above
    • MSS Advanced Authentication Add-On
      • Micro Focus Advanced Authentication Appliance 5.2 or above
    • MSS Automated Sign-On for Mainframe Add-On
      • IBM Digital Certificate Access Service (DCAS) running on z/OS
      • OS/390 V2R10 or above
      • RACF configured for DCAS

    Micro Focus clients supported

  • Tech Specs for MSS Advanced Authentication Add-On

    Micro Focus clients supported

    • Extra! X-treme
    • InfoConnect
    • InfoConnect Desktop Pro
    • Reflection Desktop
    • Reflection Desktop for X
    • Reflection 14.1
    • Reflection X 14.1
    • Rumba+ Desktop 9.4.1

    Compliance

    • Compliance with United States Government Configuration Baseline (USGCB) security policy requirements.

    Authentication

    • Microsoft Active Directory single sign-on
    • Support for NTLM 2
    • Public Key Infrastructure (PKI) support
    • Certificate Revocation List (CRL) support
    • Online Certificate Status Protocol (OCSP) support
    • Certificate policy support
    • X.509 certificate support for CAC, PIV, and other smart cards
    • Kerberos 5 with Microsoft Active Directory
    • Directory Support, including support for Active Directory, NetIQ eDirectory, OpenLDAP, and other RFC compliant directory servers

    Authorization (Access Control)

    • LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
    • Access control for session access based on individual identity or LDAP group membership
    • LDAP-based access control enforced through secure token authorization technology
    • Dynamic LDAP group support
    • Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

    Auditing

    • MSS Management Server log
    • MSS Security Proxy Server log
    • MSS Metering Server log
    • Log data tracks usage by LDAP-distinguished names

    Encryption

    • FIPS 140-2-validated cryptographic module (Certificate #2468)
    • SSL/TLS and HTTPS
    • 256-bit AES, 128-bit AES, and Triple DES
    • RSA
    • DSS/Diffie-Hellman

    Support for MSS add-on components

    • Security Proxy Add-On: Deliver end-to-end encryption and enforce access control at the perimeter with patented security technology.
    • NEW Advanced Authentication Add-On: Enable multifactor authentication to authorize access to your valuable host systems.
    • Automated Sign-On for Mainframe Add-On: Enable automated sign-on to IBM 3270 applications via your identity and access management system.
    • PKI Automated Sign-On Add-On: PKI-enable automated application sign-on to your critical enterprise systems.
    • Terminal ID Management Add-On: Dynamically allocate terminal IDs based on username, DNS name, IP address, or address pool.

    Installation support

    • Automated installer for Windows, Linux, zLinux, and Solaris, with all necessary components including Tomcat servlet engine and Oracle Java Runtime Environment
    • Native 64-bit installer support for 64-bit versions of Windows and Linux
    • WAR file installer for servlet runners and application servers

    System requirements

    • Workstations running Micro Focus client software (see Micro Focus Clients Supported above)
      • A web browser that supports Java 8 or above
      • Java Runtime Environment 8 or above
    • MSS Administrative Web Station
      • A web browser that supports Java 8 or above
      • Java Runtime Environment 8 or above
    • MSS Administrative Server, Metering Server, and Terminal ID Management Add-On
      • Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2
    • MSS Security Proxy Add-On
      • Java Runtime Environment 8 or above
    • MSS Advanced Authentication Add-On
      • Micro Focus Advanced Authentication Appliance 5.2 or above
  • Tech Specs for MSS Security Proxy Add-On

    Micro Focus clients supported

    • Extra! X-treme
    • InfoConnect
    • InfoConnect Desktop Pro
    • Reflection Desktop
    • Reflection Desktop for X
    • Reflection 14.1
    • Reflection X 14.1

    Compliance

    • Compliance with United States Government Configuration Baseline (USGCB) security policy requirements.

    Authorization (Access Control)

    • LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
    • Access control for session access based on individual identity or LDAP group membership
    • LDAP-based access control enforced through secure token authorization technology
    • Dynamic LDAP group support
    • Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

    Auditing

    • MSS Management Server log
    • MSS Security Proxy Server log
    • MSS Metering Server log
    • Log data tracks usage by LDAP-distinguished names

    Encryption

    • FIPS 140-2-validated cryptographic module (Certificate #2468)
    • SSL/TLS and HTTPS
    • 256-bit AES, 128-bit AES, and Triple DES
    • RSA
    • DSS/Diffie-Hellman

    Installation support

    • Automated installer for Windows, Linux, zLinux, and Solaris, with all necessary components including Tomcat servlet engine and Oracle Java Runtime Environment.
    • Native 64-bit installer support for 64-bit versions of Windows and Linux.
    • WAR file installer for servlet runners and application servers.

    System requirements

    • Workstations running Micro Focus client software (see Micro Focus Clients Supported above)
      • A web browser that supports Java version 8 or above
      • Java Runtime Environment version 8 or above
    • MSS Administrative Web Station
      • A web browser that supports Java version 8 or above
      • Java Runtime Environment version 8 or above
    • MSS Administrative Server, Terminal ID Management Server, and Metering Server
      • Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2
    • MSS Security Proxy
      • Java Runtime Environment version 8 or above2
  • Tech Specs for MSS Terminal ID Management Add-On

    Micro Focus clients supported

    • Extra! X-treme
    • InfoConnect
    • InfoConnect Desktop Pro
    • Reflection Desktop
    • Reflection Desktop for X
    • Reflection 14.1
    • Reflection X 14.1

    Compliance

    • Compliance with United States Government Configuration Baseline (USGCB) security policy requirements.

    Authorization (Access Control)

    • LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
    • Access control for session access based on individual identity or LDAP group membership
    • LDAP-based access control enforced through secure token authorization technology
    • Dynamic LDAP group support
    • Secure terminal and file transfer connections to multiple hosts through a single port in the firewall

    Auditing

    • MSS Management Server log
    • MSS Security Proxy Server log
    • MSS Metering Server log
    • Log data tracks usage by LDAP-distinguished names

    Encryption

    • FIPS 140-2-validated cryptographic module (Certificate #2468)
    • SSL/TLS and HTTPS
    • 256-bit AES, 128-bit AES, and Triple DES
    • RSA
    • DSS/Diffie-Hellman

    Installation support

    • Automated installer for Windows, Linux, zLinux, and Solaris, with all necessary components including Tomcat servlet engine and Oracle Java Runtime Environment
    • Native 64-bit installer support for 64-bit versions of Windows and Linux
    • WAR file installer for servlet runners and application servers

    System requirements

    • Workstations running Micro Focus client software (see Micro Focus Clients Supported above)
      • A web browser that supports Java version 8 or above
      • Java Runtime Environment version 8 or above
    • MSS Administrative Web Station
      • A web browser that supports Java version 8 or above
      • Java Runtime Environment version 8 or above
    • MSS Administrative Server, Terminal ID Management Server, and Metering Server
      • Java Servlet 2.3-compliant servlet engine and Java Server Pages (JSP) 1.2
    • MSS Security Proxy
      • Java Runtime Environment version 8 or above 2
release-rel-2019-10-3-3057 | Wed Oct 30 19:30:10 PDT 2019
3057
release/rel-2019-10-3-3057
Wed Oct 30 19:30:10 PDT 2019