Tech Specs for Reflection for Secure IT Client for Windows

Connectivity
  • SSH1 protocol for compatibility with older protocol servers
  • SCP1 for compatibility with OpenSSH Servers
  • SSH2 protocol IETF SecSh Internet drafts (RFCs 4250–4254, 4256, 4462, 4344, 4345, and 4716)
Cryptographic Library Validation
  • FIPS 140-2 Level 1 (Certificate #1027)
User-Friendly Interfaces
  • Familiar graphical user interface
  • Batch/command-line scripting via ssh, sftp, and scp commands
  • Convenient setup for multihop connection
Secure File Transfer
  • SCP
    • Replaces the nonsecure rcp command
    • SCP1 support
  • SFTP
    • Replaces the nonsecure FTP protocol
    • Complies with draft-ietf-secsh-filexfer
  • Secure, graphical FTP client utility
    • Support for wide variety of FTP servers by SFTP protocol, FTP over SSH, standard FTP (unencrypted), FTP over SSL/TLS, and Kerberized FTP (TLS)
  • Servers supported
    • Windows-based, IBM System z (Mainframe), IBM System i (AS/400), UNIX, NetWare, Unisys, HP 3000, and OpenVMS
    • File browsing on IBM mainframes with no host-side intrusion or modification
    • Site-to-site transfer between servers
    • Automation tools (script recorder and Microsoft OLE Automation)
    • Preserve timestamps and file attributes during SFTP transfers
Tunneling
  • TCP port forwarding (Local/Remote)
  • FTP protocol (dual-channel)
  • X11 forwarding
  • Gateway port
  • RDP protocol (secures Microsoft remote desktop access)
Encryption Algorithms
  • MACs
    • HMAC-SHA1 and HMAC-SHA1-96
    • HMAC-SHA256 and HMAC-SHA512
    • HMAC-MD5 and HMAC-MD5-96
    • RIPEMD160
  • Key exchange
    • RSA
    • Diffie-Hellman
  • Ciphers
    • AES (128, 192, and 256-bit CTR)
    • AES (128, 192, and 256-bit CBC)
    • 3DES (3 56-bit key CBC)
    • Blowfish (128-bit CBC)
    • CAST (128-bit)
    • Arcfour (128- and 256-bit)
Authentication
  • Server authentication
    • Public key (RSA and DSA)
    • PKI X.509 certificates
    • GSSAPI
  • User authentication password
    • Local
    • Windows Domain (Active Directory) authentication
  • User authentication public key
    • RSA
    • DSA
    • Agent forwarding
    • Smart card support for agent forwarding
  • Keyboard interactive
    • RSA SecurID
    • RADIUS
    • Keyboard-interactive password
  • PKI X.509 certificates
    • Reflection Certificate Manager
    • Windows Certificate Manager (MSCAPI)
    • Online Certificate Status Protocol (OCSP) support
    • Certificate Revocation Lists (CRL)
    • LDAP/Active Directory retrieval of CRLs and intermediate CA certificates
    • PKCS #12 key and certificate storage
    • PKCS #11 smart card support
    • Shared trusted certificate store location
  • GSSAPI/Kerberos
    • Reflection Kerberos client
    • Microsoft SSPI logon credentials
    • Supports both user and host authentication using GSSAPI
Emulation Types
  • VT500 and VT420
  • VT320, VT220, and VT100
  • VT-UTF8
  • Linux Console
  • BBS-ANSI and SCO-ANSI
  • QNX
  • xterm
International Support
  • French
  • German
  • English
  • Japanese
Operating Systems
  • Microsoft Windows 8 Pro
  • Microsoft Windows 7
  • Microsoft Windows Vista (Service Pack 2)
  • Microsoft Windows XP (Service Pack 3)
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008 (including R2)
  • Windows Terminal Server
  • Citrix XenApp
System Requirements
  • Any system that meets the minimum requirements for the Microsoft Windows operating system
  • Network interface card
  • Disk space varies depending on the features installed