Tech Specs
Reflection for the Web Unisys Edition

Emulation types
  • Unisys Clearpath Dorado Systems
    • UTS20, UTS40, UTS60, and UTS70
  • Unisys Clearpath Libra Systems
    • T27
  • IBM System z (Mainframe)
    • 3179, 3180, 3196, 3197, 3270, 3278, 3477, 3486, and 3487
    • Models 2 (24x80), 3 (32x80), 4 (43x80), and 5 (27x132)
  • IBM System i (AS/400)
    • 5250, 5251, and 5291
  • UNIX, Linux, and OpenVMS
    • VT52, VT100, VT220, VT320, and VT420
  • HP e3000
    • HP2392 and HP700/9x
Network protocols
  • All host types
    • IPv4/IPv6
  • Unisys Clearpath Dorado Systems
    • INT1 and SSL/TLS
  • Unisys Libra Systems
    • TCPA and SSL/TLS
  • IBM System z
    • TN3270, TN3270E, and SSL/TLS
  • IBM System i
    • TN5250 and SSL/TLS
  • UNIX, Linux, OpenVMS, and HP e3000
    • Telnet, NS/VT, SSL/TLS, and Secure Shell (SSH2)
File transfer
  • SFTP (SSH2) support
  • Secure FTP (SSL/TLS-wrapped)
    • Works with any conventional FTP server
    • Secure access to multiple FTP hosts through one firewall port
    • LDAP-based access control using secure token authorization
    • Reflection Security Proxy Server hides the FTP server name/port and protects the host from external exposure
  • Standalone FTP client (independent of emulator)
  • FTP command line interface
  • FTP with automatic detection of ASCII and binary formats and preset file transfer configurations
  • Autoconnect support for FTP client
  • IBM System z IND$FILE file transfer for CMS, TSO, or CICS
  • Browse host files for IND$FILE (for quick access to host file lists)
  • IBM System i data transfer
  • Ability to save frequently used IND$FILE, FTP, and System i file transfers
Compliance
  • Complies with United States Government Configuration Baseline (USGCB) security policy requirements
Authentication
  • Microsoft Active Directory single sign-on
  • Kerberos v5 with Microsoft Active Directory
  • Support for NTLM v2
  • LDAP integration with Microsoft Active Directory, RACF, NetIQ eDirectory, Oracle Directory Server, IBM Tivoli Directory Server, and OpenLDAP
  • Public Key Infrastructure (PKI) support
  • Certificate Revocation List (CRL) support
  • Online Certificate Status Protocol (OCSP) support
  • Certificate policy support
  • X.509 certificate support for CAC, PIV, and other smart cards
  • Automatic Kerberos sign-on (System i)
  • Integration with IBM WebSphere, Oracle WebLogic, and CA SiteMinder web portals
Encryption
  • FIPS 140-2-validated cryptographic module (Certificate #2468)
  • SSL/TLS (via the Reflection Security Proxy Server or direct to host)
    • 256- and 128-bit AES, Triple DES, and DES encryption
  • Secure Shell (SSH2)
    • 256- and 128-bit AES, Triple DES, and DES encryption (128/192/256 bit; cbc/ctr)
  • SHA-256 and TLS 1.2 support
Authorization (access control)
  • LDAP integration to restrict terminal, printer, and file transfer session access to authorized users
  • Personalization of a wide variety of parameters, such as LU/device name, based on user identity, DNS name, or IP address
  • LDAP-based access control through secure token technology
  • Dynamic LDAP group support
  • Secure terminal and file transfer connections to multiple hosts through a single port in the firewall
  • Dynamic LDAP group support
  • Secure terminal and file transfer connections to multiple hosts through a single port in the firewall
Auditing
  • Host Access Management and Security Server (MSS), Management Server log
  • Host Access Management and Security Server (MSS), Security Proxy Server log
  • Host Access Management and Security Server (MSS), Metering Server log
  • Log data tracks usage by LDAP distinguished names
Key exchange
  • RSA
  • DSS/Diffie-Hellman
Printing
  • Screen printing, with configurable headers and footers
  • Configurable support for form feeds in IBM 3270 LU3 printer sessions
  • T27 printer with TCPA communications protocol
  • IBM 3287
  • IBM 3812 (HPT and non-HPT)
  • VT logging and controller-mode printing
  • HP pass-through printing
Programming and automation
  • JavaScript macro recorder and editor
  • Macro sharing
  • Centralized creation and management of macros by administrators
  • Macro mapping to keystrokes, mouse triggers, and customizable toolbar buttons
  • URL recognition and opening from emulation client
  • Password prompt for recorded macros
  • Java-based API for scripting applets with JavaScript, VBScript, or Java
  • Compatibility with Host Access Class Library (HACL)
  • Programmatic access to FTP file transfer
  • Customizable tooltips on the Button Palette
  • Keyboard mapping, compatible with Windows, Linux, or other keyboards
  • Mouse action mapping, compatible with any Windows, Linux, or other mice
  • Customizable toolbar
  • Toolbar buttons mappable to commands, terminal keys, keyboard actions, macros, and file transfer requests
  • 3270 and 5250 light pen support
Web-based administrative tools
  • Host Access Management and Security Server (MSS), Metering Server
    • Usage logging
    • Session number limitation
    • License enforcement
    • Works in Citrix scenarios
  • Host Access Management and Security Server (MSS), Management Server
    • Automated management server data replication for load-balanced environments
    • Step-by-step configuration for web-based host sessions
    • LDAP-based control of host access
International support
  • English, French, German, and Italian language support
  • ROECE Latin code page (Eastern Europe) for IBM System z and IBM System i
  • Extensive international code page and keyboard support, including Eastern European and Cyrillic code pages and character sets
Server installation support
  • Compatible with server platforms that support Java 8 or above, including Windows Server, Linux, zLinux, UNIX, and z/OS
  • Includes 64-bit installer support for 64-bit versions of Windows and Linux
  • Automated installer for Windows, Linux, and Solaris, with all necessary components including Tomcat servlet engine and Oracle Java Runtime Environment
System requirements
  • Reflection for the Web Clients and Administrative WebStation
    • Web browser enabled for Java 8 or above, such as Internet Explorer or Mozilla Firefox
    • TCP/IP network connection
    • Hardware system that meets the minimum requirements for the Java Runtime Environment
  • Host Access Management and Security Server (MSS), Security Proxy Server
    • Server running Java Runtime Environment 8 or above
  • Host Access Management and Security Server (MSS), Management Server, ID Management Server, and Metering Server
    • JDK 8 or above
    • Servlet engine or application server compliant with Java Servlet Specification 2.3 and Java Server Pages (JSP) 1.2, such as Tomcat (Note: Apache Tomcat is part of the installation for MSS)