This technical note outlines the new features available in Reflection for Secure Windows Server 7.1 (released April 2009).
Note: Reflection for Secure IT version 8.0 is available beginning in November 2012. For a list of new features in 8.0, see KB 7022023.
Reflection for Secure IT Windows Server 7.1 New Features
- SFTP and SCP2 Smart Copy saves time and bandwidth by eliminating the redundant transfer of identical files.
- Granular file transfer permissions enable you to decide at a global, host, group, and user level, whether users will be able to upload, download, browse, delete, or rename files and directories.
- Centralized Public Key Infrastructure (PKI) support significantly reduces the administrative burden of managing PKI functions such as root certificate trust anchors, certificate stores, certificate revocation checking, certificate mapping, and audit logging.
Note: Reflection PKI Services Manager is included as a component of Reflection for Secure IT, at no additional cost. It is a separate download and installation. See KB 7021870 for more information.
- Updated FIPS 140-2 validated crypto module leverages newer and stronger encryption algorithms including arcfour128 and arcfour256.
- IPv6 support enables Reflection to operate in a pure IPv6 environment.
- Support for the Microsoft Certificate Store uses Windows Server's built-in certificate storage and management capabilities to reduce certificate management overhead and lock down access to the server certificate's private key.
- Support for the SSH break extension sends session breaks during interactive secure shell sessions, thereby removing a barrier that some organizations have to fully replacing telnet with secure shell.
- Support for checkpoint resume supports automatic resume of interrupted file transfers.
- Configurable time zone for debug time stamps provides the ability to choose between the local time zone or the Universal/Greenwich (UTC) time zone for time stamps in debug logs.
- FTP over SSH for both active and passive mode connections enables you to securely use existing FTP-based scripts through a secure SSH tunnel.
Reflection for Secure IT Windows Server 7.1 Additional Features
In addition to the new features introduced in this release, 7.1 also includes features that 6.x users are familiar with:
- Single declaration to map all physical drives to virtual root shares all local drives through a single configuration statement.
- RSA SecurID authentication leverages the added security provided through RSA secure token devices.
- RADIUS authentication authenticates users through a RADIUS server.
- Ssh-certtool utility enables you to create a a PKCS#10 certificate request or to create a PKCS#12 package containing a private key and one or more certificates.
- Certificate-based client and server authentication (PKI support) integrates Reflection for Secure IT servers into your Public Key Infrastructure (PKI).
- Granular control over settings for client connections by IP address or domain name provides the ability to fine-tune authentication methods, virtual directories, supported applications (ssh, sftp, scp), and encryption settings on a per-client-system basis.
- Immediate disconnection of blocked accounts and failed authentication and informative authentication failure methods enable you to balance security and troubleshooting requirements.
- AES Counter Mode (CTR) Cipher Algorithms protects against known vulnerabilities in the SSH protocol.
- HMAC-sha256/sha512 MAC Algorithms use a strong, non-MD5 MAC algorithm.
Obtaining Your Product Upgrade
Maintained customers are eligible to download the latest product releases from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/.
You will be prompted to login and accept the Software License Agreement before you can select and download a file. For more information on using the Download Library web site, see KB 7021965.
For information about purchasing Reflection for Secure IT, please e-mail us: SalesRecept@attachmate.com.
For information about Reflection for Secure IT supported platforms, see KB 7022010.
Installing or Upgrading to Reflection for Secure IT Windows Server 7.1 References
For information about installing Reflection for Secure IT Windows Server 7.1, see the Installing topic in the User Guide, which is available in the product or from the documentation page, http://support.microfocus.com/manuals/rsit_win_server.html.
For information about upgrading to version 7.1, see KB 7022013.
Legacy KB ID
This document was originally published as Attachmate Technical Note 2415.