Reflection Security Gateway 2014 R2 - Release Notes

  • 7022085
  • 11-Feb-2015
  • 25-Mar-2018


Reflection Security Gateway 2014 (All Editions) R2


This technical note lists the product enhancements in Reflection Security Gateway 2014 R2 (Release 2), and includes release notes about known issues and additional resource information.

Note: The successor product, Host Access Management and Security Server 12.2, released October 2015. For more information about this upgrade, see KB 7021613.

Host Access Management and Security Server 12.3 released in June, 2016. See KB 7021619.



Micro Focus became aware of a serious security vulnerability in this product that could lead to an information disclosure from the server(s) where it is installed. This vulnerability has been corrected in Reflection Security Gateway 2014 R2 (12.1.362). See for more information.

Features Introduced in this Version

  • Ability to use Reflection Automated Sign-On for Mainframe, an add-on that enables automated sign-on for legacy green screen sessions hosted on z/OS systems, including 3270 sessions. For more information, see KB 7022087.
  • Enhanced HTTPS Certificate Utility, which is used to manage Tomcat server certificates. More certificate formats are supported, and certificates can be generated with key lengths of up to 4096 bits.
  • Ability to directly configure "X.509 with LDAP failover" authentication in the Administrative WebStation (instead of manually).
  • Support for SHA-2 certificates and Reflection PKI Services Manager in the "X.509 with LDAP failover" access control module.
  • Support for SHA-2 certificates in the Reflection Security Proxy Server.
  • Keychain to enhance protection of sensitive data stored by the Administrative WebStation.
  • MSI packages are now deployed when sessions are accessed from either the links list or from direct session URLs. For direct session URLs, packages are deployed only if launching Windows-based sessions.
  • Support for Java 8 clients and servers.
  • Enhanced LogViewer User Interface.
  • Support for dynamic LDAP groups with NetIQ eDirectory (formerly Novell eDirectory).
  • Enhanced Logging. Standardized logging is available for the Initial Configuration Utility, Configuration Upgrade Utility, Password Change Utility, and the HTTPS Certificate Utility. Each utility writes to a log that is specific to that utility.
  • Ability to add a searchable "LOG_MARK" message to the trace log files on all management servers.

Known Issues

There are no known issues.

If you encounter a problem in Reflection Security Gateway 2014 R2, contact Attachmate Technical Support for information about either a potential update to resolve the issue or configuration changes to work around the issue.

Reflection Security Gateway 2014 R2 Limited Edition

Reflection Security Gateway 2014 R2 Limited Edition is available only as a component of Reflection Enterprise Suite 2014 R2.

The Limited Edition has the same components as Reflection Security Gateway 2014 R2, except that it does not include the Reflection Security Proxy Server; manages only Reflection 2014 emulation clients for HP, IBM, UNIX, and OpenVMS host types; and does not support access control methods that use X.509 certificates for authentication to the Reflection Management Server.

Obtaining Your Product

Maintained customers are eligible to download the latest product releases from Attachmate Downloads:

For more information on using Downloads, see KB 7021965.

For information about purchasing Reflection Security Gateway 2014 R2, please email us:

Installing or Upgrading Your Product

For information about installing your product, see the Reflection Security Gateway 2014 R2 Installation Guide:

If you are installing the product over an existing installation, see "Upgrading from a Previous Version" in the Installation Guide.

Technical Resources

For more information about Reflection Security Gateway 2014 R2, including product documentation, additional technical notes, and lifecycle, see the Technical Resources page:

Additional Information

Legacy KB ID

This article was originally published as Attachmate Technical Note 2768.