Your browser does not allow storing cookies. We recommend enabling them.

Tectia SSH Server for z/OS on IBM zSeries Mainframes

Mainframe systems are still the core of many big data environments. Unfortunately, many of the legacy applications in these environments still use insecure communications protocols. Tectia SSH Server for z/OS adds security without impacting legacy applications, batch processes, or JCL.

The Leading Native z/OS SSH Server Implementation

SSH.COM offers the only SSH implementation on the market that is native to z/OS. While the non-commercial OpenSSH is a UNIX (USS) tool and limited in its z/OS features, Tectia SSH for z/OS provides a platform-native toolset that mainframe administrators are familiar with. Customer organizations do not need to spend valuable resources in educating their mainframe system administrators and system programmers on UNIX, USS, and HFS/ZFS. OpenSSH for z/OS is also limited in features such as dataset conversions into a UNIX, FTP to SFTP conversion, support for ISPF panels, and support for SSH key management.

Native Mainframe SSH - Born on z/OS

It all comes down to time, money, and value - Tectia SSH for z/OS is a mainframe SSH solution that offers key features that make migration from insecure FTP to secure SFTP as easily as possible.

Unique package of z/OS-specific features:

  • Direct access to MVS datasets - no need to stage your files to HFS.
  • ISPF install interface.
  • Off the shelf support for Universal SSH Key Manager.
  • Full code page support and line feed conversion on all platforms.
  • Seamless conversion of FTP to SFTP. No JCL changes.
  • Hardware Cryptography and ICFS support.
  • Support for File JES to send JCL scripts securely to the JES reader.
  • Compliance with PCI-DSS, SOX, FIPS, FIS-MA, and other regulations.
  • Seamless interoperation with all popular SSH clients and servers.

Tectia SSH for z/OS offers a fully platform integrated native SSH and SFTP implementation for the IBM z/OS and System Z platform. Tectia SSH Server for IBM z/OS provides:

  • Secure file transfer (SFTP)
  • Secure shell access (SSH)
  • Remote shell command execution
  • Secure TCP tunneling
  • Transparent secure TN3270 connections

Replacing FTP for Mainframes - The Rise of Seamless SFTP

Insecure FTP is obsolete, and should not be used because of the serious security flaws associated with the protocol. This is an accepted fact in the distributed (Unix, Linux, and Windows) server world. Unfortunately, this statement is not as true as it should be in many organizations that employ mainframes. Many large respected organizations still put their reputation and valuable data at risk every day by continuing to use the obsolete and insecure FTP protocol.

Relying on legacy protocols for critical file transfers and administrative connections is a risky proposition, but we understand why large mainframe users have been slow to adopt SFTP and SSH as the safe and secure standard.

Converting large volumes of JCL scripts and legacy applications to use secure alternatives to FTP can be costly and time consuming. Rewriting and testing old JCL scripts is not an attractive task, especially if it may result in breaking existing business processes.

Compliance Concerns at Mainframes

SSH is used commonly for securing file transfers and privileged access to and from mainframe systems. The use of SSH keys for access is widespread. This requires the mainframe systems to comply with regulatory mandates and best practises.


Premium Support for Premium Customers

SSH.COM is the secure remote access provider of choice for hundreds of Fortune 500 companies. Our enterprise grade security solutions are professionally supported by a team of industry leading security experts. We offer support services for our solutions under different support plans, including 24x7 support for premium customers.

Read more about SSH Support Services.

Tectia SSH on Mainframes - More Information

For more information, contact your local SSH.COM expert




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now