Your browser does not allow storing cookies. We recommend enabling them.

SSH

Secure TN3270 Application Connectivity to IBM Mainframes

TN3270 terminal emulation is widely used on Windows workstations to provide enterprise end users with a direct access to IBM mainframe applications. While many organizations have not implemented encryption controls for TN3270 application connections, sensitive data and user passwords are constantly exposed in the enterprise networks.

With the Tectia solution, organizations can easily and cost-effectively secure their TN3270 connections completely transparently to end users and continue to use their existing TN3270 applications as before.

Transparent TN3270 tunneling requires that Tectia Client or ConnectSecure is installed on the Windows workstations. Next, the administrator specifies tunneling rules for the TN3270 application connection(s) that need to be secured. Alternatively, it is possible to require that all terminal connections initiated by a certain terminal emulator will be tunneled.

When the terminal client accesses a remote mainframe, Tectia captures the connection transparently and establishes a secure tunnel between the workstation and IBM z/OS system. All TN3270 application connection traffic is then transmitted over an encrypted Secure Shell tunnel, ensuring confidentiality of passwords and application data.

Secure TN3270 application connectivity to IBM mainframe and secure file transfer to and from IBM mainframes

Figure 5.4. Secure TN3270 application connectivity to IBM mainframe and secure file transfer to and from IBM mainframes

End users can continue to use their existing terminal emulator clients and there is no need to introduce a new authentication layer, as RACF passwords or certificates can be used for authentication. End-user and application transparency makes Tectia a highly cost-effective solution for securing both interactive end-user connections and automated file transfers to and from IBM mainframes.


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more