mainframe security software

Secure mainframe communications

Tectia SSH Server for IBM z/OS is the most trusted secure FTP server software in the industry. It's easy to set up and combines enterprise-grade reliability with high performance and a light toll on cryptographic processing.

Request pricingGet free trial

Tectia_zOS_background_square_03-01

Data communications – (often) the weakest link in mainframe security

 

  • Mainframes are an integral component of large IT infrastructure, handling 68% of the world's production IT workloads. One reason for their popularity is their built-in advanced security features.

  • Despite the internal robustness of mainframes, failing to properly secure data communications will create an obvious vulnerability in the mainframe security architecture. The FTP protocol, still commonly in use, transmits data in plain text format – easily readable by anyone who can intercept the communications.

  • Exposures increase the risk of breaches, rising Total Cost of Ownership (TCO), potential outages, and compliance issues.

  • Without dedicated solutions, secure file transfers are not only difficult to set up but also inefficient - using costly CPU cycles, increasing the operating and administration costs, complexity, time delays, and potential errors.

How does Tectia help you with mainframe security?

Secure-file-transfer

Seamless transition to secure data transfers

Safeguard your data with the latest encryption algorithms and enable transition from File Transfer Protocol (FTP) to SSH File Transfer Protocol (SFTP). The set up is easy without Job Control Language (JCL) modifications, breaking your existing file transfers or requiring manual changes to scripts.

Shield

Eliminate manual steps

Get direct access to MVS datasets. This is convenient since there is no need to stage your files to Hierarchical File System (HFS) – an extra step in the process that increases the risk of manual error and requires expertise.

Checklist

Stay compliant & ensure business continuity

A great number of regulations require that your critical data transfers are protected, such as PCI-DSS, SOX, HIPAA, FISMA, FIPS.

We want to make sure that you stay compliant and enjoy uninterrupted operations. We provide 24/7 support and professional services for large-scale setups.

Success

Encryption beyond the norm

We have a proven, 25-year-long track record as pioneers and innovators in encryption. SSH is a leading player in post-quantum cryptography (PQC): we develop it together with other leading companies and authorities in Finland.

Main features:

Ease of use

  • ISPF application for installation and configuration
  • Configurable FTP fallback option for controlled and phased deployment
  • System-wide and user-specific file transfer profiles
  • Listing of MVS data sets as files and folders for easy interactive command line

User and server authentication

  • Authentication and access control through SAF calls to RACF, ACF2, and TSS
  • User authentication with passwords
  • User and server authentication with X.509 certificates
  • User and server authentication with public keys
  • Logging and auditing using SMF records and Syslogd facilities

Secure File Transfer Protocol (SFTP)

  • Transparent, automatic FTP-SFTP conversion
  • Transparent FTP tunneling
  • Multi-terabyte file size support
  • Strong encryption of data
  • Strong packet-by-packet file integrity checking
  • SFTP and SCP command-line tools for interactive and unattended use
  • Transparent, automatic FTP-SFTP conversion
  • Transparent FTP tunneling
  • Multi-terabyte file size support
  • Strong encryption of data
  • Strong packet-by-packet file integrity checking
  • SFTP and SCP command-line tools for interactive and unattended use
  • Secure against the quantum threat, with Quantum-Safe Algorithms

Mainframe security

  • Automatic transparent encryption of data-in-transit, including user ID and password
  • Hardware acceleration of cryptographic operations
  • Support for U.S. NIST FIPS 140-2 Certified hardware acceleration
  • Configurable re-keying policies
  • Multi-channel support - multiple secure sessions are multiplexed to a single TCP/IP connection
  • Compliance with the IETF Secure Shell standards
Tectia_zOS_background_square_06-01

Who is Tectia for?

 

Organizations that get the most out of Tectia SSH Server for IBM z/OS, generally:

  • Need to comply with regulations, such as PCI-DSS or FIPS. For example, US Federal agencies, large financial institutions, credit card companies, retailers, insurance companies, etc.
  • Require massive file transfers 
  • Need mainframe security controls to mitigate risk from unauthorized use
  • Need seamless transition from FTP to SFTP

 

Read how a major banking and finance institution secured their critical mainframe communications with Tectia >

Learn more about Tectia customers

Tectia is trusted by some of the world's leading enterprises.

Tectia references

Mainframe security resources

Tectia_zOS_dat_sheet_mockup
mainframe security solution tectia

Tectia SSH Server for IBM z/OS Datasheet

Find more technical details about mainframe security software Tectia. In-depth information about the technical specifications of Tectia.

Read the datasheet >

Case_Study_TECTIA_zOS_Mockup

case study: secure mainframe file transfer

Banking & Finance Institute Secure Mainframe Communications

Learn how one of our customers, an Australian bank and financial services provider with +10k employees, secured their mainframe communications by migrating from FTP to SFTP with Tectia.

Read the case study >

Blog post

The mainframe isn’t going anywhere – how can we secure it?

Mainframes are still a crucial component of IT infrastructures. Without proper mainframe security and mainframe security software, organizations are at risk.

Read the blog post >

Try Tectia SSH Server for z/OS for free!

Download the trial to get started on your Tectia journey. Try it for free for 60 days!

Start Tectia z/OS trial!