View
44
Download
1
Category
Tags:
Preview:
DESCRIPTION
Mike Rogers Director of Development, Reflection 2007. Deploying Reflection for IBM 2007 for Maximum Security. Agenda. Goals of secure deployment Deployment preparation walkthrough Securing of data stream Limiting user capabilities Preventing unauthorized configurations and macros - PowerPoint PPT Presentation
Citation preview
Mike RogersDirector of Development, Reflection 2007Deploying Reflection for IBM 2007 for Maximum Security
Agenda• Goals of secure deployment• Deployment preparation walkthrough
– Securing of data stream– Limiting user capabilities– Preventing unauthorized configurations and macros– Protecting sensitive data– Preparing your workstation installation
• Strategic future directions• Where to get more information• Q & A
Deployment PreparationWalkthrough
Security Considerations
5
Secure D
eployment
6
Securing the Data Stream
• Goals– Protect sensitive data from being transmitted in “the
clear.”– Utilize strong certificate-based authentication methods.– Use ELF for sign on to IBM Mainframes.
• Tools– Security Configuration in Reflection for IBM 2007– Reflection Certificate Manager
• Results– Configuration files that will be deployed to end-users
7
Limiting User Capabilities
• Goals– Prevent users from reconfiguring key configuration values.– Hide product functions from users.
• Tools– Access Configuration Utility– Ribbon UI Designer
• Results– Access Security Configuration Files– UI Configuration Files– Capability of elevating to Administrator on end-user PCs
8
Preventing Unauthorized Configurations and Macros
• Goals– Prevent users from running “uncontrolled” macros.– Allow users to only connect to hosts you want them to.– Centrally manage macros and configuration files.
• Tools– Trusted Locations Configuration User-Interface
• Results– Application Configuration File
9
Protecting Sensitive Data
• Goals– Prevent users from capturing sensitive data on the
clipboard, to the printer, and to other applications such as Microsoft Office.
– Allow users to capture pertinent non-sensitive data while masking sensitive data.
– Define custom data patterns that are deemed sensitive.• Tools
– Privacy Filters• Results
– Application Configuration File
10
Preparing Your Workstation Installation
• Goals– Create an pre-configured installation that can be used for a
group of users.– Pre-package configuration data, macros and other files
with the product installation.– Deliver data into “best practice” locations on the PC.
• Tools– Reflection Customization Tool
• Results– Microsoft Installer Transform File– Companion Installer(s) for configuration data and user data
Future Directions
12
Future Directions
• Communication Security– Continued Support for Emerging Industry Standards and
Certifications.• Information Privacy
– Filtering of on-screen data– Masking of user-input
• Configuration and Macro Security– Signed macros and session files
• Platform Integration– Microsoft Group Policy Support
13
Where to get more information• Reflection for IBM 2007 product page:
http://www.attachmate.com/en-US/Products/Host+Connectivity/Terminal+Emulation/Reflection/ribm/ribm.htm
• Reflection for IBM 2007 evaluation version download page:
• http://www.attachmate.com/en-US/Evals/ribm/eval-form.htm
• Reflection for IBM 2007 technical specification: http://www.attachmate.com/en-US/Products/Host+Connectivity/Terminal+Emulation/Reflection/ribm/tech-specs.htm
14
Where to get more information (continued)
• Reflection for IBM 2007 Evaluation Guide: http://www.attachmate.com/docs/Reflection/2007/R1/Eval/R2007EvalGuide.pdf
• Bryan Grunow, lead software engineer, Bryan.Grunow@attachmate.com
• Kris Lall, product manager, kris.lall@attachmate.com
• Damon Dreke, product marketing manager, Damon.Dreke@attachmate.com
Q & A
Recommended