Technical Notes

When you implement automated sign-on macros for sessions you administer, a user will not have to enter his or her username and password every time he or she logs onto a host. Single sign-on macros can reduce the incidence of help desk calls that occur when a user forgets his or her password, and lessen the security risk associated with users keeping a written record of password information. You can set up single sign-on macros for any emulation type and create express logon macros for access to IBM mainframes.

For more information, see Technical Note 1876.

Enabling this option provides end to end encryption by tunneling an SSL/TLS direct connection to the host through the security proxy. Without this feature, the client encrypts data to the security proxy server, but the data from the proxy server to the host is unencrypted. End to end encryption can be set up for a host that supports SSL connections.

Smart cards are an alternative to installing client certificates permanently on local hard drives, simplifying user authentication and preventing unauthorized capture of passwords over networks. Reflection for the Web supports sessions connecting with PKCS #11 (Public-Key Cryptography Standard) smart card readers. If multiple certificates are present, Reflection for the Web provides an interface for selecting the correct certificate for the host connection.

For more information about this feature, see Technical Note 1842.