Download
1 / 15
150 likes | 244 Views
Mike Rogers Director of Development, Reflection 2007. Deploying Reflection for IBM 2007 for Maximum Security. Agenda. Goals of secure deployment Deployment preparation walkthrough Securing of data stream Limiting user capabilities Preventing unauthorized configurations and macros
E N D
Mike RogersDirector of Development, Reflection 2007 Deploying Reflection for IBM 2007 for Maximum Security
Agenda • Goals of secure deployment • Deployment preparation walkthrough • Securing of data stream • Limiting user capabilities • Preventing unauthorized configurations and macros • Protecting sensitive data • Preparing your workstation installation • Strategic future directions • Where to get more information • Q & A
Security Considerations Secure Deployment 5
Securing the Data Stream • Goals • Protect sensitive data from being transmitted in “the clear.” • Utilize strong certificate-based authentication methods. • Use ELF for sign on to IBM Mainframes. • Tools • Security Configuration in Reflection for IBM 2007 • Reflection Certificate Manager • Results • Configuration files that will be deployed to end-users 6
Limiting User Capabilities • Goals • Prevent users from reconfiguring key configuration values. • Hide product functions from users. • Tools • Access Configuration Utility • Ribbon UI Designer • Results • Access Security Configuration Files • UI Configuration Files • Capability of elevating to Administrator on end-user PCs 7
Preventing Unauthorized Configurations and Macros • Goals • Prevent users from running “uncontrolled” macros. • Allow users to only connect to hosts you want them to. • Centrally manage macros and configuration files. • Tools • Trusted Locations Configuration User-Interface • Results • Application Configuration File 8
Protecting Sensitive Data • Goals • Prevent users from capturing sensitive data on the clipboard, to the printer, and to other applications such as Microsoft Office. • Allow users to capture pertinent non-sensitive data while masking sensitive data. • Define custom data patterns that are deemed sensitive. • Tools • Privacy Filters • Results • Application Configuration File 9
Preparing Your Workstation Installation • Goals • Create an pre-configured installation that can be used for a group of users. • Pre-package configuration data, macros and other files with the product installation. • Deliver data into “best practice” locations on the PC. • Tools • Reflection Customization Tool • Results • Microsoft Installer Transform File • Companion Installer(s) for configuration data and user data 10
Future Directions • Communication Security • Continued Support for Emerging Industry Standards and Certifications. • Information Privacy • Filtering of on-screen data • Masking of user-input • Configuration and Macro Security • Signed macros and session files • Platform Integration • Microsoft Group Policy Support 12
Where to get more information • Reflection for IBM 2007 product page: http://www.attachmate.com/en-US/Products/Host+Connectivity/Terminal+Emulation/Reflection/ribm/ribm.htm • Reflection for IBM 2007 evaluation version download page: • http://www.attachmate.com/en-US/Evals/ribm/eval-form.htm • Reflection for IBM 2007 technical specification: http://www.attachmate.com/en-US/Products/Host+Connectivity/Terminal+Emulation/Reflection/ribm/tech-specs.htm 13
Where to get more information (continued) • Reflection for IBM 2007 Evaluation Guide: http://www.attachmate.com/docs/Reflection/2007/R1/Eval/R2007EvalGuide.pdf • Bryan Grunow, lead software engineer, Bryan.Grunow@attachmate.com • Kris Lall, product manager, kris.lall@attachmate.com • Damon Dreke, product marketing manager, Damon.Dreke@attachmate.com 14
