Reflection for Secure IT

Reflection for Secure IT, an SSH-based security solution built for UNIX and Windows environments, provides a complete range of encryption, authentication, and data integrity capabilities to protect data in motion. With Reflection for Secure IT, administrators can safely transfer sensitive data, manage remote servers, and access corporate applications over the Internet.

Reflection for Secure IT, Windows client, has been awarded the Microsoft Works with Windows Vista logo.

Reflection for Secure IT lets you:
  • Meet the highest levels of US government security standards.
  • Secure remote administration of critical servers, even over untrusted networks.
  • Safely transmit sensitive data and ensure that transfers are completed.
  • Access any TCP/IP-based application through a secure transmission tunnel.


    • Benefit

    Standards-based security for remote administration and file transfers


  • Reflection for Secure IT supports the IETF standard SSH2, so that administrators can do their jobs securely using familiar tools.
  • Reflection for Secure IT interoperates with other Secure Shell tools.
  • Reflection for Secure IT offers both scp and sftp for secure file transfers.
  • Reflection for Secure IT provides fast, secure file transfers that can resume where they left off.


    • Third-party validation of product quality and performance

  • Reflection for Secure IT was the first FIPS 140-2 Level 2-validated SSH solution in the world, a measure of the quality of its cryptographic module.
  • Reflection for Secure IT has a range of cryptographic options for addressing varying levels of performance, interoperability, and security requirements.
  • Reflection for Secure IT has been certified by the Joint Interoperability Test Command to work with the U.S. Department of Defense PKI infrastructure.


    • Support for your existing security environment

  • Reflection for Secure IT supports all major client and server platforms, including Windows, Unix, and Linux.
  • Attachmate works with customers to ensure that new platforms are supported as needed.
  • Reflection for Secure IT supports a variety of authentication mechanisms, including PKI and smart cards.


    • Vital security for regulatory compliance

  • Reflection for Secure IT protects passwords and sensitive data that would be in the clear with nonsecure tools like Telnet and FTP.
  • Reflection for Secure IT provides audit logs for Sarbanes-Oxley, Gramm Leach Bliley, HIPAA, FDA 21 CFR Part 11, Basel II, and the European Data Protection Directive.


    • #1-rated customer support

  • Attachmate consistently scores above industry average in independent surveys.
  • The average tenure of an Attachmate support rep is 9 years.
  • Security specialists are available 24/7, if needed.


    • Technical Specification

    Secure File Transfer

  • Additional command-line switches and options
  • SCP2
  • SFTP2
  • SFTP file-transfer resume after interrupted downloads


    • Security Protocols

  • SSH1 (SSH client only)
  • SSH2: IETF SecSh Internet drafts and RFCs 4250?256, 4344, and 4345


    • Cryptographic Library Validation


  • FIPS 140-2, Level 2


    • Tunneling

  • Local
  • Remote
  • FTP protocol


    • Auditing

  • Notification of exceeded maximum password attempts
  • Connection ID support for SSH2 and SFTP2


    • Emulation Types

  • VT500, VT420
  • VT-UTF8
  • Linux Console
  • BBS-ANSI, SCO-ANSI
  • VT320, VT220, and VT100
  • QNX
  • xterm and xterm color
  • Host printing


    • Operating Systems

  • Microsoft Windows XP
  • Microsoft Windows 2000*
  • Microsoft Windows Server 2003
  • Microsoft Windows 2000 Server
  • Microsoft Windows NT 4.0 **
  • Windows Terminal Server*
  • Citrix MetaFrame*


    • System Requirements

  • Any system that meets the minimum requirements for the Microsoft Windows operating system
  • Disk space varies depending on the features installed
  • Network interface card


    • Authentication

  • Reflection Certificate Manager
  • Reflection Key Agent use of certificates
  • Windows Domain authentication
  • Traditional password
  • User public key (RSA and DSA)
  • User-key generation support
  • GSSAPI support (permits NTLM and Kerberos)
  • RSA SecurID
  • RADIUS
  • Keyboard-interactive password
  • X.509 certificates
  • LDAP/Active Directory
  • PKCS #12
  • PKCS #10 enrollment
  • MSCAPI with Microsoft system certificates (client only)
  • SSH key agent
  • Agent forwarding


    • Algorithms

  • AES
  • 3DES
  • Blowfish
  • Twofish (server only)
  • CAST128
  • Arcfour
  • DES
  • MD5
  • SHA-1
  • RIPEMD (client only)
  • RSA
  • DSA
  • Diffie-Hellman


    • Administrative Tools

  • Support for Windows Terminal Services
  • Support for Citrix MetaFrame
  • Client support for Windows administration features
  • Windows Installer
  • Active Directory
  • Group Policies


    • International Support

  • French
  • German
  • English
  • Japanese


    • * Reflection for Secure IT, Windows client only
    ** Reflection for Secure IT, Windows server only