Attachmate Worldwide  |   Contact Us  |   NetIQ.com
Home » Support » Solution Library

Technical Notes

New Features in Reflection for Secure IT Windows Server 7.0 and Release Notes
Technical Note 2273
Last Reviewed 22-Oct-2008
Applies To
Reflection for Secure IT Windows Server version 7.0
Summary

Reflection for Secure IT Windows Server 7.0 has been redesigned using the most current tools and practices for secure software development. This technical note outlines the new features available in this release, as well as product release notes.

Note: If your environment requires support for PKI, SecurID, Radius, IPv6, or host subconfiguration files do not upgrade to 7.0. Current plans include reintroducing these options in a future product release.

Product Updates

  • Support for user or group restrictions for allow/deny, or user and group subconfiguration files is available in 7.0 SP1. For more information about Reflection for Secure IT Windows Server 7.0 SP1, see Technical Note 2375.
  • A version 7.0 Update (7.0.479), which includes updated support for FIPS validated operation, is available for download from the Attachmate Download Library web site.

Redesigned Reflection for Secure IT Windows Server 7.0

Reflection for Secure IT Windows Server version 7.0 was designed and written by Attachmate using the most current tools and practices for secure software development. The most important changes are internal to the product, but there are significant visible improvements in the 7.0 feature set.

This note includes the following information:

Reflection for Secure IT Windows Server 7.0 New Features
Obtaining Your Product Upgrade or Update
Installing or Upgrading to Reflection for Secure IT Windows Server 7.0 References

Reflection for Secure IT Windows Server 7.0 New Features

In addition to new architecture, version 7.0 offers the following new features:

  • GSSAPI/Kerberos user and host authentication simplifies user and host key administration.
  • Windows domain authentication enhancements eliminate the need to enter domain administrator credentials in the server's administration utility.
  • Improved documentation includes context-sensitive help, and both PDF and HTML versions of the user guide (see http://support.attachmate.com/manuals/rsit_win_server.html).
  • Improved user interface makes it easy for administrators to configure server settings.
  • Enhanced logging capabilities include increased customization of diagnostic and event data collection, which provides more flexibility for troubleshooting and server activity monitoring.
  • Additional key-exchange algorithms enable administrators to fine-tune security and connection startup performance.
  • IP Blocking feature allows a temporary block of connections from any IP address that has exceeded a specified number of failed login attempts.
  • Native 64-bit Windows support for x64 hardware.
  • SCP1 compatibility with OpenSSH clients.
  • Uses OpenSSH format public keys. The Reflection for Secure IT server can read keys created by OpenSSH clients. You don't need to modify the key format.

Obtaining Your Product Upgrade or Update

Maintained customers are eligible to download the latest product releases, service packs, and updates from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/.

You will be prompted to login and accept the Software License Agreement before you can select and download a file. For more information on using the Download Library web site, see Technical Note 0200.

Installing the 7.0 Update (7.0.479)

Before you apply the 7.0 Update (7.0.749), you must have Reflection for Secure IT Windows 7.0 Server already installed. Note: If you have 7.0 SP1 installed, a different update is available; see Technical Note 2375.

  • We recommend that you back up your server configuration file before you update the installed copy of the product. This may be useful if you want to revert to an earlier version at some point in the future.
  • Download and install the update.
  • After applying the update, you need to restart Windows to complete the installation.

Resolved Issues and New Features in Reflection for Secure IT Windows Server for 7.0 Update (7.0.479)

  • The "Use only FIPS-140 certified cryptography algorithms" setting now properly initializes the Attachmate Crypto Module. This initialization ensures full compliance with the security policy described at http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2007.htm#766. Note: This initialization change is not required to enforce the use of FIPS-approved encryption, hashing, and random number generation algorithms. These are all correctly enforced in all shipping versions of this product. The update ensures that the cryptographic module runs self-test routines and enforces minimum public key sizes.
  • The server can now read OpenSSH public keys and use an OpenSSH-style authorization file for public key authentication.

Installing or Upgrading to Reflection for Secure IT Windows Server 7.0 References

For information about installing Reflection for Secure IT Windows Server 7.0, see the Installing topic in the User Guide: http://docs.attachmate.com/reflection/rsit-ssh/7.0/winserver/en/help/rsitserver_install_ch.htm.

For information about upgrading to version 7.0, see Technical Note 2283.

Related Technical Notes
0200 Using the Attachmate Download Library (FAQ)
2283 Migration and Upgrade to Reflection for Secure IT Windows Server 7.0
2340 Upgrading Reflection for Secure IT from an Evaluation Copy to a Licensed Copy
2375 Reflection for Secure IT Windows Server 7.0 Service Pack 1 (SP1): Fixes and Features

Did this technical note answer your question?

Yes    No    Somewhat     Not sure yet

Additional comments about this tech note:

Need further help? For technical support, please contact Support.