The administrator’s company requires secure access to the mainframe. To meet this requirement, create a session to an IBM 3270 host, using both Management and Security Server and Reflection Desktop.
Log off Windows as the domain user, and log on as the administrator.
Open Management and Security Server, and log on as the Management and Security Server administrator.
The Administrative Console opens to the Manage Sessions panel.
Click +ADD.
Select Reflection/InfoConnect Workspace as the Product, and Workspace as the Session type.
Enter a Session name, such as 3270-TLS.
Add a comment for internal reference, if desired.
Accept the default settings and click Launch. Reflection Workspace launches in a separate window.
In Reflection Workspace, create a new document using the 3270 terminal template. Click Create.
In the Create New 3270 Terminal Document dialog, enter the Host name of a TLS-enabled host name and the appropriate port.
If you cannot connect with TLS, enter the name of another mainframe host. You will not be able to evaluate the exact behavior on your system, but you can follow along.
Check Configure additional settings (at the bottom), and click OK.
In the Settings for 3270 dialog under Host Connection, click Configure Advanced Connection Settings. Scroll to and click Security Settings. (If prompted, disconnect the session.)
On the SSL/TLS tab:
Check Use SSL/TLS security, and keep the Default Encryption strength.
In the SSL/TLS version drop-down menu, select TLS Version 1.2.
Click OK twice. The session is now configured.
As mentioned earlier, if you cannot connect with TLS, you will not be able to evaluate the exact behavior on your system, but you can follow along.
In Reflection Workspace, click File > Save. Click OK to send the settings to the Administrative Server.
For this evaluation, you do not need to send it as a compound session.
(When the session is sent as a compound file, all of the custom keyboard maps and other settings that apply to that session are saved in the session file. Compound files simplify the deployment process because you do not have to deploy these settings in separate files.)
Close Reflection Workspace. You are returned to the Administrative Console in Management and Security Server.
The security settings are configured (Steps 4, 5), and the session to the mainframe is created (Step 6). Now you can “push” the settings to the domain user.