Multifactor Authentication for the Mainframe?

Is the password is dead or dying?

Lots of articles talk about the death of passwords. Google aims to kill them off by the end of 2017. According to the company, Android users will soon be able to log in to services using a combination of face, typing, and movement patterns. Apple figured this out long ago (Apple Pay) and continues to move away from passwords. Even the U.S. government is coming to grips with the fact that passwords don’t cut it anymore.

Enter multifactor authentication or MFA. Almost everyone agrees that MFA provides the strongest level of authentication (who you are) possible. It’s great for users, too. My iPhone is a great example. While I like many things about it, Touch ID is my favorite feature. I never have to remember my thumb print (it’s always with me), and no one can steal it (except James Bond). Touch ID makes secure access so easy.

Given the riskiness of passwords and the rise of MFA solutions, I have to ask why it’s still okay to rely on passwords for mainframe access. Here’s my guess: This question has never occurred to many mainframe system admins because there’s never been any other way to authenticate host access—especially for older mainframe applications.

 Are mainframe passwords secure?

When you think about passwords, it’s clear that the longer and more complex the password, the more secure it will be. But mainframe applications—especially those written decades ago, the ones that pretty much run your business—were hardcoded to use only weak eight-character, case-insensitive passwords.  Ask any IT security person if they think these passwords provide adequate protection for mission-critical applications and you will get a resounding “No way!”

As far as anyone knows, though, they’ve been the only option available. Until now. At Micro Focus, we are bridging the old and the new, helping our digitally empowered customers to innovate faster, with less risk. One of our latest solutions provides a safe, manageable, economical way for you to use multifactor authentication to authorize mainframe access for all your users—from employees to business partners.

Multifactor authentication to authorize mainframe access?

It’s a logical solution because it uses any of our modern terminal emulatorsthe tool used for accessing host applications—and a newer product called Host Access Management and Security Server (MSS). Working alongside your emulator, MSS makes it possible for you to say goodbye to mainframe passwords, or reinforce them with other authentication options. In fact, you can use up to 14 different types of authentication methods—from smart cards and mobile text-based verification codes to fingerprint and retina scans. You’re free to choose the best solution for your business.

In addition to strengthening security, there’s another big benefit that can come with multifactor authentication for host systems: No more passwords means no more mainframe password-reset headaches!

Yes, it’s finally possible to give your mainframe applications the same level of protection your other applications enjoy. Using MFA for your mainframes brings them into the modern world of security. You’ll get rid of your password headaches and be better equipped to comply with industry and governmental regulations. All you need is a little “focus”—Micro Focus.

You’ve Solved Password Resets for Your Network. Now What About Your Mainframe?

Humans. For the person managing network access, we are nothing but a pain. That’s because network access involves passwords, and passwords are hard for humans. We hide them, lose them, forget them, share them, and fail to update them.

The struggle is real, and understandable. We are buried in passwords. They’re needed for every aspect of our lives. To keep track of them, most of us write them down and use the “increment” strategy to avoid recreating and trying to memorize a different password at every turn. But the struggle continues.

Yes, passwords are hard for humans. And that makes them an incredibly weak security solution.

If you’ve been in IT for any length of time, you get it. For years, password resets were a constant interruption and source of irritation for IT. Fortunately, that changed when password-reset tools came along. Now used by most enterprises, these tools help IT shops get out of the password-reset business and onto more strategic tasks.

What About Mainframe Passwords?

Mainframe-password resets are even more costly and time consuming than network-password resets. That’s because mainframe passwords have to be reset in RACF, on the mainframe, which means someone who has mainframe access and knows how to execute this type of command has to do it—typically a mainframe systems programmer/admin. Plus, mainframe users often need access to multiple hosts and applications. And each application requires a separate username and password.

There are no automated password-reset tools for the mainframe—your wealthiest data bank of all. But what if there were a completely different way to solve this problem? What if you could get rid of mainframe passwords altogether and strengthen security for mainframe access in the process?

In fact, there is a way that you can do just that. Two Micro Focus products—Host Access Management and Security Server (MSS) and an MSS add-on product called Automated Sign-On for Mainframe (ASM) make it possible.

How Do MSS and ASM Work?

MSS puts a security control point between mainframe users and your host systems. It uses your existing Identify and Access Management structure—specifically, strong authentication—to authorize access to the mainframe. The MSS-ASM combo enables automatic sign-on all the way to the mainframe application—eliminating the need for users to enter any IDs or passwords.

Here’s what’s happening behind the scenes: When a user launches a mainframe session though a Micro Focus terminal emulator’s logon macro, the emulator requests the user’s mainframe credentials from MSS and ASM. ASM employs the user’s enterprise identity to get the mainframe user ID.

Then, working with the IBM z/OS Digital Certificate Access Server (DCAS) component, ASM obtains a time-limited, single-use RACF PassTicket for the target application. In case you didn’t know, PassTickets are dynamically generated by RACF each time users attempt to sign on to mainframe applications. Unlike static passwords, PassTickets offer replay protection because they can be used only once. PassTickets also expire after a defined period of time (10 minutes by default), even if they have never been used. These features all translate into secure access.

ASM returns the PassTicket and mainframe user ID to the terminal emulator’s logon macro, which sends the credentials to the mainframe to sign the user on to the application.

No interaction is needed from the user other than starting the session in the usual way. Imagine that. They don’t have to deal with passwords, and neither do you.

No More Mainframe Passwords

Humans. We are a messy, forgetful, chaotic bunch. But fortunately, we humans know that. That’s why we humans at Micro Focus build solutions to help keep systems secure and humans moving forward. Learn more about Host Access Management and Security Server and its Automated Sign-On Add-On.

Extra! Extra! Extra! Reflecting on Terminal Emulation

As I mentioned in an earlier blog, there are over a dozen vendors selling terminal emulation solutions that allow millions of users to access their mainframe computer systems. Micro Focus is one of these companies, and our mainframe emulators offer security, flexibility, productivity, and Windows 10 certification. Well, most of them do. But before I elaborate on that point, let’s assume that you’re not yet on Windows 10.

Did you know that you could be forced to move to Windows 10 whether you like it or not? Yeah. Microsoft has announced that the latest generation of Intel chips will not support anything less than Windows 10. So, if you buy a new PC for a new hire or as a replacement for a broken or obsolete system, it will be running Windows 10 and chances are high that it cannot be downgraded no matter what Microsoft licenses you have. So unless you have a closet full of systems ready to deploy, you’ll  want to be ready for the Windows 10 upgrade—even if you don’t want to make the move. (But don’t worry; Micro Focus also offers Windows 10 migration tools to help you on your journey – whether or not you are using terminal emulation software.)

Make the Move

Okay, so let’s get back to that terminal emulator thing. Like I said in that same earlier blog, most of our mainframe emulators are completely up to date when it comes to the latest security standards like TLS 1.2 and SHA-2 along with data masking – which are required by the Payment Card Industry (PCI DSS). But even if you are not subject to PCI rules, implementing the latest security standards are just common sense to help mitigate hacking opportunities. We’ve also been hard at work certifying our terminal emulators for Windows 10 compatibility. Well most of them anyway.

Micro Focus has announced publicly that Extra! X-treme won’t be making the move to Windows 10, and older versions of Extra! X-treme do not support the latest and greatest security standards. But we have an offer for you that you can’t refuse. Well, I suppose you can refuse…but why would you want to?

Migration is Easy

We are offering most of our customers a no-charge migration path to Reflection Desktop, our state-of-the-art terminal emulator. Reflection Desktop was designed and developed by many of the same people behind Extra! so of course they know how to implement many of Extra’s best features, while providing a modern terminal emulator that will work now and into the future.

We have designed Reflection Desktop to have an upgrade experience similar to Microsoft Office applications:

  • The Reflection Desktop Classic Interface eliminates the need for retraining end users.
  • Extra! configuration settings will work as is in Reflection Desktop (Keyboard Maps, Hot Spots, Colors, Quickpads).
  • Reflection Desktop will run Extra! Basic macros with no conversion

And to increase security and enhance productivity, Reflection Desktop offers:

  • Trusted locations, which enable you to secure and control where macros are launched from while still allowing users to record and use them as needed.
  • Privacy Filters that allow you to mask sensitive data on mainframe screens without making changes on the host.
  • Visual Basic for Applications support (documentation), giving you better integration with Microsoft Office.
  • Support for the latest Microsoft .Net APIs allowing for more secure and robust customizations.
  • HLLAPI integration allowing you to continue using these applications without rewriting them.

If you still need help with your migration, guidance is available on how to inventory and migrate customizations. And Micro Focus Consulting Services have proven methodologies and experience with successful enterprise migrations. In fact, several of our customers have had successful migrations from Extra! to Reflection Desktop, one of which is detailed here. PS: This global financial firm actually migrated to Reflection Desktop not only from Extra! but also from a handful of terminal emulators from different companies.


We talked about Windows 10 and up-to-date security, which are important reasons to move to a modern, secure terminal emulator. In fact, there is another driver: Management.

This final driver ties everything together. You have to ensure that your terminal emulation environment is properly configured and that your users are prevented from making changes that can leave you open to hacking or, perhaps worse, allow them to steal critical information.

Reflection is fully integrated with the Micro Focus Host Access Management and Security Server (MSS). Besides helping you to lock down your emulation environment, MSS also lets you extend your organization’s existing identity, authentication, and management system to your mainframe and other host systems.

And there you have it. A modern, secure terminal emulator that will make you ready for Microsoft’s latest operating system, help lock down your mainframes from unauthorized users, and best of all, existing Extra! customers who have maintained licenses can get it for free.

Is Secure File Transfer Protocol (SFTP) Its Own Worst Enemy?

At Micro Focus, our customers are asking for a holistic approach to secure file transfer—one that provides more visibility, flexibility, and control. That’s why we’ve introduced Reflection® for Secure IT Gateway. This new SSH-based solution sits between the user and the SFTP server, and acts as a central point of control. Its job is to track every file going in and out of your enterprise, including who transferred it and what’s in it. David Fletcher investigates further in this blog….

Secure File Transfer Protocol

SFTP has long been a de facto standard for secure file transfer.  Originally designed by the Internet Engineering Task Force (IETF), this extension of the Secure Shell protocol (SSH) 2.0 provides secure file transfer capabilities over the SSH network protocol.

In a nutshell, SFTP encrypts your data and moves it through an impenetrable encrypted tunnel that makes interception and decoding virtually impossible. While incredibly useful for business-to-business data sharing, SFTP poses a problem in our security-conscious world. Oddly enough, the problem is that SFTP works too well.

Let me explain. SFTP works so well that no one can see what’s being transferred—not even the people who need to see it for security reasons. Case in point: Edward Snowden. No matter what your thoughts on the subject, the fact is that Snowden used his privileged user status to transfer and steal sensitive files. Why was he able to do this? Because no one could see what he was doing. As a “privileged user” on the network, he had extensive access to sensitive files—files that he was able to transfer about, as he desired, without detection.


In addition to the threats posed by unscrupulous privileged users, there’s another threat that’s cause for alarm. It’s called Advanced Persistent Threat (APT).  Basically, an APT is a ceaseless, sophisticated attack carried out by an organized group to accomplish a particular result—typically, the acquisition of information. The classic APT mode of operation is to doggedly steal the credentials of privileged users. The purpose, of course, is to gain unfettered access to sensitive or secret data. Once “in,” these APTers can transfer data and steal it without detection.  On a side note, Snowden used some of these APT tactics to steal credentials and validate self-signed certificates to gain access to classified documents.

APTs are often discussed in the context of government, but let me be clear: Companies are also a primary target. Take the recent Wall Street Journal article about a foreign government stealing plans for a new steel technology from US Steel. Such behavior is just the tip of the iceberg when it comes to how far some entities will go to steal information and technology.

Introducing Micro Focus Reflection for Secure IT Gateway

So given that transferring files is an essential business operation, what can you do to protect your organization from these dangerous threats? At Micro Focus, our customers are asking for a holistic approach to secure file transfer—one that provides more visibility, flexibility, and control. That’s why we’re introducing Reflection® for Secure IT Gateway. This new SSH-based solution sits between the user and the SFTP server, and acts as a central point of control. Its job is to track every file going in and out of your enterprise, including who transferred it and what’s in it.   It also provides the ability to essentially offload files and allow for 3rd party inspection and can then either stop the transfer and notify if something seem amiss or complete the transfer as required.

Reflection for Secure IT Gateway comes with a powerful browser-based interface that you can use to accomplish a number of transfer-related tasks:

  • Expose files for inspection by third-party tools
  • Automate pre- and post-transfer actions
  • Grant and manage SFTP administrator rights
  • Provision users
  • Configure transfers
  • Create jobs for enterprise level automation
  • Delegate tasks

Read more about Reflection for Secure IT Gateway or download our evaluation software and take a test drive. Learn how you can continue to benefit from the ironclad security of SFTP while also gaining greater file transfer visibility, flexibility, and control.

Sr. Product Marketing Manager
Host Connectivity
(Orginally Published here)

It ain’t broke, but there’s still a better way

The latest release of Rumba+ Desktop now offers centralized security and management via Host Access Management and Security Server (MSS). MSS meets one of IT’s greatest challenges—keeping up with an ever-changing IT security landscape. David Fletcher covers better secure access to host systems in this blog.

“If it ain’t broke, don’t fix it.”

We’ve all heard the old adage  But here’s the thing: Even if it’s not broken, it could be better. Think about regular film versus digital? Rotary phones versus smartphones? Those electric football games that vibrated the players across the field versus Xbox?  All the early versions worked just fine. They delivered the same results as their new counterparts. So why did we upgrade?

The answer is obvious. We wanted a better experience. After all, what’s not to like about achieving the same thing with less effort, achieving more with less effort, improving results, or just having more fun along the way?

The same is true for software. Remember the early days of running a single application in DOS? Think back to how clunky and inefficient those applications were. Yet we thought they were amazing!

These days there’s another topic that is top-of-mind in the software world, and that is the topic of computer security. While an older version of your software may still accomplish the task it was designed for, the world in which that software lives has undergone radical change. Software designed ten years ago isn’t able to shield your enterprise against the sophisticated threats of today. The gap is vast and dangerous.


Micro Focus and The Attachmate Group

Change comes when the benefits of a new solution outweighs the risk or pain of change. The good news is that change has come to Micro Focus® Rumba+ Desktop. The merger of Micro Focus and The Attachmate Group is enabling customers of both Rumba and Reflection terminal emulation software to get the best of both worlds. That’s why there are big gains to be had by updating now.

Let me be more specific. The latest release of Rumba+ Desktop now offers centralized security and management via Host Access Management and Security Server (MSS).  MSS meets one of IT’s greatest challenges—keeping up with an ever-changing IT security landscape. Customers always say, “We have 1000s of desktops at 100s of global locations. How do we keep up with PCI DSS, SHA-2, and TLS standards? How can we keep all of our clients up-to-date and secure? Just when we get everything updated, something new comes along that requires touching all of those workstations again.”

Rumba+ with Host Access Management and Security Server

Well, Rumba+ Desktop combined with Host Access Management and Security Server solves the problem.  Together, these products make it possible for you to:

  • Take centralized control of your host-access operations. You can lock down 100s (or 1000s) of desktops with ease, control access using your Identity and Access Management system (yes, it’s possible), and grant or deny access based on group or role. You can quickly apply changes to align with business needs or make post-install adjustments. And you can do it on your schedule, not someone else’s.
  • Reinforce security as you remove the need for mainframe passwords. By teaming Rumba+ Desktop with MSS, you can integrate your host systems with your existing IAM system. Then you can replace weak eight-character passwords with strong complex ones. You can even banish mainframe passwords—and password-reset headaches—by automatically signing users on to their mainframe applications.
  • Build a wall of security in front of your host. You can deliver end-to-end encryption and enforce access control at the perimeter with a patented security proxy. You can also enable multifactor authentication to authorize access to your host systems—which means you can take complete control of who is accessing your most valuable assets.

Micro Focus terminal emulation products have been providing secure access to host systems for decades. As technology advances and the security landscape continues to change, you can count on Micro Focus to help you find a better way.

Sr. Product Marketing Manager
Host Connectivity
(Orginally Published here)

Browser-Based Terminal Emulation and the Java Plug-In—What You Need to Know

The death of the Java plug-in is not news. Lots of articles talk about it. Even Oracle (who makes the Java plug-in) has finally agreed to dump it. For many users and businesses, this is not a big deal. And for IT staff, it’s actually a relief. It means they’ll no longer have to deal with the annoying Java Runtime Environment (JRE). The question for many IT Departments right now is this: “What’s your plan to transition off the Java plug-in for terminal emulation access?” David Fletcher looks at some answers…..

The death of the Java plug-in is not news. Lots of articles talk about it. Even Oracle (who makes the Java plug-in) has finally agreed to dump it. For many users and businesses, this is not a big deal. And for IT staff, it’s actually a relief. It means they’ll no longer have to deal with the annoying Java Runtime Environment (JRE).

It wasn’t always this way. In the beginning, IT saw Java as a way to build enterprise applications that could be run without installation, updates, or device-specific requirements. But naturally, there’s a tradeoff: You must install and maintain some notoriously problematic software—the Java Runtime Environment (JRE)—on all participating devices. That’s one big maintenance and security headache for IT. Basically, it reintroduces the very problem that Java was originally supposed to solve.

Enter HTML5/JavaScript. The HTML5/JavaScript approach requires no device-specific components beyond a modern browser. IT staff can serve up web applications to hundreds or thousands of users without having to touch any user devices. They need only maintain a dozen or so application servers. Goodbye endpoint-management headaches!

An often overlooked application that uses the Java plug-in is the browser-based terminal emulator. For many medium to large companies, as well as numerous government agencies, terminal emulators are a mission-critical necessity. For years, these applications have used the Java plug-in to provide access to mainframes and other host systems from within a browser that supports the plug-in.

Rumba+What’s your plan to transition off the Java plug-in for terminal emulation access?

It’s a question you may have to grapple with sooner rather than later because of the release of Windows 10. More and more companies are looking to move to this new platform. But the Edge browser that comes with it does not support Java plug-ins. Yes, you can run IE on Windows 10, but essentially you are poking holes in your secure browser-based access by using this older technology.  Not to mention the headaches that IT will continue to have when applying security updates, which Oracle won’t continue to support forever.

There is an easy solution. Micro Focus now offers Reflection ZFE, a terminal emulator built on the advanced technology of HTML5. With Reflection ZFE, you can deliver browser-based host access efficiently and securely with a true zero-footprint client designed to reduce IT costs and desktop management time.

Our 2.0 release of Reflection ZFE delivers many great new features, including support for:

  • Unisys hosts (UTS)
  • Windows 10 Enterprise
  • Automated sign-on for mainframe applications
  • Reflection for the Web Profile Import
  • VBA and VBA macros

Learn more about our HTML5 terminal emulation solution.

Sr. Product Marketing Manager
Host Connectivity
(Originally published here)

Is The Mainframe a Hacker’s Target?

Business-critical mainframe systems are accessed daily by millions of users. Industry expert Ron LaPedis takes a hard look at the security risks, and explores how to plug the major gaps

A variety of Terminal Emulation solutions enable millions of users to access their mainframe computer systems. The choice of terminal emulation solutions ranges from thin hardware clients, to thick software clients, to thin software clients running in a browser. Most of these clients interpret the data streams being passed back and forth from the host using protocols such as 3270, 5250, VT, X-windows, T27, UTS, or 6530, and reformat it for display on more modern devices such as PCs and tablet devices.

These more modern devices are all connected to the mainframe using standard Internet Protocols – which means that the data can be sniffed or even modified. And not only that, depending on how old the mainframe code is, Personally Identifiable Information (PII) might be displayed. In some cases, this is in violation of HIPAA, PCI DSS, EU Data Protection laws, or other rules and regulations that didn’t exist when that code was written.

Mainframe Security

As a result of serious vulnerabilities within SSL and early TLS, organizations can be put at risk of data breach. In fact, the Payment Card Industry Security Standards Council (PCI SSC) mandated that data communications are to be protected by TLS 1.1 or later (as of June 30, 2016). Even though NIST deprecated (killed off) SSL as of 2014, the 2016 deadline was moved to 2018 to give member organizations extra time; which of course gives hackers extra time too. The existence of the POODLE and Heartbleed exploits, among others, prove that anyone using SSL and early TLS risks being breached.

IAS blog 2

Breaking In

Can we talk about passwords for a moment? Most applications were written in simpler times when 8-character passwords were the norm. And Multi-factor authentication? Forget it!

The chances are that critical mainframe applications (and administrator accounts) are not only limited to 8-character passwords, but 8-character passwords which contain only letters and numbers – taking less than six hours to crack.

And then there are question marks around the use of Java due to its vulnerability-of-the-week history. Many browser-based Terminal Emulation software clients require a specific version of Java running on a specific browser version – which may have its own vulnerabilities. It’s not unreasonable to say that Java is somewhat notorious as a security trap door.

Defending the Estate

Mainframe security matters. Today’s terminal emulation software packages need to be secure, manageable, and easy to use. It doesn’t matter whether users are on thin clients, PC, Mac, or mobile devices. And large number of terminal emulation protocols, along with specialized host software (such as airline reservation systems), must be supported.

Whether internal policy requires a management server on a Linux partition within the mainframe or on an external Host Access Management and Security Server (or MSS), modern mainframe security solutions need to:

  • Centrally manage terminal emulation access to your host systems by using your existing Identity and Access Management systems
  • Easily update terminal emulation user configurations to meet evolving security requirements
  • Quickly validate compliance of terminal emulation for securing sensitive information
  • Ensure that end users could not make changes to their user configuration
  • Partially or fully mask data fields based on the user’s role
  • Enforce data input standards and cross-screen validation
  • Implement long complex passwords and multi-factor authentication.

 A Fresh View On Mainframe Terminal Emulation

Such lofty objectives are, however, not the stuff of dreams. All of this is possible today. Our relentless focus on customer success, Micro Focus has invested to create a new generation of powerful, secure and comprehensive emulation products.

Tackling all the requirements above, additional capabilities include end-to-end encryption of data streams, centralized management, partial or full field masking of sensitive data, multi-factor authentication, integration with Microsoft Office tools, and linkage to other Micro Focus identity management software for user lifecycle management.

Without touching a line of code on the host, you can lock down access to your mainframe, meet industry-specific rules and regulations, and prevent data from being changed or being taken out of the organization through traffic monitoring or impacting the business through modification.

Additionally, power users can now create entirely new ways of viewing and manipulating core business data; again without modifying a line of mainframe code. Creating powerful and user friendly windows or web-based applications from dated green screen applications is just a few clicks away.

The mainframe is a powerful part of organizational value. It must be web and mobile device ready, but also totally secure. Whether organizational security direction is coming from the board,  auditors,  business units, end-users, or more importantly, the customers, Micro Focus provides powerful solutions that can help address these requirements by making access to core mainframe applications secure and friendly.






Ron LaPedis

Global Sales Enablement Specialist

JAVA Plugin Problem Resolved…in a ZFE

While not as big as the EU referendum, desktop managers and IT security managers are also absorbing significant news. But unlike the #Brexit, Jonny Crawford offers a little certainty as Oracle are sundowning, or ending support, for NPAPI.

It’s been a big day. It’s time for Reflection.

While not as big as the EU referendum, desktop managers and IT security managers are also absorbing significant news. But unlike the #Brexit, Jonny Crawford offers a little certainty …

What’s happening?

Browser manufacturers and Oracle are sundowning, or ending support, for NPAPI. This is the plug-in widget that supports their browser-based Java applets. This affects those running host environments globally.

What widget?

NPAPI is an initialism for the Netscape Plugin Application Programming Interface. It has been how software developers have written browser plugins for as long as I can remember. So when Oracle want to give the Java Runtime Environment (JRE) the ability to be a browser plugin, both the JRE and the browser must support NPAPI.

What are applets?

Java applets are full Java programs that run inside web pages. Technology has pretty much overtaken them these days – Java Script and HTML 5 offer all the webpage functionality devs need – but back in the 90’s Java applets made webpages walk and talk.

What do they do?

Applets and other NPAPI tech like MS Silverlight pop up whenever the user shifts from online ‘shopping basket’ to order fulfilment. Call centre staff for insurance companies and banks use them to input details into their in-house applications.

Why are Oracle doing this?

In short, because it makes their life more difficult.  NPAPI has significant security holes and performance issues that makes browser security and performance more difficult. This must also be partly customer-driven; insurance companies are not big on tech that may cause a data breach.

Why is this a problem?

Phasing out this unsecure and awkward technology is not without challenges. These applets are buried pretty deep, often connecting the host application to either a back office system or customer-facing app. Work-arounds include launching the applet outside of the browser, which is neither sustainable nor future-proof.

A bigger issue is that Chrome, Firefox and MS Edge no longer recognize or support Java applets or their plugins, such as NPAPI. Google has even removed the technology completely to make way for HTML5.

Thin clients need plug-in support when connecting applications to a host but if the browsers no longer support these plugins, the end result is frustration for employees and customers alike.

Back to the call centre. They need a technology to connect to the host for productivity, lower call volumes and avoiding the necessity to flick between desktop and browser applications. If they can’t have the plug-in, then what is the alternative?


Here’s an idea

Replace a thin client host with an HTML5 connection. Remove your company from the resource-intensive cycle of installing, configuring, patching, and managing traditional software across multiple desktops.

Micro Focus Host Connectivity solutions use no Java plugins. Micro Focus Reflection ZFE is efficient and secure browser-based terminal emulation. It uses a true, zero-footprint client that reduces IT costs and desktop management time. With Reflection ZFE, the host screens use HTML5, and therefore any browser. Lower client management costs can reduce the TCO.

What’s next?

Look towards the next generation of Host Connectivity solutions. Contact Micro Focus. It’s the right call.


Merging Attachmate and Micro Focus will change how you think about Terminal Emulation

There is no company out there that has the depth and breadth of technology and product expertise that we bring to the table. David Fletcher blogs about how the Micro Focus and Attachmate merger is leading to stronger and more secure host access solutions.

When it comes to mergers and acquisitions we have all heard and read about the chaos that comes from the ones that don’t work.  Remember when AOL announced that it was buying Time Warner to create the “world’s largest media company” or how about when Sprint and Nextel agreed to merge only to have Sprint shut down the Nextel network a few years later?

The interesting thing is that these days’ mergers fail more often than marriages.  There are many reasons for failures – technology differences market changes and especially company cultural differences to name a few.

Not only did these mergers above fail – they brought a lot of pain and suffering to their customers.  They gutted the market place with the lack of ability to make something new and better out of two different companies and cultures.  They took a chance to re-think their strategies and failed to move forward with the products and services into a new age of technology and customer satisfaction.



The Micro Focus and Attachmate merger is leading to stronger and more secure host access solutions.

With this merger, there is now no other company that can better address the needs of organizations that want to fit their host systems into a modern and secure IT environment.

With our combined portfolios our customers can:

  • Deliver best-of-class terminal emulation solutions across the range of devices required by their business users
  • Harden their endpoints to help secure the sensitive data and protect the host systems accessed by end users…without impacting user productivity
  • Simplify the interaction with non-intuitive mainframe apps for today’s “Facebook generation” users not familiar with green screens
  • Non-invasively extend the business logic embedded in mainframe apps to developers as web services
  • Work with a single partner that is focused on helping companies get the most out of their long-term IT investments

Whatever mainframe or host system you have – we have experts with years of experience with these technologies.  When it comes to understanding how to secure and manage access to mainframe and host systems – there simply is no vendor that has a more complete set of solutions to protect your critical data-in-motion or at rest.  When it comes to enabling mainframe-based applications to new users in new ways – no other vendor is as passionate about bringing new solutions to our customers. There is no company out there that has the depth and breadth of technology and product expertise that Micro Focus brings to the table.

So how will this merger be different than other technology mergers?

It’s easy to say, “Oh, but this merger is different”.  But what really matters is how have our companies fared with mergers in the past and how is this merger benefiting customers for the future. Both Attachmate and Micro Focus have a history of mergers and acquisitions where we have taken the opportunity to bring products and services into our portfolio to provide more value for our customers.

Since this merger was completed in November of 2014 we’ve been working hard on the nuts and bolts that make a company work.  Bringing together people, systems and processes to make it easy to do business the combined Micro Focus company.  We’ve also been busy working through our product portfolios and determining how we can best enable this combined product set to help customers secure and manage their host systems.  We’ve been cross-pollinating our products with the best of breed technologies so that our customers can take advantage of these solutions without having to swap applications.

Here are just a few examples of how we are bringing these technologies together:

  • Reflection Desktop and InfoConnect Desktop now offer the User Interface Modernization capabilities that originated with Rumba+
  • Delivered Host Access Management and Security Server to market which will allow our customers to centrally manage and authenticate access to mainframe systems from our terminal emulation clients.

It’s been a challenge – but we’ve stayed focused on driving new releases and updates for the products that our customers rely on.   Take a closer look what we’ve been up to:

As these products move forward we will continue to invest in and enable the best technologies and solutions across the portfolio.  No longer will customers have to choose between different products for the solutions they need.

When you look at your mainframe and host systems, ask yourself – are you getting the most out of these investments as possible?  If it was simple and less risky to your business to re-think how you are using these systems– what would you do differently?

Just like with anything – change is hard and can be daunting but now you have a combined company in your corner to help you re-think your business and make each step of the way a safe one.

Keep your eyes on Micro Focus over the coming months as we continue to drive innovation that solve modern customer challenges with host systems.  Take a look at how our customers that have taken the steps to make change to their systems and processes and how they have benefited.  This could be your business.

Health Plan of San Mateo

Bauverein der Elbgemeinden (BVE)

Renew Insurance

Rumba 9.4: A New Way to Think about Green Screens

David Fletcher, Senior Marketing Manager for Micro Focus Rumba, talks about the challenges with green screen applications and the innovative Screen Canvas feature now available in Rumba 9.4.

Lean and Green

If you’re reading this blog, you probably know about green screens. You probably wish they were more flexible and easy to use, but you still understand their overall value. You know that green screen applications, while written decades ago, still run the world. And behind the scenes, they make our lives easier in more ways than we may actually know.


 ‘Sorry please hold, I will have to switch to another screen’

Most of us will have interacted with green screen systems[1]—for example, when you’re talking to a call center rep’ who is using one to look up your insurance details, or book your travel, or check your banking details. These are the people who often need to put you on hold because the “system is slow” or they have to “go to another screen.” That’s what these green-screen applications are like to use—complicated, convoluted, confusing. They don’t play well together, and don’t take advantage of the latest graphical interfaces either.

However, despite their limitations, green screens and the applications they “represent” are so entrenched in our world that now even mobile users want to access them from their modern laptops, tablets, and smart phones. So why are we content to continue interacting with these outdated systems? One simple reason: These applications are still business critical. And updating them is difficult, time consuming, risky, and prohibitively expensive.

But wouldn’t it be great if there was some way to bring these outdated applications into the modern world?

At Micro Focus we continue to make investments to help organizations get the most out of their existing IT investments—including core green screen business applications. We provide low-risk, easy-to-use software that modernizes the user interface of core business applications and drives business efficiency.

Enter the new Rumba 9.4

You may have read about the user interface modernization capabilities of Rumba in the past, but with this new release we have added more capabilities to help revive tired applications.

Rumba+ 9.4 offers a new facility called Screen Canvas. With Screen Canvas, you are no longer bound by the old 24 row x 80 column limits of the traditional green screen. You can combine what used to be several different green screens into a single page.



Users with the new version can consolidate several green screens into a single page, re-organizing and merging disparate information to make the user experience more intuitive and easy to use – with no coding or changes to the host application.

To the customer, this is a new way to improve usability of older application. It is a new view of the green screen – it feels updated and contemporary.  It improves the user experience. To Micro Focus, it is the result of an ongoing commitment to improve the user experience for the customer.

And that’s not all. Rumba+ is the perfect partner product of Rumba 9.4 and enables customers to extend their reach even further, with access to Windows, iPad and mobile technologies. Ultimately, Rumba+ represents and supports a full evolution and modernization from green screen to GUI.

Learn more about the all of the Rumba product line, or contact your local sales representative.


[1] Green screens: Text displays used by the mainframe applications to present information to users.

Terminals: Traditional hardware/screens used to access core application green-screens. The IBM 3270 is a classic example.

Terminal Emulator: A dedicated computer program that replicates the terminal viewing experience through an alternative display, typically a PC screen. Rumba is a terminal emulator.

User Interface: The visible part of the operating system and an older, character-based user interface is a problem for anyone familiar with the Graphical User Interfaces (GUI) on personal tech, such as laptops and tablets.

Terminal Emulation how-to videos – Micro Focus Rumba+

Jordan Ashman from Micro Focus introduces a fantastic ‘how to’ Rumba+ Terminal Emulation video series on YouTube by Will Cass.

The thing about Rumba+ is that seeing it beats describing it. That’s what inspired Rumba doc writer Will Cass to produce a comprehensive video walk-through of everything you need to become a fully-fledged Rumba Screen Designer ninja.

This series of 19 training videos are a definitive, step-by-step user guide to working with our class leading user interface (UI) modernization technology. The videos were created for version 9.3, while most of the content works for versions 9.1 and 9.2, too.

End-users, administrators and professional services people will appreciate the practical, how-to angle while potential business users will see the potential that Rumba+ offers.


Terrific for training – ideal for demos

Written and produced to be accessible to as many people as possible, they illustrate the key selling points of Rumba+ beautifully –simple to use, no coding, no extra skills required and all the benefits of an improved UI without the pain of a global modernization project.

What’s available?

Follow them chronologically and build your own application by working your way through every Rumba+ feature. Brand new and fresh out of the box, these new postings now feature on our YouTube playlist and the demo section of our Rumba pages. Enjoy.


Here’s the list of all the videos available on the playlist

Getting started with the Rumba screen

Creating a history file

Starting a new project

Adding a Button Control

Adding a Chooser Control

Adding a Tooltip Control

Adding an AutoExecution Control

Adding an Image Control

Adding a Label Control

Adding a Calendar Control

Adding a GridCollector Control

Adding a Table Control

Adding a Collector Control

Adding a WebFrame Control

Adding a Tab Control

Adding an InputField Control

Adding a RadioButton Control

Adding a CheckBox Control

Taking the Project live