Reflection for Secure IT Windows Client

Reflection for Secure IT Windows Client is an SSH File Transfer Solution. It uses the SSH protocol to provide secure file transfer and terminal access capabilities in both graphical and command line formats. It is part of the Reflection for Secure IT family of SSH clients and servers for Windows and UNIX—all designed to protect data in motion.

Technical Specifications

Connectivity

  • SSH2 protocol: IETF SecSh Internet drafts (RFCs 4250–4254, 4256, 4462, 4344, 4345, and 4716)
  • SSH1 protocol for compatibility with older protocol servers
  • SCP1 for compatibility with OpenSSH Servers

Cryptographic Library Validation

  • FIPS 140-2 Level 1 (Certificate #1027)

User-Friendly Interfaces

  • Familiar graphical user interface
  • Batch/command-line scripting via ssh, sftp, and scp commands
  • new Convenient setup for multihop connections
Secure File Transfer

  • SCP:
    • Replaces the non-secure rcp command
    • SCP1 support
  • SFTP:
    • Replaces the non-secure FTP protocol
    • Complies with draft-ietf-secsh-filexfer
  • Secure, graphical FTP client utility:
    • Support for wide variety of FTP servers by SFTP protocol, FTP over SSH, standard FTP (unencrypted), FTP over SSL/TLS, and Kerberized FTP (TLS)
  •  Servers supported:
    • Windows-based, IBM System z, IBM System i, UNIX, NetWare, Unisys, HP 3000, and OpenVMS
    • File browsing on IBM mainframes with no host-side intrusion or modification
    • Site-to-site transfer between servers
    • Automation tools (script recorder and Microsoft OLE Automation)
    • new Preserve timestamps and file attributes during SFTP transfers

Tunneling

  • TCP port forwarding (Local/Remote)
  • FTP protocol (dual-channel)
  • X11 forwarding
  • Gateway port
  • RDP protocol (secures Microsoft remote desktop access)

Encryption Algorithms

  • Ciphers:
    • AES (128, 192, and 256 bit CTR)
    • AES (128, 192, and 256 bit CBC)
    • 3DES (3 56-bit key CBC)
    • Blowfish (128 bit CBC)
    • CAST (128 bit)
    • Arcfour (128 and 256 bit)
  • MACs:
    • HMAC-SHA1 and HMAC-SHA1-96
    • HMAC-SHA256 and HMAC-SHA512
    • HMAC-MD5 and HMAC-MD5-96
    • RIPEMD160
  • Key exchange:
    • RSA
    • Diffie-Hellman

Authentication

  • Server authentication:
    • Public key (RSA and DSA)
    • PKI X.509 certificates
    • GSSAPI
  • User authentication password:
    • Local
    • Windows Domain (Active Directory) authentication
  • User authentication public key:
    • RSA
    • DSA
    • Agent forwarding
    • new Smart card support for agent forwarding
  • Keyboard interactive:
    • RSA SecurID
    • RADIUS
    • Keyboard-interactive password
  • PKI X.509 certificates:
    • Reflection Certificate Manager
    • Windows Certificate Manager (MSCAPI)
    • Online Certificate Status Protocol (OCSP) support
    • Certificate Revocation Lists (CRL)
    • LDAP/Active Directory retrieval of CRLs and intermediate CA certificates
    • PKCS #12 key and certificate storage
    • PKCS #11 smart card support
    • new Shared trusted certificate store location
  • GSSAPI/Kerberos:
    • Reflection Kerberos client
    • Microsoft SSPI logon credentials
    • Supports both user and host authentication using GSSAPI

Emulation Types

  • VT500 and VT420
  • VT320, VT220, and VT100
  • VT-UTF8
  • Linux Console
  • BBS-ANSI and SCO-ANSI
  • QNX
  • xterm

Operating Systems

  • new Microsoft Windows 7
  • Microsoft Windows Vista (Service Pack 2)
  • Microsoft Windows XP (Service Pack 3)
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008 (including R2)
  • Windows Terminal Server
  • Citrix XenApp

free online demo free 30 day trial