Universe 2021 Review—Mainframe Access and Security

by in Application Modernization & Connectivity

AMC_683x341.jpgProtecting and connecting the modern mainframe was a key topic at the recent Micro Focus Universe–Que Mangus, Product Marketing Manager, summarizes the sessions for those who missed it.

Universe 2021 was an amazing event! But if you were not able to attend, that’s ok. The information is available on demand—you can review it here. (You will first need to register for one of the three regions, EMEA, AMS, APJ, but don’t worry, it’s free).

In the AMC track, we held three sessions focused on Mainframe Access and Security, along with an exhibition zone. We discussed how to solve real-world problems for those with mainframe and terminal emulation. Here’s a quick recap.  

Enterprise-level mainframe security and zero-footprint host access

Security is top-of-mind for all organizations—especially organizations with mainframes—as so much sensitive data resides there.

Recent breaches

As recent breaches have shown, attackers continue to use traditional methods such as credential cracking, where attackers use brute force (trial and error to guess login info), and a new phenomenon called credential stuffing. Attackers use stolen usernames and passwords (called credentials) to gain unauthorized access to accounts through automated login requests. A recent dark web audit revealed 15 billion stolen logins from 100,000 breaches are available to cybercrime actors. 

Regulations

New regulations, directives, and standards, including the Payment Card Industry Data Security Standard (PCI DSS), Homeland Security Presidential Directive 12 (HSPD-12), and the General Data Protection Regulation (GDPR), require organizations to ensure sensitive data is protected. This includes personally identifiable information. And much of that data lives on the mainframe.

MFA and Zero-Footprint Access

To prevent breaches, adhere to regulations, and to protect sensitive information, organizations must implement multi-factor authentication (MFA) for the mainframe. Through MFA, a user is granted access only after successfully presenting two or more pieces of evidence (or factors) proving their identity.

Another concern that organizations have is how to rapidly change the terminal emulator’s settings to comply with required security policies (think enabling TLS 1.3). To address this concern, organizations can provide more agility in security for mainframe access by providing zero-footprint host access. By centrally managing terminal emulation, it becomes easy to make configuration changes and grant or deny access via the corporate user directory. Zero-footprint host access provides secure access from the endpoint to the mainframe, allowing end users to securely access the host, without java dependencies or desktop components.

Micro Focus Security Solutions for Mainframe Security

Micro Focus solutions, including Advanced Authentication, the Advanced Authentication Connector for z/OS, and Host Access Management and Security Server (MSS) can provide an extra layer of security to protect mainframe access.

Micro Focus Advanced Authentication framework strengthens the level of authentication necessary (two-factor or multi-factor authentication) to meet regulatory, industry, and client requirements. Micro Focus multi-factor advanced authentication can provide MFA through the organization, while the AA Connector for z/OS extends it to the mainframe, ensuring MFA protection for every IBM z/OS endpoint.

MSS enables centrally managed, secure terminal emulation, and it leverages corporate authentication and authorization to only permit verified identities to access to valuable host systems. You can take this even further by using the advanced authentication framework (mentioned above) for the authentication. Learn more about these solutions with this product demo.

Host Access for the Cloud is a browser-based, secure, zero-footprint terminal emulator for the modern enterprise. With Host Access for the Cloud, there is no need to manage desktop software or Java runtime environments. Instead, you can quickly configure and deploy terminal emulation functionality to end users from a single central location on premises or in the cloud. Learn more about it with this Host Access for the Cloud product demo.

Incorporating RPA with the mainframe

Another significant, contemporary use case in the mainframe world is robotic process automation, or RPA. With so much important business data housed on the mainframe, there is a need to leverage it in business-critical process efficiency drives. Accessing mainframe data can be more complicated, so using RPA with the mainframe must be done right.

Involving the mainframe team in any RPA initiative is critical, as they more fully understand the specific needs of this platform. Interacting with a desktop- or web-based application is typically straight forward. However, accessing data on host systems often requires special skills and the right tools such as host connectors and developer APIs.

Enabling mainframe RPA can be broken down into two primary methods: service-enabling the mainframe and HLLAPI. We also refer to these respectively as API- and UI-based approaches to programmatically accessing host data.

The first, more scalable method gives RPA developers the ability to create consumable web services that perform units of work in host-based applications. In an automated process, the RPA tool calls on these RESTful web services as needed. Once the web service has been built, the RPA developer simply needs to feed simple inputs into it and magic happens behind the scenes. We call this “service-enabling the mainframe”, or host.

The alternative is to use HLLAPI, the green-screen data access standard for more than 30 years. In this scenario, the RPA tool leverages HLLAPI to access host data through a terminal emulator and corresponding green screen.

Micro Focus Solutions for RPA and the Mainframe

Micro Focus’ new Host Access for RPA solution supports the methods previously mentioned and just about everything in between. This includes Micro Focus Verastream for service-enablement, and Micro Focus terminal emulation solutions, which uses HLLAPI-like interfaces, including a .NET option. Learn more about this solution by viewing this product demo.

Inventory and analysis of host systems

Because terminal emulation has been around for so long, there are challenges that organizations face. These include, unmanaged configuration sprawl, uncontrolled user behaviors, business continuity risks, failed regulatory audits, and lost or compromised data. To help overcome these challenges, organizations need to have an accurate view of software deployment and a clear vision of user configurations across the organization.

Micro Focus Solution for Inventory and Analysis

Micro Focus offers a solution, with Host Access Analyzer. This solution searches and analyzes endpoints to retrieves real-time usage information, allowing organizations to understand how end users use software. This information helps when planning infrastructure changes or monitoring for non-standard end-user configuration activity. Based on this data, organizations can assess exposure to risk and vulnerabilities, compliance with regulations, and gain insights into how well internal policies are followed. They can also rationalize their infrastructure to optimize helpdesk and administration resources. Based on this view of software deployment and usage, Host Access Analyzer helps organizations ensure compliance and control license usage. Learn more with this product demo from Universe 2021.

Summary

These solutions were showcased during our Universe AMC track, along with some great customer stories, at Universe 2021. In fact, eMiroglio, a major European textile manufacturer was featured at Universe as they discussed how they use Reflection Desktop, Host Access for the Cloud, and Host Access Management and Security Server to meet the challenges of the modern mainframe. To learn more about eMiroglio, check out this great customer success story.

You can still see all that Micro Focus Universe 2021 has to offer. To access this great content, visit Universe 2021 on-demand!

For more info, be sure to check out Ed Airey’s blog post for a great overview of the Application Modernization and Connectivity (AMC) track at Universe.

And for a great overview of Universe 2021 from a Universe attendee, see Misty Decker’s post.

Labels:

Mainframe
Anonymous