FREQUENTLY ASKED QUESTIONS
Got a question? We’ve got answers. When you’re looking for more information about products and technologies, our Frequently Asked Questions (FAQ) pages are a great place to start and an excellent way to jump-start your applications. Our experienced technical support team has collected and documented the answers to questions regularly asked by BlueZone and HostFront users. Use the links below to quickly reach answers to questions applicable for your product.
Q 1. How does a BZAS / HostFront Client communicate with the host and what encryption standard it supports?
The BlueZone Access Server (BZAS) or HostFront Server Clients communicate with host systems through the BZAS / HostFront-enabled Web Server. BZAS / HostFront reside on a Windows based Web Server and runs as a Windows service. The BZAS / HostFront service coordinates all communications between BZAS / HostFront clients and the host, and provides a persistent or non-persistent connectivity between client and host. The client communicates with BZAS / HostFront Server via TCP/IP or HTTP; BZAS / HostFront Server communicate with the host using industry-standard methods such as Telnet, BlueZone Access Server (BZAS) or HostFront Clients do not communicate directly with the AS/400 or mainframe host system. The client communicates securely with the server using TCP/IP or HTTP. The Server communicates with the host system using a TN5250E or TN3270E connection. TN3270E, TN5250E, VT100, and/or Microsoft HIS for remote connection.
BZAS / HostFront have built-in 128-bit bi-directional encryption capability ensures that data is securely transmitted between the client ActiveX and the BlueZone Access Server (BZAS) or HostFront Server. This capability deprives hackers the ability to gain access to the host by “sniffing” the network connection. In addition, BZAS / HostFront provide support for industry-standard Public Key Infrastructures (PKIs) such as SSL 3.0/TLS 1.2/RSA-based encryption or SecurID token-based authentication to name a few.
BlueZone Access Server (BZAS) / HostFront is very secure since it is based on a three-tier architecture, which eliminates direct interaction between the user and the host. BZAS / HostFront mediate the client-host connection. This type of architecture allows BZAS / HostFront to establish a very strict user-authentication procedure and to create an air-tight level of security through its built-in encryption services and enhanced management control. Furthermore, the architecture allows BZAS / HostFront to operate on a physically separate server offering an added layer of security when the server is placed in the demilitarized zone (DMZ) of a company’s network. This type of setup allows BZAS / HostFront to control public access to the private SNA or TN3270E/TN5250E/Telnet gateway located securely behind the firewall on the corporate intranet.
BZAS / HostFront Server provides user authentication as its first level of security. The server authentication process can be synchronized with Windows® Domain Security or RSA ClearTrust to allow a Single Sign-On process. It also works with RSA SecurID tokens to provide maximum access control.
Built-in encryption provides BZAS / HostFront’s next level of security. All data transmission between the client and BZAS / HostFront Server is encoded using bi-directional 128-bit encryption. This deprives hackers the ability to gain access by “sniffing” the network connection. In addition, BZAS / HostFront also provide support for industry standard Public Key Infrastructures (PKIs) such as SSL 3.0/RSA-based encryption, or SecurID token-based authentication, to name a few.
Following is a list of some of the benefits:
- Resides on a cost-effective Windows® server platform (2008 or 2012)
- BZAS / HostFront connects users securely to your host without the need to install terminal-emulation software on each client PC
- BZAS / HostFront provide multiple levels of security including encryption, domain authentication, and support for RSA SecurID and Clear Trust.
- BZAS / HostFront clients can communicate with the server over HTTP standard port 80 (or 443) only, completely shielding the host from the outside environment.
- With a standard Web browser that supports ActiveX, users can easily access the IBM host applications by simply downloading ActiveX clients to establish Display, Print, and File Transfer sessions with the host.
- For companies not wishing to use a browser, BZAS provides a Windows®-based Thin Client possessing a user interface that is similar to the browser-based ActiveX control
- Centralized distribution and management of clients reduces total cost of ownership (TCO)
- BZAS / HostFront has a server interface that can support custom communication protocols as well as EDI formats
- BZAS / HostFront downloads very small ActiveX-based ‘thin clients’ to your browser window
- Remote users can establish a secure session with the host application in seconds, whether they have broadband access or a dial-up connection
- Small clients provide users with full-featured host access. Users can initiate full display emulation, conduct secure bi-directional file-transfer, and print formatted reports in a variety of languages with just the click of the mouse
- BZAS / HostFront supports English and Arabic language.
BlueZone Access Server (BZAS) / HostFront support three types of clients: Display, Print, and File Transfer. Administrators can selectively grant access to users depending on their required tasks. Specific features of each client are as follows:
- The Display client offers many productivity features including keyboard mapping, local or centralized macros, hotspots, light pen, and a unified look and feel regardless of host connection type.
- The Printer client is highly customizable and can accommodate non-standard print forms. Remote agents, partners, or employees can have their reports printed directly over the Internet, anywhere in the world.
- The File Transfer client supports IND$FILE, APPC, 5250 and 3270 FTP. With an explorer-like intuitive interface, files can be dragged and dropped from source to destination. In addition, unattended transfers can be automated, requiring no human intervention.
Yes. BZAS / HostFront products include full keyboard mapping. BZAS / HostFront also features pop-up graphical short keys help improve user efficiency and productivity.
Yes. BZAS / HostFront supports remote host printing over an intranet or the Internet. This includes locally connected printers and network printers. BZAS / HostFront ActiveX-based print sessions provide built-in encryption to secure data transfers over an IP network. BZAS / HostFront printer clients graphically display the status of print jobs, the sending of print jobs by the host, pages printed, and pages left to print. In addition, the printer clients provide local control of the output format and types of fonts to accommodate a variety of non-standard forms.
BZAS / HostFront’s user access authentication is synchronized with Microsoft’s Windows Domain Security to enable a Single Sign-On process over an intranet or extranet. BZAS / HostFront’s authentication procedure compliments the existing security offered by the Host. And it also supports Novell iChain Authentication and RSA SecurID.
BlueZone Access Server (BZAS) / HostFront supports the following screens:
|TN3270E Screen Size||Columns x Rows|
|Model 2||80 x 24|
|Model 3||80 x 32|
|Model 4||80 x 43|
|Model 5 1||32 x 27|
|Dynamic All the above|
Q 9. The client has forgotten the HAM Administrator login password and they are not able to recollect the old password. How can we reset the Administrator password?
The HAM’s administrator password can only be reset if they login.
BlueZone has no dependency on zOS. It should work fine with V2R2.
No, because Edge does not support Active X. Use Internet Explorer.
Q 12. Can we configure HFS/BZAS database on a different instance other than default MS SQL instance?
When you create/connect to your database, you need to specify the Instance, like “SQL Server IP\InstanceName”.
ActiveX in BZAS won’t run in 64-bit IE. However, the default version of IE (Version 11) on Win7 can be changed to be 32 bit, if necessary, by a checkbox in IE’s Advanced Options.
Latest version (5.3.1) of BlueZone Access Server support TLS 1.2.
Q 15. Host Front application have any dependency on cookies. Will it affect HF if they disable cookies?
HFS/BZAS version 5.3.0 is compatible with Microsoft SQL Server 2016.