New Features

EXTRA! 9.3 Service Pack 1 includes the following features:

  • Windows 8.1 Update 1 Compatibility
    Earned Windows 8 logo via Windows 8 and Windows 8.1 test platforms.
  • Microsoft Office 2013 Integration
    Office integration features tested and supported with Microsoft Office 2013, 32- and 64-bit.
  • Novell ZENworks Application Virtualization (ZAV) integration
    EXTRA! 9.3 template now available in Novell ZAV for faster packaging and deploying of the application.
  • Transport Layer Security (TLS) 1.2
    Added support for TLS 1.2. TLS 1.2 provides better security of data in motion with more secure confidentiality and integrity using AES GCM mode, SHA256 hashing and additional protocol protections.
  • Support for IBM Logon Feature with Reflection Security Proxy
    Implemented Reflection Security Proxy End-to-End security for 3270 sessions. This feature enables TN3270 connections to use a TLS-secured link with FIPS 140-2 validated encryption through the Attachmate Reflection Security proxy with token-passing, ultimately allowing Express Login Feature (ELF) on the IBM host while enforcing access control. End-to-end security encrypts data all the way to host. Normally, the second half of the connection from Reflection Security Gateway to the host is in clear text. Two-factor authentication (2FA) with certificates and double encryption protects the data in motion better than ever before.
  • Reflection Certificate Manager
    The Reflection Certificate Manager is now included with EXTRA! to manage digital certificates for 3270 sessions and configure aspects of Reflection PKI support. The Reflection certificate store can be used for authentication during Secure Shell and/or SSL/TLS sessions. EXTRA! can authenticate using digital certificates located in either the Windows certificate store or the Reflection certificate store (or both).
  • Support for SHA-256 Secure Sockets Layer (SSL) Certificates
    Added support for SHA-256/RSA-2048 digital signatures to provide more secure authentication and meet both U.S. DOD and NIST 800-131A recommendations.
  • CRL and OCSP options now available to TN3270 sessions
    For instructions on configuring these options, see the topic “Configuring Certificate Revocation Checking” in Help > EXTRA! Help Update.
  • Updates available to CAIL HP NonStop/Tandem/6530 terminal emulation
    Support added for a padlock icon in the 6530 status line to indicate that a host connection is secure.

    The OpenSSL version used for encrypting data between desktops and Tandem NonStop hosts for SSL connection has been updated to address security concerns and is now based on the OpenSSL 1.0.1 branch which is not vulnerable to the “Heartbleed” vulnerability. See Technical Notes 2501 and 2724.

The following features were introduced in EXTRA! 9.3:

Windows 8 Compatible

Attachmate EXTRA! 9.3 meets the requirements outlined in the Windows 8 Compatible logo specification, including (but not limited to) adherence of the Windows Security best practices and 64-bit support.

Updated SSL/TLS and SSH security components

This release includes the latest Attachmate Reflection security components for SSL/TLS and SSH. These cryptographic modules are validated against the stringent Federal Information Processing Standards (FIPS 140-2) federal security specification. For instructions on using updated Reflection security components in your sessions, see Securing EXTRA! Connections.

Enhanced Macro Recording and Playback for CAIL HP NonStop/Tandem/6530 terminal emulation Sessions

The macro recording and playback features for HP NonStop sessions have been enhanced to allow typing in password and hidden fields to be replaced by a user prompt dialog box at playback time.

Integration with Reflection Security Gateway

Reflection Security Gateway provides increased security to EXTRA! by leveraging the current enterprise authentication infrastructure. By using Reflection Security Gateway with EXTRA!, you have access to the following features:

  • Improved Session Management

    Create sessions and make them available to client workstations from the Reflection Management Server. The Reflection Management Server authenticates users connecting to hosts via the Reflection Security Proxy Server. For details, see Securing Sessions with Reflection Security Gateway.

  • User Authorization Support

    Increase security in your host connections by using the Reflection Security Proxy Server to control access with user authorization tokens. For details, see Configure Sessions that Connect using the Security Proxy and User Authentication Tokens.

  • ID Management

    Clients can use resource IDs to authenticate host connections, eliminating the need for administrators to create configurations for each and every client. For more information, see Configure Sessions to use ID Manager to Assign Terminal IDs.

  • Usage Metering

    Use metering to track and report product usage from client workstations. Metering also allows you to limit the number of concurrent users that can access a host at a given time. Metering is a web-based management system provided by the Reflection Metering Server, which is included in Reflection Security Gateway. For more information, see Enable Usage Metering.

A complete list of product enhancements and fixes can be found in the EXTRA! 9.3 SP1 New Features and Release Notes,Technical Note 2738.