EXTRA! 9.3 Service Pack 1 includes the following features:
- Windows 8.1 Update 1 Compatibility
Earned Windows 8 logo via Windows 8 and Windows 8.1 test platforms.
- Microsoft Office 2013 Integration
Office integration features tested and supported with Microsoft Office 2013, 32- and 64-bit.
- Novell ZENworks Application Virtualization (ZAV) integration
EXTRA! 9.3 template now available in Novell ZAV for faster packaging and deploying of the application.
- Transport Layer Security (TLS) 1.2
Added support for TLS 1.2. TLS 1.2 provides better security of data in motion with more secure confidentiality and integrity using AES GCM mode, SHA256 hashing and additional protocol protections.
- Support for IBM Logon Features with Reflection Security Proxy
Implemented Reflection Security Proxy End-to-End security for 3270 sessions. This feature enables TN3270 connections to use a TLS-secured link with FIPS 140-2 validated encryption through the Attachmate Reflection Security proxy with token-passing, ultimately allowing Express Login Feature (ELF) on the IBM host while enforcing access control. End-to-end security encrypts data all the way to host. Normally, the second half of the connection from Reflection Security Gateway to the host is in clear text. Two-factor authentication (2FA) with certificates and double encryption protects the data in motion better than ever before.
- Reflection Certificate Manager
The Reflection Certificate Manager is now included with EXTRA! to manage digital certificates for 3270 sessions and configure aspects of Reflection PKI support. The Reflection certificate store can be used for authentication during Secure Shell and/or SSL/TLS sessions. EXTRA! can authenticate using digital certificates located in either the Windows certificate store or the Reflection certificate store (or both).
- Support for SHA-256 Secure Sockets Layer (SSL) Certificates
Added support for SHA-256/RSA-2048 digital signatures to provide more secure authentication and meet both U.S. DOD and NIST 800-131A recommendations.
- CRL and OCSP options now available to TN3270 sessions
For instructions on configuring these options, see the topic “Configuring Certificate Revocation Checking” in Help > EXTRA! Help Update.
- Updates available to CAIL HP NonStop/Tandem/6530 terminal emulation
Support added for a padlock icon in the 6530 status line to indicate that a host connection is secure.
The OpenSSL version used for encrypting data between desktops and Tandem NonStop hosts for SSL connection has been updated to address security concerns and is now based on the OpenSSL 1.0.1 branch which is not vulnerable to the “Heartbleed” vulnerability.
Support added for Hotspots in 6530 sessions in conversational and block mode.
0 – hotspots disabled (default)
Bit 0x1 – enable hotspots in conversational mode
Bit 0x2 – enable hotspots in block mode
In conversational mode double-clicking a word will simply send the word. If the double-click is on a “SFn” or “Fn” word then it will send the function key sequence.
In block mode, hotspots are only effective in block protect submode. Double-clicking a “SFn” or “Fn” word will send the function key sequence.
Words are delimited by any non-alpha or non-numeric character.
The following features were introduced in EXTRA! 9.3:
Windows 8 Compatible
Attachmate EXTRA! 9.3 meets the requirements outlined in the Windows 8 Compatible logo specification, including (but not limited to) adherence of the Windows Security best practices and 64-bit support.
Updated SSL/TLS and SSH security components
This release includes the latest Attachmate Reflection security components for SSL/TLS and SSH. These cryptographic modules are validated against the stringent Federal Information Processing Standards (FIPS 140-2) federal security specification. For instructions on using updated Reflection security components in your sessions, see Securing EXTRA! Connections.
Enhanced Macro Recording and Playback for CAIL HP NonStop/Tandem/6530 terminal emulation Sessions
The macro recording and playback features for HP NonStop sessions have been enhanced to allow typing in password and hidden fields to be replaced by a user prompt dialog box at playback time.
Integration with Reflection Security Gateway
Reflection Security Gateway provides increased security to *GENERIC* short product name by leveraging the current enterprise authentication infrastructure. By using Reflection Security Gateway with *GENERIC* short product name, you have access to the following features:
- Improved Session Management
Create sessions and make them available to client workstations from the Reflection Management Server. The Reflection Management Server authenticates users connecting to hosts via the Reflection Security Proxy Server. For details, see Securing Sessions with Reflection Security Gateway.
- User Authorization Support
Increase security in your host connections by using the Reflection Security Proxy Server to control access with user authorization tokens. For details, see Configure Sessions that Connect using the Security Proxy and User Authentication Tokens.
- ID Management
Clients can use resource IDs to authenticate host connections, eliminating the need for administrators to create configurations for each and every client. For more information, see Configure Sessions to use ID Manager to Assign Terminal IDs.
- Usage Metering
Use metering to track and report product usage from client workstations. Metering also allows you to limit the number of concurrent users that can access a host at a given time. Metering is a web-based management system provided by the Reflection Metering Server, which is included in Reflection Security Gateway. For more information, see Enable Usage Metering.
A complete list of product enhancements and fixes can be found in the EXTRA! 9.3 SP1 New Features and Release Notes,Technical Note 2738.