Secure Connectivity Secure Web Server

To Web-enable the business-critical transaction applications you’re running in your OS 2200 high-volume transaction processing environment, there’s no better solution than our Web Transaction Server for ClearPath OS 2200.

Security Features

This solution includes numerous security features that exceed those provided by most other transaction servers:

• The interoperability of OS 2200 and Web Transaction Server for ClearPath OS 2200 with Kerberos and NTLM lets you leverage your investment in Microsoft Windows based network authentication into your OS 2200 environment.
• This solution supports industry-standard Secure Sockets Layer (SSL) encryption that protects all data sent between your Web-enabled applications and their users’ Web browsers. Digital certificates are supported;  Web Transaction Server includes interfaces to generate public/private key pairs, generate certificate requests and install server security certificates.
• Malicious users are prevented from placing any unauthorized and potentially dangerous files into your OS 2200 environment.
• Internet and intranet users can access only the OS 2200 program files and transactions that you specifically register – completely eliminating any chance of transaction users executing unauthorized code in your OS 2200 environment.
• Web Transaction Server for ClearPath OS 2200 supports aliases for file names and transactions. Aliases make it difficult for a malicious outside user to determine the actual names needed for an external attack.
• Administration traffic is isolated from Web traffic; the administration program uses a separate administrative port. You can protect this port from external Web access with standard firewall mechanisms, thus preventing hackers from modifying your Web Transaction Server configuration. To provide even greater security, traffic between the administration program and Web Transaction Server is encrypted.
• Web Transaction Server supports transaction user authentication so that the transactions it schedules can be run with the proper security attributes. This enables the authorization and auditing of these transactions.

Best Practices

Following their independent security assessment, Symantec concluded that Web Transaction Server for ClearPath OS 2200 (formerly WebTS) exemplifies the security industry’s best practices when they said:

“The security features implemented within WebTS will allow customers to deploy applications using WebTS with confidence. The WebTS architecture supports Authentication, Authorization and Access Control, provides Session Management and performs Data Validation to reduce the risk of attacks directed at the WebTS application. Additionally, Unisys provides recommendations to their customers to help deploy the application in a secure manner and understand the potential impacts of insecure applications.”
 
Source: Symantec Corporation. “ClearPath OS 2200 WebTS 5R4 Security Assessment.” October 2005