Reflection for the Web 4.0

Leveraging your infrastructure investment with a Web-to-host solution

Many corporations have a sizable investment in IBM host systems or UNIX systems, as well as a networking and Web infrastructure for Internet, intranet, and extranet functions. Leveraging the investment in these platforms is the goal of Web-to-host products such as WRQ’s Reflection for the Web 4.0. The software provides capable and secure access to both IBM and UNIX hosts via a thin Web client running nothing more than a browser.

For IBM mainframe access, Reflection for the Web supports both 3270 display and printer emulation via the TN3270 protocol. For AS/400 access, the software provides 5250 display and printer emulation using the TN5250 protocol. In addition, Reflection for the Web also provides a wide range of asynchronous terminal support for UNIX host access including VT-100, VT-220, and VT-400, as well as HP 700/92 and HP2392A. The software provides file transfer capabilities for 3270 sessions via IND$FILE file transfer. For AS/400 host sessions, Reflection for the Web includes a SQL wizard that lets you define and submit database queries and perform ASCII file transfers.

Reflection for the Web runs on any HTTP 1.0-compatible Web server, including Microsoft Internet Information Server (IIS), Netscape Enterprise Server, and Apache Web Server. Web clients require Internet Explorer (IE) 4.0 and higher, or Netscape Navigator or Communicator 4.06 and higher.

The software supports both direct connections between the Web clients and the host and gateway-style connections to the host where all the clients connect to the Web-to-host server, which acts as proxy by forwarding the sessions to the host. The direct connections are primarily intended for local network connections that don’t require additional security, and the gateway connections are intended for encrypted sessions between the Web-to-host server and the client.

Installation and Configuration
I installed the Reflection for the Web on a 400MHz system with 320MB of RAM running Windows 2000 Server and IIS 5.0. The software consists of four main components: an administrative applet called the Administrative WebStation for setting up and managing host emulation sessions, a Terminal Emulation applet for providing host connectivity, a Usage Metering applet for tracking the number of Web users running the software, and a Security Proxy applet for encrypting data connections between the Terminal Emulation applet server and the Web clients. You can install the Administrative WebStation applet on any networked system, but you must install the Terminal Emulation applet on the Web server. You can install the Usage Metering component and Security Proxy server on the Web server or on another network-attached system with Java 1.1 or higher runtime support.

The Reflection for the Web CD-ROM I received for review included both UNIX and Windows NT versions of the software. Unfortunately, there was nothing automatic or helpful about the installation process. The CD-ROM didn't include an AutoRun file, and the installation process required me to use Windows Explorer to manually navigate to the installwin32 directory on the CD-ROM and run four different install files. The installation itself was sluggish and didn’t suggest a default directory—even upon subsequent reinstallation of the product. The installer added one Administrative WebStation shortcut to the Start menu, and the installation didn't require starting or stopping the Web server.

You use the Administrative WebStation applet to perform the initial terminal emulation session configuration. The Administrative WebStation, which is a Java applet that provides a set of tabs to step you through the configuration process, was surprisingly easy to run. You begin by setting up the parameters for the host session, and then set up the emulation properties from the Emulation tab, as Figure 1 shows.

The Emulation tab lets you specify the host name and the port for the host Telnet server. It also indicates the type of display session that the software will use to connect to the host and whether the terminal session will be secure. Next, you need to set up the display characteristics of the applet using the Applet tab. From this tab, you can specify whether the host session will display as a separate window or appear in a Web page. The Applet tab also lets you control the type of options you want to provide to the Web client. You can choose Basic, Intermediate, Advanced, and Administrator. Starting with Basic, each setting gives the end user more control than the previous setting over the Terminal Emulation applet that connects to the host. The Configuration tab lets you customize the terminal emulation session's color and keyboard layout. The Browser tab lets you pick the target Web browsers that will host the Java applet. The Administrative Webstation enables support for IE and Netscape Navigator by default. Finally, the Web Page tab lets you generate the HTML that will present the host session to the end user. Unfortunately, Reflection for the Web insisted on saving all its emulation sessions under the winntJavareflectionwebsession folder on the system drive. Because I’m in a continual struggle to keep my system drive as clear as possible, I found this forced path to be less than ideal.

After you generate the HTML page, you can upload it to your Web server using the Deployment Director’s file upload feature. The Deployment Director uses FTP to copy the pages to a target host directory, as Figure 2 shows.

Overall, configuring basic host sessions was quite easy, and I had my first host emulation sessions running in less than 15 minutes. Although this process is fairly simple for an experienced Web administrator, novice administrators might have difficulty because the software provides no options that assist to configure the virtual directories that you need to host the Web pages or perform the FTP transfers.

When I tried downloading the HTML page I had just created to my Web browser, I experienced a short delay of about 5 seconds while the Web server downloaded the Java applet and the applet established a connection to the host. Unsecured sessions connect directly to the host and don't route through the Web server. Reflection for the Web automatically converted the host emulation to a semigraphical display where menu options and command keys appeared as buttons. The emulation session supported all the features that you expect to find in a full-function desktop emulation product, including custom screen colors, keyboard mapping, and macro support.

As I mentioned earlier, you can display Web pages containing the Reflection for the Web Java applet either in a new window or as a part of the current browser window. Showing the host emulation screen in the current browser lets you wrap HTML around the host screen, which you can use to provide additional user instructions or other information surrounding the host Telnet session. However, this approach also causes the software to display the host screen at a fixed size that's set when you create the session. Displaying the Java applet in a new window launches a separate instance of the browser that contains only the host Telnet session. The advantage with this approach is that you can dynamically resize the host session.

Centralized Management and Security
Centralized management vastly simplifies the deployment of multiple Web clients by letting you set up and configure all the host connections from a common management location. Reflection for the Web lets you centrally create and manage host session profiles and easily configure the session required by all users. Unlike competing products, Reflection for the Web doesn't integrate with Windows security and doesn't provide the necessary tools to create or manage groups of users. With this product, managing users and assigning sessions to users is left up to the Web administrator. Reflection for the Web does provide a Usage Metering feature that lets you control the number of client sessions allowed and client licenses used, but it doesn't provide any realtime management or control over active sessions.

Security is always a paramount concern, especially when the connection might take place over the Internet. Standard 3270 and 5250 emulation products send clear text streams between the terminal and the host. While this level of security might be fine for local network connections, this type of connection is not acceptable across an Internet-based WAN link. Reflection for the Web addresses this problem by giving you the option to use its Secure Proxy applet to establish an encrypted connection. In this scenario, the client first connects to the proxy server running the WRQ Reflection Secure Proxy Server that in turn routes the session to the host. Reflection for the Web encrypts the session between the Web client and the proxy server using 168-bit Triple Data Encryption Standard (DES) or 56-bit encryption. WRQ intends for users to implement the proxy server from behind a firewall because the software does not encrypt the connection between the proxy server and the host.

Setting up a direct connect host session was easy, but I found that setting up a secured session was considerably more difficult—much more difficult than with competing products I’ve used. To create a secure session, I first needed to create a Secure Archive to contain the configuration information for the secure sessions. Next, I needed to configure a secure emulation session using the Administrative WebStation applet. Although the secure session creation process was easy, creating the Secure Archive was difficult. First, I had to download the Microsoft software development kit (SDK) for Java and install it on the Web server. The documentation included a link to download this support, but the URL was out of date, forcing me to locate and download the Microsoft SDK for Java manually. Second, I was required to get a Certificate Authority (CA) from a third-party provider—the product had no means of generating a private certificate. Third, after obtaining the certificate, I had to digitally sign the certificate.

Conclusion
Overall, I found Reflection for the Web to be more difficult to install than most competing products. However, once the product was running, it was easy to configure basic host connections. Configuring secure sessions was more difficult only because it involved the laborious process of manually getting all the prerequisites in place. The Terminal Emulation applet offers all the features you might expect for a traditional client-based host emulation product that includes SQL-base file transfer support for the AS/400.