All sensitive data transmissions—including user login sessions—can be configured to occur over secure communication protocols encrypted using proven algorithms.
Utilize the secure HTTPS protocol for user sessions
Rocket Servergraph is a web-based application that utilizes the secure HTTPS protocol for user sessions. The web server can be configured to require the strongest levels of encryption such as Transport Layer Security (TLS) v1.2 on top of modern encryption ciphers and key exchange protocols. This ensures that your web sessions will be secure from both eavesdropping or man-in-the-middle attacks.
Servergraph’s connections to your backup systems support various protocols for your functional requirements, though the secure SSH version 2 protocol is much preferred. This ensures that all the sessions will require authentication and be protected from unauthorized access or eavesdropping.
Leverage native security of IBM i environment
Rocket® DevOps runs within the IBM i environment and leverages its native security. Rocket® DevOps Lifecycle Manager (Enterprise Edition) is a web-based application and supports secure sessions using the HTTPS protocol. The web server can be configured to require the strongest levels of encryption, including Transport Layer Security (TLS) v1.2, with modern encryption ciphers and key exchange protocols layered on top. This ensures that your web sessions will be secure from eavesdropping or man-in-the-middle attacks.
All movement of code, including check-ins, check-outs, and in-application transfers, utilizes SSH encryption in transit.
Support for the latest encryption standards
All data transfers using Rocket® API are secured through encrypted protocols, including the latest implementations TLS1.2 and SSHv2. These protocols and their associated cipher suites ensure the integrity of the data being transferred between your mainframe and the end users to prevent technical errors, unauthorized access, or malicious interference.
Use hardware-based encryption with Mainstar and OpenTech
Ensure your data is protected at all times with powerful hardware-based encryption through the native IBM Z Integrated Cryptographic Service Facility (ICSF). This allows you to encrypt all data between your primary and backup hardware with end-to-end encryption using strong ciphers, including 3DES and AES256-CBC. RSA encryption is also supported.
Ensure BlueZone clients are connecting with the strongest encryption levels
Rocket® BlueZone and BlueZone Web support the latest in encryption protocols and algorithms for all client-to-host system communications. These include TLS1.2 and SSHv2 with FIPS-compliant ciphers. For additional security, support for older protocols and ciphers can be explicitly disabled to prevent any possibility of weakly encrypted sessions or downgrade attacks.
In environments where encryption cannot be supported directly between clients and the backend host system, Security Server acts as a proxy, insulating clear-text communications within your local network while establishing strongly encrypted sessions across public networks with your clients.