Duo Security Login to Mainframe and AS/400 Hosts

z/Scope Anywhere Web Terminal Emulator

We have discussed the importance of secure login in our previous posts about multi-factor authentication.
When you incorporate multi-factor authentication (MFA) methods at your access point, your users will be required to confirm their identity presenting two or more “factors” or pieces of evidence that prove they are who they say.
The adoption of such a security measure minimizes the risks of non-authorized user access to your databases, websites and other critical data. As said Keith Banham, Mainframe Research and Development Manager at Macro 4:

“Continuing to rely on a password alone for user authentication exposes business-critical applications to unacceptable risk. Hackers are now very adept at misleading people into revealing their passwords or they use technology to crack, steal or by-pass them altogether.”

At Cybele Software, we encourage our web terminal emulation users to adopt MFA methods to prevent security access britches on the login instance of Mainframe and AS/400 hosts.
We have been presenting different articles with tutorials to cover the available options, and we hope you consider them all and chose the best for your present scenario.

Integrate Duo 2FA Secure Login to z/Scope Anywhere v8.5

After checking that you’re running the latest version (1), please follow these steps:
On the Duo admin login page (open it here):
Duo Security Login to Mainframe and AS/400 Hosts
1) Navigate to the “Applications” tab and click on “Protect an Application”:
Duo Security Login to Mainframe and AS/400 Hosts
2) Search for “Web SDK” and click on “Protect this Application”:
Duo Security Login to Mainframe and AS/400 Hosts
3) In here, you will find your “Integration Key”, your “Secret key” and your “API Hostname”, required to configure the terminal emulation server’s side:
Duo Security Login to Mainframe and AS/400 Hosts
4) Open the z/Scope Anywhere Configuration Manager, click on “Server Settings”, navigate to the “Authentication” tab, click on “Add”, and chose “DUO”.
Duo Security Login to Mainframe and AS/400
Duo Security Login to Mainframe and AS/400
5) You must now enter your “Integration Key”, “Secret Key”, and “API Hostname” provided by DUO:
Duo Security Login to Mainframe and AS/400
6) Click “OK” and “Apply”.
7) Navigate to the z/Scope Anywhere server.
A new method of authentication should have been added to the drop-down menu:
Duo Security Login to Mainframe and AS/400
After you enter valid DUO credentials, you will be redirected to the 2FA option method:
Duo Security Login to Mainframe and AS/400
You can choose to either:

  • Send a push to a DUO validated mobile device ( Using the DUO Mobile application )
  • Call a number associated with that DUO account.
  • Send an SMS text message with a Passcode.

And that’s it!
(1) z/Scope Anywhere 7 has been replaced by version 8.5 (see the release notice here). This security feature was not supported by previous terminal emulation editions, neither desktop or web-based.
If you have a z/Scope Anywhere 7 license, contact our support team to check whether you are entitled to run a free update. You can also request our help to check exactly the version you run.
To download a setup for the latest build visit our download page or take a look to the features page to learn the advanges of switching from the desktop terminal emulator to a web browser client to access your mainframes.
If you want to read more about the reasons why you should adopt further security measures, take a look to Keith Banham’s article about mainframe security.
Quick Tip: Learn how to configure Centrify SSO with SAML for z/Scope Anywhere.
Is there any other MFA you would like us to support?
Contact us at [email protected] or leave a message on this same post.

Leave a comment

Cookie Preferences
Privacy and Cookie Policies
Cybele Software implements specific policies to enhance your browsing experience while respecting your privacy. When you visit Cybele Software's website, the site uses cookies to personalize your experience. These small files remember your preferences and the details of your repeated visits, aligning closely with Cybele's Privacy Policy.

You have complete control over the cookies used during your visit:
- Accepting All Cookies: You can agree to the use of all cookies by clicking “Accept All.” This provides a smoother, more integrated experience.
- Customizing Cookie Settings: If you prefer to manage your preferences, you can click on "Cookie Settings." This allows you to give controlled consent by selecting which types of cookies you agree to activate.
- Opting Out: You also have the option to opt-out entirely from non-essential cookies. It's important to note that choosing this option might impact your experience on the website, potentially limiting certain functionalities and features.
These features ensure that you can tailor your browsing according to your personal preferences and privacy concerns.