When Tectia Client or ConnectSecure on Windows workstations is used together with Tectia Server for IBM z/OS on mainframe, TN3270 application connections can be tunneled transparently.

The administrator specifies tunneling rules for the TN3270 application connection(s) that need to be secured. Alternatively, it is possible to require that all terminal connections initiated by a certain terminal emulator will be tunneled. Optionally, Tectia Manager can be used to enable centralized deployment and maintenance of secure application connectivity for all workstations with TN3270 access.

When the terminal client accesses a remote mainframe, Tectia Client or ConnectSecure captures the connection transparently and establishes a secure tunnel between the workstation and IBM z/OS system. All TN3270 application connection traffic is then transmitted over an encrypted Secure Shell tunnel, ensuring confidentiality of passwords and application data.