Features Added in Enterprise Server 6.0

Back to Top

Support has been added to enable you to work with containers from the IDE. In particular you can now create a Dockerfile for a COBOL project, and build, debug and run a COBOL project in a container, all from the IDE.

Back to Top

The following enhancements are available:

• Definition Import/Export Tool - a new utility, casesxml, has been added to enable you to import and export enterprise server definitions. Using casesxml you can do the following:
  • generate .xml files, in casesxml export format, that contain structured definitions of a region, a CICS resource definition file, and the catalog
  • import a casesxml export format .xml file to update the definitions of a region, a CICS resource definition file, and the catalog
• IPv6 support (EAP) - This feature is in Early Adopter Program (EAP) release status. Some Enterprise Server components and features now support Internet Protocol version 6 (IPv6) network addressing and connectivity. Due to limitations with IPv4, IPv6 is becoming more common within corporate networks and on the public Internet. In some cases, the use of IPv6 can improve interoperability and simplify network configuration.
• Administrative Commands - the add command in cascertreg now contains new options (-cwi setting, -dcas setting, -issuer, and -subject).

Back to Top

This release provides the following enhancements:

• Micro Focus Secrets file storage permissions

  The Micro Focus Secrets feature (also known as the Vault feature) provides centralized storage for sensitive information such as passwords, with some protection against accidental disclosure or discovery by unauthorized users. Prior to this release, the only supported storage mechanism was a conventional file containing encrypted data. In this release, the permissions on the storage file and on the Secrets configuration file are set more restrictively to help protect the secrets.

• Certificate wildcard support

  The X.509 digital certificates used to identify servers when making TLS (SSL) connections permit the use of fully-qualified domain names with wildcards for some parts of the name. This enables administrators to use a single certificate issued to, for example, *.mycorp.com for any number of servers with fully-qualified names like www.mycorp.com, server1.mycorp.com, and so on. These wildcard-bearing certificates are now supported by client programs using Micro Focus communication technology when validating a server's certificate.

• Improved ACL wildcard support

  In the Access Control Lists used for resource access control with LDAP-based security in Enterprise Server, the ".**" wildcard sequence now behaves more similarly to mainframe RACF. A number of additional options for wildcard processing are also available.

• PKIX compliance for TLS certificate validation

  The standard for using X.509 digital certificates to authenticate servers when making TLS (SSL) connections is known as PKIX, for Public Key Infrastructure (X.509). It is defined by a series of IETF RFC documents, currently RFC 5280 and others. In previous releases, the certificate validation performed by this product did not conform to PKIX in a number of ways, most notably in using DNS address-to-name resolution in an attempt to match a certificate to a host. With this release, clients using Micro Focus Common Client technology, such as COBOL web service proxy programs, CAS utility programs, and customer applications that use the CICS Web Services Interface feature, will by default, use stricter procedures for validating certificates which more closely conform to PKIX. This improves TLS security and interoperability.

• Security improvements for XML parsing

  In this release the third-party components used for parsing XML data have been updated, or have had bug fixes integrated into the version used by Micro Focus, to address published security vulnerabilities. Also, XML external-entity support has been disabled except where it is required by a particular product feature; this prevents XML External Entity (XXE) attacks on customer systems by attackers who can trick a customer application into parsing a malicious XML document.

Back to Top

This release offers the following new features and improvements:

• MFDS User Interface functionality replacement - ESCWA can now communicate with remote MFDS instances, and displays the equivalent pages of MFDS. Configuring regions, and their IMS, PL/I, MQ, and XA options, and security, is now available.
• ESMAC User Interface functionality replacement - ESCWA can communicate with remote ESMAC instances, and can replicate functionality and display all the information provided by ESMAC.
• Configurable User Interface access - you can now configure the ESCWA security manager to control user and group access to certain aspects of the user interface, such as, native, and security menu items.
• Usability improvements
  • Starting and stopping regions from the navigation tree.
  • The native menu items are not displayed if the region features are not configured correctly.
  • Configuration of the display colors for MFDS hosts and regions to distinguish them with ease.
• CICS resource support - the following resources are supported: ICEs, DocTemp, TCPIPService, URIMap, Bundle, Pipeline, and WebServices.
• Scale-Out support - ESCWA has improved the way it displays a Scale-Out Repositories (SORs) association with its PAC and member regions.
• Redis support - Redis is supported as a SOR when running this product in a PAC. Features include:
  • Redis cluster support
  • A Mfredis configuration file - enables you to configure reconnection when any network errors occurs. You can also use the file to configure Lua scripts tracing on servers.
  • Authentication support for the standalone Redis server.

Back to Top

Improvements are available in the following areas:

• BMP inbound and outbound message processing - full support is available for BMP inbound and outbound message processing. Batch message processing programs (BMPs) can now access the IMS message queue for input and output, in addition to their batch-type processing and data-access capabilities.
• Commands - the following commands are now supported: - /START TRAN ALL, /DISPLAY Q TRAN, and /DISPLAY STATUS TRAN.
• DB Control SUSPEND / RESUME commands in an active system - IMS DB Control supports the SUSPEND command while transactions are active. DB Control will block any new units of work and allow active UOWs to complete during a quiesce. Once DB Control reaches a state with no outstanding UOWs it suspends. Note a long running BMP may prevent a system from suspending.

  This enables support for administrative tasks such as database and transaction log archiving. It also enables the creation of new transaction logs when roll forward recovery is enabled.

• IMS BTS trace - IMS BTS trace is now visible from active SSTM and batch jobs. WIDTH and NOHEX options have been added for additional control of trace output format.

  This enables BTS output to be viewed when debugging a batch IMS application. Previously the job step had to complete before the trace was visible. This also enables you to view the trace output in an active SSTM job. Previously the MPR had to be stopped to make trace output visible.

• User DB handler exit - database exit support has been added for GSAM databases. This provides programmatic control of the DB Catalog setting for a database instead of using the defined DB Catalog. Also, this exit can process DL/I calls completely, for example, to map DL/I calls into VSAM I/O requests. Previously, this exit was available only for full function databases.

  To assist you with writing an exit, a template file, USERDB.CBL, and an explanatory text file, USERDB.TXT, are available with your IMS classic samples.

• JES Alias support - the JES aliasing feature can be used with IMS DLI and BMP applications run from JCL.[21]

Back to Top

Enhancements are available in the following areas: