The Redirector is a Telnet proxy that is able to accept connections from clients and pass them on, through a different port, to the next stage in the link. The Redirector can serve as a barrier between clients and the target Telnet server. If you do not want a large number of clients connecting directly to your host system and creating a security risk, you can have the clients connect to one or more redirectors. The redirectors pass the connection on to the host, allowing you to hide the address of the host from the client users. On Windows, AIX, and Linux platforms, the Redirector provides the support for Transport Layer Security (TLS) or Secure Sockets Layer (SSL) security between clients and the server. Refer to the Operating systems supported by the Redirector section in the Planning, Installing, and Configuring Host On-Demand guide for more information.
The Redirector acts as a transparent telnet proxy that uses port remapping to connect Host On-Demand to other telnet servers. Each defined server is given a local-port number. Instead of connecting directly to the target telnet server, a Host On-Demand session connects to the Host On-Demand server. The Redirector maps the local-port number to the host-port number of the target and makes a connection.
Redirectors can be connected to each other (in a cascaded configuration). In that case, TLS or SSL security is also available between the Redirectors.
The following scenario shows how the Redirector works. Secure
connections are possible between the client and Host On-Demand server.
The Redirector gives Host On-Demand secure access to a wide range of hosts. Typically a Java applet, such as Host On-Demand, is made secure by preventing access to all local and network resources except the host that directly supports the applet.
The Redirector sets security for each host. Security choices are no data-stream modification (pass-through), client-side encryption, host-side encryption, and encryption on all data flowing between the Host On-Demand emulator session and the secure server (both).