About Legacy protocols for credential propagation

  • 1 minute(s) read
Prev Next

Overview

The Segura platform supports credential management and secure delivery for legacy systems and protocols, including mainframe (TN3270/5250), Telnet, FTP, and other non-API-compatible applications. Using agentless methods, Segura can automate credential updates and inject secrets directly into scripts, batch jobs, and configuration files, ensuring compliance and operational continuity for critical legacy infrastructure.

Key Features

  • Mainframe support: automate credential updates and password injection for TN3270/TN5250 mainframe sessions.
  • Telnet/FTP integration: securely manage and rotate credentials for legacy devices and applications using Telnet, FTP, and custom CLI interfaces.
  • Script and batch file integration: update and inject secrets directly into operational scripts, batch jobs, or configuration files.
  • Agentless or agent-based delivery: choose between agentless execution (via secure session proxying) or deploy a local agent where remote updates are needed.
  • Audit and compliance: all credential delivery and rotation events are logged for audit and compliance purposes.

Use Cases

  • Manufacturing and industrial: maintain secure, automated credential management for industrial PLCs and SCADA devices accessed via Telnet.
  • Mainframe environments: automate password changes and secret delivery for legacy mainframe applications using TN3270/5250.
  • Legacy file transfers: inject and rotate FTP server credentials in legacy batch scripts or scheduled jobs.
  • Banking and finance: securely update credentials for COBOL-based systems, ATMs, and core banking platforms.

Integration methods

  • Execution templates: define how credentials are injected or rotated for legacy protocols using customizable templates.
  • Scripted automation: trigger credential updates as part of scheduled jobs, maintenance windows, or upon password expiration.
  • Agent-based delivery: where required, deploy the Segura Agent to manage credentials on endpoints that cannot be reached directly.

Example: Automated password rotation for FTP script

Suppose you have a legacy batch script that logs into an FTP server. Segura can update the credentials used in this script automatically upon each rotation.

Before rotation

ftp -n -s:login.txt

login.txt contains

user olduser

pass oldpassword

After Rotation

Segura updates login.txt with the new password, triggered by policy or schedule.

Example: Telnet password injection via execution template

  • Configure an execution template to connect via Telnet and inject the new password into the device/application, followed by a verification command.