About Legacy protocols for credential propagation

  • 1 minute(s) read
Prev Next

Overview

The Segura® platform supports credential management and secure delivery for legacy systems and protocols, including mainframe (TN3270/5250), Telnet, FTP, and other non-API-compatible applications. Using agentless methods, Segura® can automate credential updates and inject secrets directly into scripts, batch jobs, and configuration files, ensuring compliance and operational continuity for critical legacy infrastructure.

Key Features

  • Mainframe support: automate credential updates and password injection for TN3270/TN5250 mainframe sessions.
  • Telnet/FTP integration: securely manage and rotate credentials for legacy devices and applications using Telnet, FTP, and custom CLI interfaces.
  • Script and batch file integration: update and inject secrets directly into operational scripts, batch jobs, or configuration files.
  • Agentless or agent-based delivery: choose between agentless execution (via secure session proxying) or deploy a local agent where remote updates are needed.
  • Audit and compliance: all credential delivery and rotation events are logged for audit and compliance purposes.

Use Cases

  • Manufacturing and industrial: maintain secure, automated credential management for industrial PLCs and SCADA devices accessed via Telnet.
  • Mainframe environments: automate password changes and secret delivery for legacy mainframe applications using TN3270/5250.
  • Legacy file transfers: inject and rotate FTP server credentials in legacy batch scripts or scheduled jobs.
  • Banking and finance: securely update credentials for COBOL-based systems, ATMs, and core banking platforms.

Integration methods

  • Execution templates: define how credentials are injected or rotated for legacy protocols using customizable templates.
  • Scripted automation: trigger credential updates as part of scheduled jobs, maintenance windows, or upon password expiration.
  • Agent-based delivery: where required, deploy the Segura® Agent to manage credentials on endpoints that cannot be reached directly.

Example: Automated password rotation for FTP script

Suppose you have a legacy batch script that logs into an FTP server. Segura can update the credentials used in this script automatically upon each rotation.

Before rotation

ftp -n -s:login.txt

login.txt contains

user olduser

pass oldpassword

After Rotation

Segura updates login.txt with the new password, triggered by policy or schedule.

Example: Telnet password injection via execution template

  • Configure an execution template to connect via Telnet and inject the new password into the device/application, followed by a verification command.