Secure 3270 Web Access Without Plugins or Middleware

A 100% mainframe-based approach to browser access for mission-critical applications

Published: December 18, 2025
Author: Data 21 Technical Services

Executive Summary

In today’s hybrid IT environments, organizations continue to rely on mainframe systems for mission-critical applications while seeking modern, secure, and cost-effective ways to access them. InterSession Web Gateway from Data 21, Inc. provides a powerful solution by enabling direct browser-based access to 3270 applications—without plugins, client software, middleware, or external servers.

InterSession Web Gateway delivers encrypted 3270 emulation through standard web browsers such as Chrome, Firefox, and Edge, using a web server that runs entirely on the mainframe. By eliminating client-side components and intermediary infrastructure, the solution simplifies access, reduces administrative overhead, and strengthens security. This paper explores the financial, administrative, security, and usability advantages of InterSession Web Gateway compared to traditional 3270 access approaches.

Introduction to InterSession Web Gateway

InterSession Web Gateway is a fully mainframe-resident web access solution designed for z/OS environments. It enables users to access VTAM-based 3270 applications as secure web sessions, using nothing more than a standard browser and a URL.

Key capabilities include:

  • Built-in Mainframe Web Server. Provides native HTTP/HTTPS services directly on the mainframe, eliminating the need for external web servers or reverse proxies.

  • Full 3270 Emulation in the Browser.Supports standard terminal functions such as multiple concurrent sessions, cut-and-paste, session switching, screen printing, and screen capture.

  • Secure Authentication Options. Supports password-less access using pass tickets, single sign-on integration, and customizable logon flows.

  • Mobile and Tablet Compatibility. Accessible from modern mobile browsers and supported mobile applications, extending secure mainframe access beyond traditional desktops.

  • High-Performance Architecture. Implements data compression and efficient mainframe-based processing to ensure responsive user experiences even at scale.

Unlike traditional browser-based solutions that depend on Java, ActiveX, or middleware servers, InterSession Web Gateway operates entirely on the mainframe. Users require no VPN client, emulator software, or browser extensions—only a secure HTTPS connection.

Traditional 3270 Access vs. Web Gateway Approach

Traditional 3270 access methods typically rely on layered architectures that introduce complexity and cost:

  • Client-Based Emulators. Require installation, licensing, upgrades, and compatibility management across operating systems and devices.

  • Plugin-Dependent Browser Solutions. Depend on technologies such as Java applets or browser extensions, which introduce security risks and ongoing maintenance challenges.

  • Middleware or Gateway Servers. Require additional hardware or virtual machines to translate web traffic to mainframe protocols, adding latency, cost, and new points of failure.

In contrast, InterSession Web Gateway’s 100% mainframe-based design removes these layers entirely. All web access, encryption, session handling, and application connectivity are handled natively on the host system. This architecture reduces operational complexity while improving reliability and security.

Financial Benefits

InterSession Web Gateway delivers measurable cost advantages:

  • Lower Software and Infrastructure Costs. No per-desktop emulator licenses, no middleware servers, and no third-party web gateways are required.

  • Reduced Deployment and Support Costs. Eliminating client installations and plugins dramatically reduces help desk calls, desktop support effort, and upgrade cycles.

  • Optimized Use of Existing Mainframe Resources. By running entirely on the mainframe, the Web Gateway avoids the cost of additional distributed hardware, operating systems, and patching schedules.

  • Predictable and Scalable Licensing. Licensing is based on active usage rather than individual desktop installs, allowing organizations to scale access efficiently.

Overall, organizations can significantly reduce total cost of ownership by centralizing all access logic on the mainframe.

Administrative Benefits

InterSession Web Gateway simplifies administration by design:

  • Centralized Configuration and Control. All access rules, user profiles, and application definitions are maintained on the mainframe, eliminating distributed administration.

  • Streamlined Maintenance. Updates and configuration changes are applied once, with immediate effect for all users—no endpoint coordination required.

  • Scalable Architecture. Supports high user volumes and workload balancing in multi-system environments without the need for external load balancers or web tiers.

  • Minimal End-User Impact. Users access applications through familiar browser interfaces, avoiding retraining or desktop changes.

This centralized model allows IT staff to focus on governance and optimization rather than endpoint troubleshooting.

Security and Compliance Benefits

Security is a core strength of InterSession Web Gateway:

  • Enterprise Authentication Integration. Works with RACF, CA Top Secret, CA ACF2, supporting passphrases, long passwords, pass tickets, and MFA solutions.

  • End-to-End Encryption. Uses FIPS 140-2 compliant HTTPS encryption to protect data in transit without requiring VPN software.

  • Reduced Attack Surface. Eliminates vulnerabilities associated with browser plugins, local emulators, and middleware servers.

  • Compliance-Friendly Architecture. Centralized security controls and consistent access enforcement simplify audits and regulatory compliance.

By keeping sensitive data on the mainframe and minimizing external dependencies, the Web Gateway strengthens overall security posture.

Usability and Productivity Benefits

InterSession Web Gateway enhances user productivity while maintaining simplicity:

  • Browser-Based, Device-Independent Access. Users connect from virtually any modern device without special software.

  • Efficient Session Navigation. Built-in menus, session switching, and messaging capabilities streamline workflows.

  • Customizable User Experience. Application menus can be tailored to show only authorized resources, reducing errors and confusion.

  • High Performance. Compression and mainframe-level processing reduce latency and improve responsiveness compared to middleware-based solutions.

These features enable secure remote work, third-party access, and extended business hours without increasing support burdens.

Conclusion

InterSession Web Gateway from Data 21, Inc. offers a modern, secure, and cost-effective way to deliver 3270 access through standard web browsers—while remaining entirely mainframe-based.

By eliminating client software, plugins, VPN dependencies, and middleware servers, it simplifies architecture, reduces costs, and enhances security.

For organizations seeking to modernize mainframe access without sacrificing control, compliance, or performance, InterSession Web Gateway provides a proven and elegant solution.

For more information or to request a live demonstration, visit data21.com or contact sales@data21.com.

This site uses cookies. By continuing to browse our site you are agreeing to our use of cookies.