Posts Tagged secure ftp

What to look for in a Managed File Transfer solution

Posted by bluebbe on Wednesday, 21 April, 2010

Managed File Transfer (MFT) is the process of automating and securing data transmissions from a centralized enterprise-level approach. Managed File Transfer solutions eliminate the need for numerous tools, scripts and manual steps that organizations have traditionally used to move, transform and secure data.

A significant benefit of using a Managed File Transfer product is to “reign in” the prevalent use of standard FTP and other unsecure protocols. Organizations cannot afford to risk the exposure of confidential and personal identifiable information, so encryption and audit trails have become a critical feature of effective Managed File Transfer solutions. This is essential for complying with PCI DSS, GLBA, HIPAA and the growing number of state privacy laws.

Listed below are some of the critical features we believe you need to look for when researching Managed File Transfer solutions:

  • Allows for remote administration and monitoring (preferably through the browser)
  • Runs on a variety of operating systems (e.g. Windows, Linux, IBM i, AIX, etc.)
  • Has a short learning curve without the need for programming or special skills
  • Supports secure FTP protocols of SFTP and FTPS
  • Supports popular encryption standards such as Open PGP, SSH, SSL, TLS, S/MIME and AES
  • Includes key management tools for SSH keys, Open PGP keys and SSL certificates
  • Can compress data using ZIP, GZIP and TAR
  • Supports HTTP and HTTPS protocols
  • Can integrate with back-end database systems such as DB2, SQL Server, Oracle, PostgreSQL, Informix, MySQL and Sybase
  • Has a built-in scheduler for running transfers at future dates and times
  • Provides commands and APIs for interfacing from customer applications
  • Produces comprehensive audit trails of all file transfer activity
  • Sends instant email alerts when problems occur
  • Does not require your trading partners to purchase the same software
  • Allow unlimited users and trading partners
  • Uses non-proprietary (standards-based) protocols

Tags: , Category: General Comments (0)

Secure FTP

Posted by bluebbe on Thursday, 4 February, 2010

One of the best solutions for protecting your FTP transmissions is to utilize “Secure FTP” encryption technology.

The two popular Secure FTP protocols are named SFTP (meaning FTP over SSH) and FTPS (meaning FTP over SSL). Both SFTP and FTPS will create encrypted tunnels between your system and your trading partners. In essence, anything that flows over those tunnels will be protected, including any user ids, passwords, commands, as well as any data that is transmitted.

One of the main differences between SFTP and FTPS is the way authentication is performed. With SFTP, clients can be authenticated with just a password or a Private Key. With FTPS, clients and servers can be authenticated with certificates, which are either self-signed (by your organization) or signed by a Certificate Authority (e.g. Verisign).
Choosing the right type of Secure FTP protocol to use will depend on your trading partner’s capabilities and authentication requirements.

You should not leave it up to your users to decide which secure protocol or methodology works best. This can create a hodgepodge of approaches, none of which may meet your overall security and authentication policies.
This is an area where IT’s expertise is required to ensure that the right form of encryption is utilized, that authentication mechanisms are properly implemented and that regulatory requirements have been met.

Tags: , Category: General Comments (0)

Securing and Automating File Transfers

Posted by wlanik on Monday, 18 January, 2010

Previously Recorded Webinar - Securing and Automating File Transfers

To view the previously recorded Webinar, please select from the list below. If you would like a live personalized Web demo for yourself and your colleagues please fill out our request form or contact us.

Watch this webinar to learn how to secure, automate and manage file transfers within your organization. The following topics are covered by Linoma Software’s Chief Architect:

  • Vulnerabilities in traditional FTP
  • Secure FTP protocols of FTPS, SFTP and SCP
  • How to authenticate Secure FTP connections
  • OpenPGP encryption
  • Key and certificate management
  • Automatic error notification
  • Logging and audit trails

Download the presentation slides.

Tags: , , Category: General, Managed File Transfers Comments (0)

Solution for Managing and Securing File Transfers

Posted by wlanik on Wednesday, 6 January, 2010

GoAnywhere Director is an Enterprise solution for Managed File Transfers, which includes a full suite of processes to securely transfer and convert data with detailed auditing and message alerts. Using GoAnywhere Director, customers can connect to almost any system or trading partner using a wide variety of standard protocols including FTP, SFTP (SSH), SCP, FTPS (SSL/TLS), HTTP, HTTPS, SMTP, POP3 and IMAP. It also supports standard Open PGP and ZIP with AES encryption for securing sensitive documents.

GoAnywhere Director Version 3.0 is now available from Linoma Software.  This latest version incorporates S/MIME digital signatures and encryption for email, support for Secure Copy Protocol (SCP), automatic processing of inbound email, enhanced logging, and version controls to streamline customer upgrades. Excel 2007 translation is also supported in version 3.0, in addition to its ability to read and write Excel 2003, CSV, XML and fixed-width text documents – which eliminates the need for other file translation software.

Version 3.0 also introduces more business process controls, including support for multi-part conditional statements, loops, delay operations, complex variables and advanced error-handling logic. This allows customers to set up sophisticated projects in GoAnywhere Director for multi-step processing of files, eliminating manual intervention and custom programming/scripts. For instance, a single project could be defined to loop/scan and retrieve files from a FTP server, decrypt those files, then parse and import their contents into a database. Errors can be easily monitored and routed to send alerts or call other processes.

“We are very excited about the 3.0 release,” says Bob Luebbe – Chief Software Architect at Linoma Software. “GoAnywhere Director has the power, flexibility and price-point to allow organizations of all sizes to completely streamline and secure their data transmissions. With its intuitive interface, customers can be productive in just a matter of minutes.”

GoAnywhere Director also interfaces with popular database systems including DB2, Oracle, SQL Server, Informix, PostgreSQL, Sybase and MySQL databases. This allows customers to easily extract data from their corporate databases to securely share it with their trading partners, as well as the ability to pump incoming data into their tables automatically.

No programming or special technical skills are required to use GoAnywhere Director. A graphical interface is provided for remote administration and monitoring from any browser or internet-enabled phone. Projects in GoAnywhere Director can be launched from a variety of 3rd party applications, schedulers and languages including CL, RPG, Java, C, .NET and PHP.

GoAnywhere Director can be installed to a variety of platforms, including IBM System i, IBM System p (AIX), IBM System z (Mainframe), Windows, Linux, SUSE Enterprise Linux, UNIX, HP-UX, Mac OS and Solaris platforms.

A free, fully functional trial of GoAnywhere Director is available for download.

Tags: , , , , Category: General, GoAnywhere, Managed File Transfers Comments (0)