Managed file transfer insights and best practices l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 28

Managed File Transfer: Insights and Best Practices PowerPoint PPT Presentation


  • 935 Views
  • Uploaded on
  • Presentation posted in: General

Managed File Transfer: Insights and Best Practices. by David Butcher, CSDP Sr. Solutions Architect. Agenda. Axway Snapshot A Brief History of File Transfer What is Managed File Transfer? Use Patterns for Managed File Transfer Best Practices Q&A. Customers. Multi-Nationals. Government.

Download Presentation

Managed File Transfer: Insights and Best Practices

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Managed file transfer insights and best practices l.jpg

Managed File Transfer:Insights and Best Practices

by David Butcher, CSDP Sr. Solutions Architect


Agenda l.jpg

Agenda

  • Axway Snapshot

  • A Brief History of File Transfer

  • What is Managed File Transfer?

  • Use Patterns for Managed File Transfer

  • Best Practices

  • Q&A


About axway l.jpg

Customers

Multi-Nationals

Government

Financial Services

Fortune 500

About Axway

  • Serves 11,000+ Customers Globally

  • 1,700 Employees

  • Global Presence, With Key Offices in

    • Phoenix, AZ

    • Redwood City, CA

  • 24x7 Global Support in US, Europe and India

  • Acknowledged Innovator and leader in integration, connectivity, compliance and value chain solutions.

    • Leaders Quadrant – Gartner Managed File Transfer (MFT)

    • Leaders Quadrant – Gartner Business to Business Integration (B2Bi)

    • Leaders Quadrant – Gartner Email Encryption


Ftp the de facto standard l.jpg

FTP – The De Facto Standard

  • Most Common Internet File Transfer Method

  • Client / Server Architecture

    • Client initiates all connections

  • Many Variations Of FTP, (Vendor Customizations)

  • FTP Problems

    • No Encryption

    • User Names and Passwords Are In The Clear

    • No Integrity Checking

    • No Checkpoint Restart

    • No Tracking

    • No Management

    • FTP Scripting


Homegrown ftp l.jpg

Homegrown FTP

Users Pick-up

Files Staged in

the DMZ

Have to Stage files to the DMZ FTP server

DMZ

Internal FTP

Users Drop-off

Files in the DMZ

Have to Retrieve the files from the DMZ FTP server

  • Often uses two FTP servers

  • User credentials and files stored in the DMZ

  • Files maybe left unprotected for long periods of time

  • Scripted jobs move the files between FTP servers

  • Coordination nightmare


Slide6 l.jpg

Axway 2010 MFT Survey Results

88% - concerned about violation of security mandates and preventing data loss via human driven data exchange

Axway interviewed 150+ IT Executives that manage file transfer operations

...here are some key findings

83% - still use FTP for external data exchange

78% - concerned about internal/external visibility and monitoring of data file exchanges

44% - currently use unmanaged methods for sending files too big for corporate email exchanges


Files are being transferred everywhere l.jpg

Files are being transferred everywhere

Partner

System

Partner

System

External

Vendor

External

Customer

External

Partner

ftp

SMTP

Physical Media

DMZ

ftp server

ftp server

Application

server

Internal

User

ftp server

Application

server

Application

server

Rogue ftp

server


Managed file transfer mft according to gartner l.jpg

Managed File Transfer ( MFT )According to Gartner

  • The Gartner “Managed File Transfer Suites: Technology Overview” report identifies a managed file transfer suite as having the following functionality:

    • Secure Communications: This entails a collection of commonly used protocols and technologies used for transporting and ensuring the authentication, privacy, non-repudiation and authorization of data between two or more entities.

    • Management: This is the ability to monitor and control the data (regardless of size) throughout the file transfer.

    • Integration functionality: Adapters or exposed application programming interfaces.

    • Streaming input /output: This capability enables the MFT Suites to overcome physical hardware limitations and operating environment limitations.

    • Checkpoint/restart capabilities: This capability lets the user resume incomplete file transfers as a result of interrupted transmissions, accidental or otherwise.


Mft use patterns l.jpg

Security / Visibility / Governance

MFT Use Patterns

Systems

Automated

Humans

Interactive


Application integration pattern l.jpg

Application Integration Pattern

  • Internal File Movement Between Systems

    • Peer-to-Peer / File Bus

    • Hub and Spoke

  • Automated and Process Driven

  • Centralized Governance

  • Multi-Platform Considerations


Multi site integration pattern l.jpg

Multi-Site Integration Pattern

  • File movement between systems across sites

    • Hub and spoke

    • Peer to peer

  • Centralized governance and site management

  • Automated and process driven

  • Broadcast/Collect

  • Multi-platform considerations


Business to business b2b pattern l.jpg

Business to Business (B2B) Pattern

  • Connecting with other organizations

    • Standards driven

    • Context aware

  • Community and partner lifecycle management are essential

  • Automated and process driven

  • Flexible security

  • Often requires data services

    • Validation

    • Transformation

    • Routing


Portal file services pattern l.jpg

Portal File Services Pattern

  • Connecting the human web experience and MFT

  • Web portal exposing a business service

  • User access and management

    • LDAP/AD

    • SSO

    • On-boarding

  • Transparent integration with end user workflow and backend systems


Ad hoc file transfer pattern l.jpg

Ad-Hoc File Transfer Pattern

  • Unplanned processes between humans

  • Two models

    • Repository based (persistence for sharing)

    • Recipient based (targeted to individual or group)

  • User access and management

    • LDAP/AD

    • SSO

    • On-boarding

  • Policy based control of file access and transfer


Best practices flexible protocol support l.jpg

Support multiple protocols – avoid client side changes

HTTP/HTTPS – browser clients

FTP/FTPS

SFTP/SCP

AS2

Proprietary – Large files (checkpoint restart, integrity)

Best Practices Flexible Protocol Support

AS2

  • FTPS Clients

  • RFC2228-Compliant

  • Windows, Unix, AS/400, z/OS, etc.

FTPS

Internet

SFTP

SCP

Internet

Firewall

MFT Server

  • SSH Clients

  • SFTP Protocol

  • SCP Protocol

AS2

HTTPS

  • AS2 Servers

  • EDI Trading Partners

  • Signing/Encryption

  • Standard Web Browser

  • Universal

  • Easy Setup

  • Customizable UI


Best practices automation support l.jpg

Best PracticesAutomation Support

  • Back end automation – getting the data to the systems that are consuming it and from the systems that produce it

    • File moves and copies

    • File level encryption

      • PGP during transport

      • Encrypted file system during storage

    • Email notifications on successful transfers and failures

    • Framework for custom transforms – event drive

File Dropped off

At the Server

PGP Decrypt File

Transformation

Services

Transfer File

To

Application


Best practices mft enterprise gateway l.jpg

Best PracticesMFT Enterprise Gateway

External

Partners

Enterprise

DMZ

FTP

MFT

Internal User

FTP Server

HTTP(S), FTP(S)

SFTP, SCP, AS2

Application

Servers

MFT Server

User

  • All file movement is centralized through MFT services

  • Firewalls are locked down to prevent circumventing the services


Best practices two tier deployment l.jpg

Best PracticesTwo Tier Deployment

External Partners

Enterprise

DMZ

FTP

Internal User

FTP

Server

HTTP(S), FTP(S)

SFTP, SCP, AS2

MFT

Proxy

MFT

Server

Application

Servers

User

  • Nothing stored in the DMZ

  • No user data or credentials

  • Eliminates data staging and retrieval issues


Best practices high availability l.jpg

Best PracticesHigh Availability

MFT

Proxies

MFT

Servers

DMZ

External

User

Shared

Storage

HTTP(S), FTP(S)

SFTP, SCP, AS2

Load

Balancer

Load

Balancer

Remote

File

Transfer

Server

  • Provide for Scalability and Failover Support

  • Avoid Single Points of Failure


Best practices multiple authentication methods l.jpg

Best PracticesMultiple Authentication Methods

  • Authentication

    • Single factor

      • Passwords

      • Certificates

    • Multi factor

    • Authentication database local to solution

    • Integrating with existing authentication databases (LDAP/AD/SSO)

LDAP

SSO

User ID / Password

Client

X.509 Certificate

SSH Key

MFT

Server

Multi Factor

Client

Client


Best practices record keeping l.jpg

Best PracticesRecord Keeping

  • Logging

    • Granular

      • All file transfers recorded – who, what and when

      • All access recorded

    • Integrity

      • Protected from outsiders – out of the DMZ

      • Protected from insiders – digitally signed

Access

Log

Transaction

Log

HTTP(S), FTP(S)

SFTP, SCP, AS2

External

Partner or

Customer

Audit

Log

MFT

Proxy

MFT

Server


Best practices internal transfer architecture l.jpg

Best PracticesInternal Transfer Architecture

Ap Server

AS/400

Ap Server

Windows

MFT Gateway

Ap Server

Solaris

Ap Server

Linux

  • Point to point transfers – mesh, hub and spoke

  • Support for diverse platforms


Slide23 l.jpg

Best PracticesVisibility Throughout the Lifecycle of the Transfer

Ap Server

Process #1

Ap Server

Process #2

Ap Server

Process #3

MFT Gateway

External

Partner

  • Status Portal

  • Multiple views

    • Business

    • IT

    • Partner

Where is the customer file?


Slide24 l.jpg

Best PracticesMapping Services for B2B Integration

Mapping

Services

MFT Gateway

Ap Server

External

Partner

  • Translation

    • From/to standards (X.11 Oasis etc.)

    • From/to proprietary for application integration


Best practices automated provisioning l.jpg

Best PracticesAutomated Provisioning

Ap Server

AS/400

Ap Server

Windows

MFT Gateway

Ap Server

Solaris

Ap Server

Linux

  • Centralized partner management

  • Create credentials, folders, workflow quickly


Best practices ease of use and policy control for ad hoc transfers l.jpg

Best PracticesEase of Use and Policy Control for Ad-Hoc Transfers

User composes message with large attachment

Message sent to

recipient via SMTP

Message sent

to Exchange

Attachments

picked up

via HTTPS

Exchange

Message sent

back to plug-in

Outlook

User

Recipient

Message sent

to FT Direct

FT Direct

Gateway

Message sent

to policy engine

for analysis

Policy & Virus Engine


Best practices investigate mft solutions l.jpg

Best PracticesInvestigate MFT Solutions

  • Ask your trading partners what solutions they are using with their other vendors

  • Seek third-party recommendations on MFT solutions

    • Gartner

    • SC Magazine

    • Etc.

  • Go to the source

    • Explore MFT vendor websites

    • Review informative white papers, webinars, etc.

    • Request a demo / eval

    • Ask for references


Questions discussion l.jpg

Questions/Discussion

For more information visit: www.axway.com


  • Login