Skip this Video
Download Presentation
FTP Replacement Briefing

Loading in 2 Seconds...

play fullscreen
1 / 15

FTP Replacement Briefing - PowerPoint PPT Presentation

  • Uploaded on

FTP Replacement Briefing. 08 Sep 06. FTP Replacement. Description: Replace FTP for all traffic outside .mil domain Requirements Documents: - DoDI 8551.1, Ports, Protocols, and Services Management - DSAWG FTP Vulnerability Assessment, updated 13 Sep 05

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about ' FTP Replacement Briefing' - rebecca-patterson

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

FTP Replacement

  • Briefing

08 Sep 06

ftp replacement
FTP Replacement
  • Description:Replace FTP for all traffic outside .mil domain
  • Requirements Documents:
  • - DoDI 8551.1, Ports, Protocols, and Services Management
  • - DSAWG FTP Vulnerability Assessment, updated 13 Sep 05
  • - Air Force Weather Security Classification Guide, 1 May 2004
  • - AFI 33-202v1, Network and Computer Security
  • - AFI 33-201, Transmission Security
  • Briefing Objectives:Inform OFCM CEISC of encryption requirement and change to SFTP

Presentation for CCB, 16 Aug 06

  • On 9 Nov 04, JTF-GNO stated File Transfer Protocol (FTP) ports 20 and 21 would cease transferring data between DoD enclaves (.mil) and non-DoD enclaves (.edu, .com, .gov, .org, etc.) effective 9 Nov 06
  • AFCA clearly stated that any replacement product used must be FIPS 140-2 certified
  • AFWA has standing requirement to encrypt all data sent outside DoD channels
  • The AFWA formed a working group in May 06 dedicated to finding an FTP replacement for the Strategic Center and our customers
  • The following criteria were considered in evaluating the open source version and commercial version (Tectia) of SFTP:
    • FIPS 140-2 compliance
    • Performance
    • Ports and protocols compliance
    • Ease of Integration
    • Interoperability
    • Cost
    • Maintainability
analysis cont
Analysis (cont.)
  • A standards-based solution makes interoperability highly likely between open source and all commercial products use the same standard
  • Since SFTP appears to the user (at a command line or scripting level) to be an FTP clone, it would be simple to integrate as an FTP replacement
  • Software cost was not quantified.
    • Note: In addition to Tectia, there are many commercial SFTP products providing competition in the market for this standard solution. The working group only evaluated Tectia and free open source version.
  • SFTP typically incurred about a 10-30% performance penalty, depending on the combination of SFTP versions in use
  • Some clients with relatively inefficient native FTP performance (e.g. Solaris 8) experienced a performance increase using SFTP
  • Conclusion: Based on performance, SFTP is a reasonable choice for encrypted secure file transfer
  • Risk: Customers can’t comply with SFTP
  • Description: customers unable to transition to SFTP will cease send/receipt of data from AFWA
  • Mitigation: Assumption - Register all customers unable to meet deadline with AFNOSC and DSAWG. Registration must include a “get well” plan.
  • NCEP
    • Global ensemble data not available for development
    • AGROMET pushed to NCEP DMZ may be discontinued
    • May not be able to easily implement SFTP (researching)
  • .COM, .EDU
    • May not easily be able to implement open source or commercial product
datms u
  • No impacts expected as DATMS-U is considered part of the DoD network
identified ftp comms
Identified FTP Comms
  • POCs reached are detailed in the Excel spreadsheet: Update FTP users contacted.xls
  • Review and update of listed POCs by member agencies requested
  • Issues to be identified after 09 Nov 06 SFTP testing period begins
implementation timeline
Implementation Timeline
  • SFTP available for limited use by AFWA 9 November
  • Projected WARNORD issued by Air Staff no earlier than January 2007
  • WARNORD +90: FTP cut-off date
  • Implementation schedule from WARNORD to cut-off date TBD
Recommend CEISC member agencies review FTP communications to identify any additional data feeds between them and DoD and provide a POC to coordinate resolution NLT 30 Sep 06Recommendation