FTP Replacement
Download
1 / 15

FTP Replacement Briefing - PowerPoint PPT Presentation


  • 103 Views
  • Uploaded on

FTP Replacement Briefing. 08 Sep 06. FTP Replacement. Description: Replace FTP for all traffic outside .mil domain Requirements Documents: - DoDI 8551.1, Ports, Protocols, and Services Management - DSAWG FTP Vulnerability Assessment, updated 13 Sep 05

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' FTP Replacement Briefing' - rebecca-patterson


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Ftp replacement briefing

08 Sep 06


Ftp replacement
FTP Replacement

  • Description:Replace FTP for all traffic outside .mil domain

  • Requirements Documents:

  • - DoDI 8551.1, Ports, Protocols, and Services Management

  • - DSAWG FTP Vulnerability Assessment, updated 13 Sep 05

  • - Air Force Weather Security Classification Guide, 1 May 2004

  • - AFI 33-202v1, Network and Computer Security

  • - AFI 33-201, Transmission Security

  • Briefing Objectives:Inform OFCM CEISC of encryption requirement and change to SFTP

Presentation for CCB, 16 Aug 06


Background
Background

  • On 9 Nov 04, JTF-GNO stated File Transfer Protocol (FTP) ports 20 and 21 would cease transferring data between DoD enclaves (.mil) and non-DoD enclaves (.edu, .com, .gov, .org, etc.) effective 9 Nov 06

  • AFCA clearly stated that any replacement product used must be FIPS 140-2 certified

  • AFWA has standing requirement to encrypt all data sent outside DoD channels

  • The AFWA formed a working group in May 06 dedicated to finding an FTP replacement for the Strategic Center and our customers


Analysis
Analysis

  • The following criteria were considered in evaluating the open source version and commercial version (Tectia) of SFTP:

    • FIPS 140-2 compliance

    • Performance

    • Ports and protocols compliance

    • Ease of Integration

    • Interoperability

    • Cost

    • Maintainability


Analysis cont
Analysis (cont.)

  • A standards-based solution makes interoperability highly likely between open source and all commercial products use the same standard

  • Since SFTP appears to the user (at a command line or scripting level) to be an FTP clone, it would be simple to integrate as an FTP replacement

  • Software cost was not quantified.

    • Note: In addition to Tectia, there are many commercial SFTP products providing competition in the market for this standard solution. The working group only evaluated Tectia and free open source version.


Performance
Performance

  • SFTP typically incurred about a 10-30% performance penalty, depending on the combination of SFTP versions in use

  • Some clients with relatively inefficient native FTP performance (e.g. Solaris 8) experienced a performance increase using SFTP

  • Conclusion: Based on performance, SFTP is a reasonable choice for encrypted secure file transfer


Risks
Risks

  • Risk: Customers can’t comply with SFTP

  • Description: Non-.mil customers unable to transition to SFTP will cease send/receipt of data from AFWA

  • Mitigation: Assumption - Register all customers unable to meet deadline with AFNOSC and DSAWG. Registration must include a “get well” plan.


Risks1
Risks

  • NCEP

    • Global ensemble data not available for development

    • AGROMET pushed to NCEP DMZ may be discontinued

  • FNMOC

    • May not be able to easily implement SFTP (researching)

  • .COM, .EDU

    • May not easily be able to implement open source or commercial product


Datms u
DATMS-U

  • No impacts expected as DATMS-U is considered part of the DoD network


Identified ftp comms
Identified FTP Comms

  • POCs reached are detailed in the Excel spreadsheet: Update FTP users contacted.xls

  • Review and update of listed POCs by member agencies requested

  • Issues to be identified after 09 Nov 06 SFTP testing period begins


Implementation timeline
Implementation Timeline

  • SFTP available for limited use by AFWA 9 November

  • Projected WARNORD issued by Air Staff no earlier than January 2007

  • WARNORD +90: FTP cut-off date

  • Implementation schedule from WARNORD to cut-off date TBD


Recommendation

Recommend CEISC member agencies review FTP communications to identify any additional data feeds between them and DoD and provide a POC to coordinate resolution NLT 30 Sep 06

Recommendation


Ftp replacement briefing
SFTP identify any additional data feeds between them and DoD and provide a POC to coordinate resolution NLT 30 Sep 06

Questions?


Ftp replacement briefing
SFTP identify any additional data feeds between them and DoD and provide a POC to coordinate resolution NLT 30 Sep 06

BACK-UP SLIDES


Performance1
Performance identify any additional data feeds between them and DoD and provide a POC to coordinate resolution NLT 30 Sep 06