15 August 2012

Securing your File transfer with SFTP or more!

What Managed File Transfer Can Do

File transfer has evolved over the last decade—from traditional FTP, to secure file transfer with encrypted protocols and multi-factor authentication, to modern managed file transfer with automated, reliable, secure, and monitored delivery. Is it time to update your existing solution? Attachmate the mother company of Novell, SUSE and NetIQ has a nice product range for Secure File Transfer Protocol that can help you to secure your Data better. Below you find a few examples for transfer of files that occur at a daily basis.

Internal intra-server transfers with FileXpress Platform Server

With FileXpress you can transfer your files better and more secure and has more capabilities as explained below then mere SFTP, with managed file transfer from Attachemate you have lots and lots of more capabilities.
Traditional FTP
Secure File Transfer
Managed File Transfer
Basic file transfer
Scripting and APIs
Data conversion (text / binary)
Simple remote commands
Data encryption

Advanced authentication

Error recovery

Event-driven transfers

Simplified scripting

Automation via web services

Detailed auditing


Files of any size

Protocol conversion



Attachmate Managed File Transfer Products
Product Line
Products Included
FileXpress managed file transfer software is more than a simple file transfer utility. It’s a strategic enterprise solution that manages and executes the secure delivery of any-size files, across all major platforms, to any location. 
Reflection for Secure IT managed file transfer clients and servers use SSH to secure Internet file transfers, remote system administration, and TCP/IP-based application access.

Learn about FileXpress products
FileXpress Platform Server is the engine that powers your file transfer infrastructure. It securely delivers files of any size, across all major platforms, to any location.
FileXpress Internet Server is the portal through which all Internet-traveling files flow. Built to support the latest web and security technologies, it lets you safely interact with partners and customers around the globe.
FileXpress Command Center is your digital dashboard for all file transfer activity inside and outside the enterprise. Transfer-related events can be initiated, tracked, logged, audited, and supported—all from one central location.
FileXpress FileShot is your go-to agent for user-to-user file transfers. Working seamlessly with Microsoft Outlook, it transfers files of any size, provides audit records, and eliminates mailbox congestion.

Everyone transfers files. You’ve been doing it for years. The question is, have you outgrown your existing file transfer solution? Ask yourself these 6 questions to find out.
FileXpress: Today’s Enterprise File Transfer Solution
More than a simple file transfer utility, FileXpress is an enterprise solution that provides:
    Customer- and partner-friendly file exchanges
    End-to-end automation
    File transfers of any size
    Reliable delivery
    Centralized visibility and control
   Comprehensive security

Questions you might ask yourself when you transfer your valuable corporate data are:
1.           Is your file transfer system able to address the growing demands of partners and customers, now and in the future? 
FileXpress, Attachmate’s managed file transfer solution, is built for the Internet universe. It enables file transfers over the Internet and across all platforms, from Windows to the mainframe. It includes the latest security protocols, including HTTPS, FTPS, SFTP, PGP over FTP, and AS2. It supports browser interfaces along with file transfer clients. And it lets you easily add new trading partners as needed. The result: effective B2B integration with your partners, vendors, suppliers, and customers. 

2.             Are you spending too much time writing and maintaining complex scripts to automate your file transfers?  
Not with FileXpress. Built-in capabilities handle event-driven transfers via hotfolders, file integrity checking, and automatic retries. FileXpress even initiates the processing of files after they are successfully transferred. You get all the benefits of automation, minus all the burdens.

3.              Do large files take too long to transfer or frequently fail to reach their destinations? 
Designed with large file transfers in mind, FileXpress offers automatic retries, checkpoint restart, and built-in RocketStream technology. RocketStream uses the UDP and PDP protocols to maximize the speed and performance of large files over long distances. In fact, RocketStream transfers are up to 30 times faster than traditional FTP transfers.

4.              How reliable is your file transfer process, both inside and outside the organization? 
With capabilities such as automated retries, packet-level data integrity checks, exception alerts, and file transfer queuing, FileXpress detects problems, notifies senders, and recovers transfers when transmissions fail.  

5.              Is file transfer sprawl keeping you from effectively tracking and controlling file transfer activity across your organization?
FileXpress provides a virtual harness for your file transfer activity. Using a powerful browser-based user interface, you can go to one central location to define file transfer servers and configure the transfers between them. You can also access detailed information on every file transfer that occurs.   

6.            Does your file transfer system support the controls you employ to comply with internal and external security mandates?
FileXpress supports the latest authentication, authorization, and encryption technologies, and provides detailed auditing of all file transfer activity. Furthermore, delegated administration capabilities ensure that system administrators are given the appropriate level of control—based on organizational role and security status.
Learn about the Gartner Report and video here:
Attachemate Gartner Report Video on Managed File Transfer:

SSH file transfer protocol explained
In computing, the SSH File Transfer Protocol (sometimes called Secure File Transfer Protocol or SFTP) is a network protocol that provides file transfer and manipulation functionality over any reliable data stream. It is typically used with version two of the SSH protocol (TCP port 22) to provide secure file transfer, but is intended to be usable with other protocols as well.
Compared to the earlier SCP protocol, which allows only file transfers, the SFTP protocol allows for a range of operations on remote files – it is more like a remote file system protocol. An SFTP client's extra capabilities compared to an SCP client include resuming interrupted transfers, directory listings, and remote file removal.
For these reasons it is relatively simple to implement a GUI SFTP client compared with a GUI SCP client.
SFTP attempts to be more platform-independent than SCP; for instance, with SCP, the expansion of wildcards specified by the client is up to the server, whereas SFTP's design avoids this problem. While SCP is most frequently implemented on Unix platforms, SFTP servers are commonly available on most platforms.
SFTP is not FTP run over SSH, but rather a new protocol designed from the ground up by the IETF SECSH working group. It is sometimes confused with Simple File Transfer Protocol.
The protocol itself does not provide authentication and security; it expects the underlying protocol to secure this. SFTP is most often used as subsystem of SSH protocol version 2 implementations, having been designed by the same working group. However, it is possible to run it over SSH-1 (and some implementations support this) or other data streams. Running SFTP server over SSH-1 is not platform independent as SSH-1 does not support the concept of subsystems. An SFTP client willing to connect to an SSH-1 server needs to know the path to the SFTP server binary on the server side.
The Secure Internet Live Conferencing (SILC) protocol defines the SFTP as its default file transfer protocol. In SILC the SFTP data is not protected with SSH but SILC's secure packet protocol is used to encapsulate the SFTP data into SILC packet and to deliver it peer-to-peer. This is possible as SFTP is designed to be protocol independent.
For uploads, the transferred files may be associated with their basic attributes, such as timestamps. This is an advantage over the common FTP protocol, which does not have provision for uploads to include the original date/timestamp attribute.
The protocol is not yet an Internet standard. The latest specification is an expired Internet Draft, which defines version 6 of the protocol. Currently the most widely used version is 3, implemented by the popular OpenSSH SFTP server. Many Microsoft Windows-based SFTP implementations use version 4 of the protocol, which has weakened its ties with the Unix platform.
The Internet Engineering Task Force (IETF) "Secsh Status Pages" search tool contains links to all versions of the Internet draft-ietf-secsh-filexfer which describes this protocol.
SFTP client
The term SFTP can also refer to Secure file transfer program, a command-line program that implements the client part of this protocol, such as that supplied with OpenSSH.
The sftp program provides an interactive interface similar to that of traditional FTP clients.
Some implementations of the scp program actually use the SFTP protocol to perform file transfers; however, some such implementations are still able to fallback to the SCP protocol if the server does not provide SFTP service.
SFTP server
There are numerous SFTP server implementations both for UNIX and Windows. The most widely known is perhaps OpenSSH, but there are also proprietary implementations.
SFTP proxy
The adoption of SFTP is hindered somewhat because it is difficult to control SFTP transfers on security devices at the network perimeter. There are standard tools for logging FTP transactions, like TIS fwtk or SUSE FTP proxy, but SFTP is encrypted, rendering traditional proxies ineffective for controlling SFTP traffic.
There are some tools that implement man-in-the-middle for SSH which also feature SFTP control: such a tool is Shell Control Box from BalaBit. These provide SFTP transaction logging as well as logging the actual data transmitted on the wire.

DBA Consulting
web:            www.dbaconsulting.nl
blog:            http://drsalbertspijkers.blogspot.com/
profile:         http://nl.linkedin.com/pub/drs-albert-spijkers/13/b4a/7a8
Facebook :  http://www.facebook.com/pages/DBA-Consulting/101640233252655
email:          info@dbaconsulting.nl


1 comment:

  1. Most file transfer tools are cumbersome. Another option is to transfer with Binfer. The most I like about it is the auto resume of interrupted transfers.