Managed File Transfer: Not Just a FTP/sFTP Replacement

5 04 2010

Most seasoned IT support staff think of file transfer as a method of moving data between the mainframes of different companies. However, the scope and challenges involved have become much more complex, and accordingly, the space has become segmented.

  • B2B Transfers – This segment has grown tremendously as Web-based protocols have enabled companies to connect all their business partners without the need for dedicated lines, replacing transfers originally performed by exchanging physical media via courier or fax.
  • Internal File Transfers – With the advent of distributed computing, when some business applications moved away from the mainframe or were supplemented with server-based applications, the need arose to transport data in bulk to server-based applications for processing. Often, this need was addressed with free tools such as FTP/sFTP. However, while these tools were cost-effective and solved an immediate problem, little focus was given to the security and reliance these solutions could provide and to the bigger picture of the IT infrastructure.
  • Ad hoc File Transfers – Does you company need to facilitate infrequent, ad hoc data transfers – either between companies or between the data center and a larger user base such as your sales force? Then, you should look for solutions incorporating Web-based portals for this ad hoc data exchange.

Additionally, Managed File Transfer gives you the ability to meet security, compliance and audit requirements. With regulations such as Sarbanes-Oxley (SOX), the Heath Insurance Portability and Accountability Act (HIPAA) and Gramm-Leachy Bliley Act (GLBA), companies are under greater pressure to meet strict mandates. A Managed File Transfer solution should help you streamline the audit process by providing a central point for all audit information.

Through the automation of your file transfer infrastructure, you gain these benefits and more, including cost savings and reduced risk. As a final thought: You also don’t end up in the news. Stories of data breaches and the organizations that have to report them are picked up by major media outlets on a daily and increasing basis.

Is FTP/sFTP doing all this for you? More importantly, can you risk it?

Advertisements




FTP and SFTP vs. MFT for OS/400, IBM i, platforms

8 03 2010

Over the past few weeks, I have seen a lot of news group chatter regarding FTP, FTPS and SFTP relating to the IBM System i, i/OS. Although FTP(S) and SFTP provide workable options when limited file transfers are need, they lack the functionality and usability of a mature Managed File Transfer (MFT) solution. Let’s look at some of the advantages provided by a good MFT product verses FTP.

For the purpose of this post, the term OS/400 also refers to i5/OS, i/OS and IBM i.

Under OS/400, SFTP is provided via the PASE and its use is described in this IBM Systems magazine article.

FTP(S)/SFTP vs. MFT functionality

FTP(S)/SFTP MFT
Transferring nested directories is time consuming without a good GUI interface. MFT solutions provide simple and easy-to-use methods for transferring nested directories.
FTP(S)/SFTP only provides two party transfers. MFT allows three party transfers. In a two party transfer, files are transferred between the server and the client. In a three party transfer, the client sets up transfers between two servers so that an intermediate transfer is not necessary.
With FTP(S)/SFTP, controlling end-of-line can be tricky at best. MFT provides straight forward means by which to specify the character or character sequence wanted for end-of-line.
Using OS/400 FTP(S)/SFTP, you may have to create files before doing the transfer to get the correct file settings. An advanced MFT product allows the user to set file appropriate attributes before the transfer or detect those attributes in an OS/400 to OS/400 file transfer. Also, a good product provides one or more methods for automated file creation for save files and database files requiring DDS.
FTP only provides basic scripting. Advanced MFT products provide a full fledged scripting language allowing automation of even the most sophisticated transfer processes.
FTP on OS/400 allows execution of simple commands. Modern, full function MFT products provide the ability, possibly via add-on technology, to not only execute OS/400 commands, but also commands on other systems. A really advanced product also provides logging and control options for the remote system.
OS/400 FTP allows setting a CCSID when opening the FTP session. MFT products go beyond initial CCSID settings by detecting and automatically setting the CCSID for each file transferred during a multiple file transfer whether transferring from the QSYS or IFS file system. A really great MFT product will also adjust end-of-line settings based on ASCII vs. EBCDIC file type.
SFTP only provides binary transfers. FTP supports Single Byte Character Set, SBCS, code pages and some FTP products support UTF-8 code pages. Cutting edge MFT products may support all of the Unicode variants as well as Double Byte Character Set code pages. Although the author knows of none, MFT products that fully supports Mixed Byte Character Sets may exist.
FTP(S) and SFTP provide limited, if any, fault tolerance. MFT products provide network fault tolerance allowing transfer completion following network connection failure and recovery. They may also provide manager fault tolerance for remote command execution whereby remote commands may complete during network outages. Following network recovery, output from reconnected processes is transferred back to the initiating system.

The above information primarily addresses MFT functionality; however, all of the functionality potentially included in an MFT product is not covered. Look for such things as the ability to move files as opposed to only copying files and the ability to list files to name only a couple of items. Security options are referred to but not discussed in detail since they are limited in regard to FTP. The issue of data integrity was not discussed and should be carefully considered before purchasing an MFT product.





Is your MFT Smarter than my MFT?

24 07 2009

Managed File Transfer and secure data exchange requirements continue to grow.  More data, more systems and more processes and FTP just isn’t the right solution, in fact it has limited/no management or retry capabilities.

According to Gartner:

Numerous factors cause companies to re-examine how they manage the movement of information from system to system, partner to partner, and person to person. FTP [File Transfer Protocol] alone isn’t a viable option to give the insight, security, performance, and, ultimately, the risk mitigation necessary to responsibly conduct business.” (For more information, see Kenney, LF et al.: “Magic Quadrant for Managed File Transfer,” page 2, Gartner Research Publication ID Number G00157614, 23 June, 2008.)

Many vendors promote SFTP (secure file transfer protocol) solutions. The data is transferred through SSH, a network protocol that allows data to be exchanged using a secure channel. While SFTP offers a minimal amount of security, it still compromises both your data’s confidentiality and integrity. SFTP has inherent design flaws that are making this seemingly secure method of transfer as obsolete as FTP.

So the net is organizations today are looking to deliver more capabilities to the business in a centralized solution for managing secure file exchange.   The realities of most organizations today:

  • Your existing tools lack functionality, causing you to spend too much time and manual effort to try to compensate for this lack of functionality.
  • You have products with the above functionality, but the solution is too complex and expensive to be deployed everywhere the business needs it.
  • Your existing vendor is overcharging you and is too inflexible to meet all of your needs.
  • You have too many products and need an intelligent strategy to consolidate and move forward.

There needs to be a better way to do this, a more intelligent way.  So what’s your strategy?