1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions.
-
Upload
morgan-robnett -
Category
Documents
-
view
216 -
download
1
Transcript of 1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions.
1
Managed File Transfer:Insights and Best Practices
Steven Jordan
Director, Supply Chain Solutions
Agenda
• Axway Overview
• Context: a brief history of file transfer
• Managed File Transfer Overview
• File Transfer Patterns
• Best Practice Approach
• Q&A
About Axway• Serve 11,000+ Customers Globally• 1,700 Employees • Global Company -- key US offices in
• Phoenix, AZ• Redwood City, CA
• 31 US security patents / 15+ years of R&D• Acknowledged Innovator and leader
• Leaders Quadrant – Gartner Managed File Transfer (MFT)
• Leaders Quadrant – Gartner Business to Business Integration (B2Bi)
• Leaders Quadrant – Gartner Email Encryption
CustomersCustomers
Multi-Nationals
Government
Financial Services
Fortune 500
| © 2010 Axway | All rights reserved. 4
A Brief History of File Transfer
A Data Driven World
Over 80% of all business and organizational information is exchanged via files
File Size
Co
nfi
den
tial
/ C
riti
cal
Low
High
0 MB 10 MB 100+ GB1 GB
LegalContracts
LegalContracts
Image / MediaImage / Media
Source Code / Software
Source Code / Software
CAD FilesCAD Files
Media / VideoMedia / Video
EDIEDI
Funds Transfer
Funds Transfer
Sales Collateral
Sales Collateral
Sales DataSales Data
Application-to-application (A2A)Application-to-application (A2A)
Credit Card DataCredit Card Data
Volume, size, type and frequency of data exchange is unpredictable C
omm
unity
Siz
e
Structured
Person to
Person
Business to
Business
System to
System
Un-structured
Small
Large
© 2009 Axway - Confidential and proprietary. All rights reserved. 5
Intellectual Property (IP) Protection
• IP protection is widespread and costly– An overseas partner pirates a software title and sells it in local stores– A sales manager leaves for a competitor – takes contacts and clients– An employee inadvertently e-mails an M&A term sheet to a wrong e-mail address– A data tape containing retiree data falls of a truck en route to a backup facility
– Gartner/AMR Research
© 2009 Axway - Confidential and proprietary. All rights reserved.
6
U.S. Department of Commerce estimates that counterfeiting and piracy cost U.S. businesses $250B+ a year
Average cost for data breach is $202 per record, $6.6M per breach, 69% of which is associated with lost business (Ponemon Institute)
Files are being transferred everywhere
DMZ ftp server
ftp server
ftp server
Applicationserver
Applicationserver
Applicationserver
ExternalVendor
ExternalCustomer
InternalUser
ExternalPartner
PartnerSystem
PartnerSystem
Rogue ftpserver
ftpSMTPPhysical Media
FTP – The De Facto Standard
•Most Common Internet File Transfer Method•Client / Server Architecture
Client initiates all connections•Many Variations Of FTP, (Vendor Customizations)•FTP Problems
No EncryptionUser Names and Passwords Are In The ClearNo Integrity CheckingNo Checkpoint RestartNo TrackingNo ManagementFTP Scripting
| © 2010 Axway | All rights reserved. 9
Managed File Transfer Overview
Managed File Transfer ( MFT )According to Gartner
• The Gartner “Managed File Transfer Suites: Technology Overview” report identifies a managed file transfer suite as having the following functionality:
– Secure Communications: This entails a collection of commonly used protocols and technologies used for transporting and ensuring the authentication, privacy, non-repudiation and authorization of data between two or more entities.
– Management: This is the ability to monitor and control the data (regardless of size) throughout the file transfer.
– Integration functionality: Adapters or exposed application programming interfaces.
– Streaming input /output: This capability enables the MFT Suites to overcome physical hardware limitations and operating environment limitations.
– Checkpoint/restart capabilities: This capability lets the user resume incomplete file transfers as a result of interrupted transmissions, accidental or otherwise.
Axway 2010 MFT Survey Results
Axway interviewed 150+ IT Executives that manage file transfer operations
...here are some key findings
88% - concerned about violation of security mandates and preventing data loss via human driven data exchange
83% - still use FTP for external data exchange
78% - concerned about internal/external visibility and monitoring of data file exchanges
44% - currently use unmanaged methods for sending files too big for corporate email exchanges
Axway 2010 MFT Survey Results
| © 2010 Axway | All rights reserved. 13
File Transfer Patterns
Application Integration Pattern
• Internal File Movement Between Systems– Peer-to-Peer / File Bus– Hub and Spoke
• Automated and Process Driven• Centralized Governance• Multi-Platform Considerations
Do you have visibility to the data? (i.e., more than system monitoring)
Are your internal systems secured?(at a minimum no FTP)
Business to Business (B2B) Pattern
• Connecting with other organizations– Standards driven– Context aware
• Community and partner lifecycle management are essential
• Automated and process driven• Flexible security• Often requires data services
– Validation– Transformation– Routing
Are your current tools able to address your needs?
Do you have the business involved to help manage your trading community?
Multi-Site Integration Pattern
• File movement between systems across sites (hub/spoke or peer to peer)
• Centralized governance and site management
• Automated and process driven• Broadcast/Collect• Multi-platform considerations
Deploy and manage multiple connections (efficiently)
Automate, Automate, Automate
Portal File Services Pattern
• Connecting the human web experience and MFT
• Web portal exposing a business service• User access and management (LDAP/AD,
SSO, On-boarding)
• Transparent integration with end user workflow and backend systems
More than ease of use(secure and efficient file exchange beyond the portal)
Seamless and complete integration(no hops, batching, or queuing)
Ad-Hoc File Transfer Pattern• Unplanned processes between humans• Two models
– Repository based (persistence for sharing)– Recipient based (targeted to individual or group)
• User access and management– LDAP/AD– SSO– On-boarding
• Policy based control of file access and transfer
Can you audit and govern H2S/H2H exchange?(controlling the humans is a must!)
Define security up front and stand your ground
Humans
Systems
File Transfer Patterns
1. Application Integration
2. Multi-Site Integration
3. B2B
4. Portal File Transfers
5. Ad hoc & email
Aut
omat
edIn
tera
ctiv
e
Sec
urity
/ V
isib
ility
/ G
over
nanc
e
| © 2010 Axway | All rights reserved. 20
MFT Best Practices
Centralize via a MFT Gateway
| © 2009 Axway | All rights reserved. 21
Corporate Network
HTTP/S
FTP/S
SSHFTP
EDIINT
DMZ
Mainframe
Other
Windows
Customer
Self Service
Internet
UNIXMFT
Gateway
1. Close gaps to the external
2. Set priorities beyond consolidation
3. Stage the scope of pattern coverage
4. Rollout effort based on needs
Edge Server
Web Server
Optimize B2B and Internal Integration
| © 2009 Axway | All rights reserved. 22
Corporate Network
HTTP/S
FTP/S
SSHFTP
EDIINT
Mainframe
Other
Windows
Customer
Self Service
Internet
UNIXMFT
Gateway
Application Integration
Business to Business
Edge Server
Web Server
DMZ
Extend Internal File Exchange
| © 2009 Axway | All rights reserved. 23
Corporate Network
HTTP/S
FTP/S
SSHFTP
EDIINT
Mainframe
Other
Windows
Customer
Self Service
Internet
UNIXMFT
Gateway
Application Integration
Business to BusinessT
T
T
T
Multi-Site Integration
Edge Server
Web Server
DMZ
Cover The Human Element
| © 2009 Axway | All rights reserved. 24
Corporate Network
HTTP/S
FTP/S
SSHFTP
EDIINT
Edge Server
Mainframe
Other
Windows
Customer
Self Service
Web Server
T
T
T
T
Ad-Hoc File Transfer
Internet
UNIXMFT
GatewayMulti-Site
Integration
Application Integration
Portal File Services
Business to Business
DMZ
Managing Your File Transfer Patterns
• Scope out growth and complexity of data framework– Define and prioritize critical ‘exchange relationships’– S2S, B2B, A2A, P2P, B2P, B2C, etc.
• Quantify and qualify data content relationships– Outline support for business types, groups, or departments– Update compliance to standards and regulations
• Account for risk factors– Consider both external and internal security event paths– Identify the risk types (data loss, intellectual property theft, data privacy
breach, compliance violations, etc.)
• Set realistic coverage objectives– What level?– How comprehensive or complex?
© 2009 Axway - Confidential and proprietary. All rights reserved.
25
Questions/Discussion
For more information visit: www.axway.com