SFTP Client and Server for iSeries AS400 Receive and Send Platform
iSeries SFTP FTPS Manager for secure file transfers on the IBM i AS400 provides secure FTP Client and Server functions, encrypts file transfer connection via SSL and files in transit, can send and receive transfers from any platform, including Windows, Linux, UNIX, IBM AIX, Sun Solaris, HP-UX, and IBM z Mainframe systems. The iSeries SFTP Manager is an all in one secure FTP (SSH) solution for all file transfer requirements that runs natively on the IBM i iSeries AS400. The iSeries SFTP Manager can encrypt any IBM i file type including DB2 database files, flat files, IFS files, Save Files and spool files, while supporting receiving PGP encrypted files from other platforms including Windows, Linux, UNIX, IBM AIX, Sun Solaris, HP-UX, and IBM z Mainframe systems.
The iSeries SFTP FTPS Manager for IBM i AS400 implements the full specification for secure SSL FTP providing an encrypted and firewall-friendly implementation of encrypted FTP. SFTP Manager conforms to the Internet standard RFC2228. Many financial institutions are now requiring that companies use encrypted FTP even when they have encrypted a file with PGP. SFTP Manager provides the automation and command support you need to meet these requirements. SFTP Manager fully integrates with IBM iSeries AS400’s security strategy by using the IBM OS400 Digital Certificate Manager for certificate management and SSL communications, so you will have full support for IBM secure audit journaling and native IBM iSeries AS400 security controls. It also means that SFTP Manager will use the IBM SSL accelerator hardware card to speed up SSL encryption if installed, which is a no-charge licensed program from IBM that is included with OS400.
Contact for pricing, demonstrations and proof of concept trial evaluations.
Automating Secure File Transfers
SFTP Manager for iSeries AS400 can many automation features, which can transfer any file by associating it with library managed by SFTP Manager, as well as automatically transfer any file in an IFS directory (including files in Windows Networking folders or UNIX NFS directories). SFTP Manager can also automate receiving files from remote FTP servers via its Auto-Scan feature that periodically connects to the remote FTP server and pulls new files to your IBM iSeries AS400 destination defined.
PGP encryption is the standard for secure file encryption at banks, insurance companies, benefits providers, medical insurers and many other industry service providers. SFTP Manager implements industry standard PGP based on RFC2440, so the SFTP Manager can encrypt and decrypt files with PGP on your IBM iSeries AS400.
Automating PGP Encryption
PGP encryption can be automated using several different facilities in SFTP Manager, or use PGP commands for encryption, decryption, key management, and file signing. The PGP commands and APIs extend encryption and decryption capabilities into any business application, which allow you to process decrypted files directly into your applications without human intervention.
PGP key management is fully implemented on your IBM ISERIES AS400 platform and there is no need for external key servers or key stores. You can maintain multiple key stores for maximum flexibility, and there is no limit to the number of keys you create or import.
Secure Shell (SSH) sFTP
Secure shell (SSH) is a UNIX application that provides for secure and encrypted command line, telnet, file transfer, and file copy functions. SFTP is the most commonly used secure file transfer method used by companies to protect their data as it moves between servers on a network or to remote servers. SFTP Manager implements the IBM OpenSSH application with some additional features for automation, compliance logging, and password controls. You can send and receive files using the SFTP Manager to address regulatory compliance requirements for encrypted transfers. SFTP Manager provides a fully automated solution for securely sending and receiving files to and from any platform your company needs to communicate with.
Intelligent Firewall Negotiation
When companies exchange files outside the network, the file transfer session must pass through two firewalls, which commonly present negotiation problems for encrypted FTP sessions. SFTP Manager utilizes many features that help solve firewall negotiation issues. The SFTP Manager’s SSL FTP implementation utilizes Clear Command Channel (CCC), which decrypts the connection after a password has been authenticated by the remote FTP server, which then allows the remote firewall to handle the FTP transfer from this point. This strategy is used by many banks and high end secure FTP solutions. When a remote FTP server does not support the CCC command, SFTP Manager provides extended functions to allow the FTP session to continue over the encrypted tunnel. These functions are called “Intelligent Firewall Negotiation” which are automatically used when possible.
Truly Automated File Transfers - Libraries, IFS Directories, Folders and File Systems
SFTP Manager includes many automation functions to minimize human involvement needed for file transfers. The library scan function allows you to define one or more libraries to be monitored for file transfers. When a file lands in the library and SFTP Manager completes the entire secure file transfer process, including any file encryption required. The Directory Scan function provides the same secure file transfer automation for files stored in IFS directories. SFTP Manager can encrypt and transfer any file in the IFS directory, and automatically archive it. The directory scan facility supports normal IFS directories as well as Windows Network folders, UNIX Network File System (NFS) mounted directories, QDLS folders, and remote IBM iSeries AS400 directories through the QFileSvr.400 directory. The SFTP Manager can auto-scan facility can connect to any number of remote FTP servers and automatically pull files to your local system where they can be processed into your business applications.
Centralized Secure File Transfer Solution for entire enterprise
Most IBM iSeries AS400 customers run applications on Microsoft Windows, Linux, and UNIX servers. SFTP Manager can provide a centralized hub for all secure file transfer requirements. With the use of Windows Networking and UNIX NFS, SFTP Manager can pull files from your Windows, Linux, and UNIX servers and send them to vendors and customers. When SFTP Manager receives files from remote systems it can decrypt and save them to Windows, Linux, and UNIX systems. This approach provides for a hub-and-spoke configuration of centralized FTP transfer.
Compliancek, Auditing and Logging
SFTP Manager creates audit trails of all file transfer activity and provides reports for compliance monitoring. You can meet PCI, HIPAA, Sarbanes-Oxley, and other data security regulations that require monitoring of system activity. The optional LogAgent solution for the IBM iSeries AS400 can help you manage all of your system logging requirements. LogAgent extracts logs from the IBM security audit journal, QAUDJRN, formats them to the syslog standard, and sends them to a log collection or SIEM product.
High Availability and Mirroring
SFTP Manager is compatible with a variety of high availability products. You can securely mirror the application to a high availability server or to a disaster recovery site.
SFTP Manager encryption and file transfer protocols support open standards. The PGP option is compatible with the OpenPGP standard documented in RFC2440. The secure SSL FTP solution is compatible with RFC2228. The Secure Shell SSH sFTP solution is based on the OpenSSH implementation which is a proposed Internet standard. The optional LogAgent system logging solution implements the system log format based on RFC3164.
Banks, Insurance Companies, Benefits Providers
SFTP Manager is compatible with a wide variety of banks, insurance companies, authorization networks, benefits providers, medical claims services, and EDI networks. The following is a partial list:
Banks: Bank of America, Wachovia, Wells Fargo, US Bank, State Street, ABN Amro, CitiGroup, JPMorgan Chase, BankOne, and others.
Medical: Blue Cross Blue Shield, State of California, State of Florida, Hewitt Associates, ZirMed, WebMD, and others.
Services: Merrill Lynch, Fidelity, ADP, Frick, TALX, eTRAFX, AllTel, Bell South, and others.
Networks: GXS, Inovis, Sterling, IBM Advantis (now GXS), Pantellos, and others.
Authorization: Visa, American Express, ADS, Chase Paymentech, First Data, ValueLink, and others.
Summary of Benefits
Encrypt and decrypt on your IBM iSeries AS400 without transferring data in the clear to external servers
Enforce Security Policies, by automatically enforcing data protection with centrally managed policies
Start encrypting data automatically without any programming required for out-of-the-box ready deployment
Meet Compliance Reporting Requirements of PCI, HIPAA, GLBA, Privacy Notification and other data security regulations that require encrypted transfer of your most sensitive data. Record all encryption and file transfer activity to meet compliance reporting requirements.
PGP Encryption (Optional) PGP Command Line 9 provides cross-platform, standards-based encryption that works with all other PGP solutions