Presentation on theme: "1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions."— Presentation transcript:
1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions
Agenda Axway Overview Context: a brief history of file transfer Managed File Transfer Overview File Transfer Patterns Best Practice Approach Q&A
About Axway Serve 11,000+ Customers Globally 1,700 Employees Global Company -- key US offices in Phoenix, AZ Redwood City, CA 31 US security patents / 15+ years of R&D Acknowledged Innovator and leader Leaders Quadrant – Gartner Managed File Transfer (MFT) Leaders Quadrant – Gartner Business to Business Integration (B2Bi) Leaders Quadrant – Gartner Email Encryption Customers Multi-Nationals Government Financial Services Fortune 500
Files are being transferred everywhere DMZ ftp server Application server Application server Application server External Vendor External Customer Internal User External Partner System Partner System Rogue ftp server ftp SMTP Physical Media
FTP – The De Facto Standard Most Common Internet File Transfer Method Client / Server Architecture Client initiates all connections Many Variations Of FTP, (Vendor Customizations) FTP Problems No Encryption User Names and Passwords Are In The Clear No Integrity Checking No Checkpoint Restart No Tracking No Management FTP Scripting
Managed File Transfer ( MFT ) According to Gartner The Gartner “Managed File Transfer Suites: Technology Overview” report identifies a managed file transfer suite as having the following functionality: –Secure Communications: This entails a collection of commonly used protocols and technologies used for transporting and ensuring the authentication, privacy, non-repudiation and authorization of data between two or more entities. –Management: This is the ability to monitor and control the data (regardless of size) throughout the file transfer. –Integration functionality: Adapters or exposed application programming interfaces. –Streaming input /output: This capability enables the MFT Suites to overcome physical hardware limitations and operating environment limitations. –Checkpoint/restart capabilities: This capability lets the user resume incomplete file transfers as a result of interrupted transmissions, accidental or otherwise.
Axway 2010 MFT Survey Results Axway interviewed 150+ IT Executives that manage file transfer operations...here are some key findings
88% - concerned about violation of security mandates and preventing data loss via human driven data exchange 83% - still use FTP for external data exchange 78% - concerned about internal/external visibility and monitoring of data file exchanges 44% - currently use unmanaged methods for sending files too big for corporate email exchanges Axway 2010 MFT Survey Results
Application Integration Pattern Internal File Movement Between Systems –Peer-to-Peer / File Bus –Hub and Spoke Automated and Process Driven Centralized Governance Multi-Platform Considerations Do you have visibility to the data? (i.e., more than system monitoring) Are your internal systems secured? (at a minimum no FTP)
Business to Business (B2B) Pattern Connecting with other organizations –Standards driven –Context aware Community and partner lifecycle management are essential Automated and process driven Flexible security Often requires data services –Validation –Transformation –Routing Are your current tools able to address your needs? Do you have the business involved to help manage your trading community?
Multi-Site Integration Pattern File movement between systems across sites (hub/spoke or peer to peer) Centralized governance and site management Automated and process driven Broadcast/Collect Multi-platform considerations Deploy and manage multiple connections (efficiently) Automate, Automate, Automate
Portal File Services Pattern Connecting the human web experience and MFT Web portal exposing a business service User access and management (LDAP/AD, SSO, On-boarding) Transparent integration with end user workflow and backend systems More than ease of use (secure and efficient file exchange beyond the portal) Seamless and complete integration (no hops, batching, or queuing)
Ad-Hoc File Transfer Pattern Unplanned processes between humans Two models –Repository based (persistence for sharing) –Recipient based (targeted to individual or group) User access and management –LDAP/AD –SSO –On-boarding Policy based control of file access and transfer Can you audit and govern H2S/H2H exchange? (controlling the humans is a must!) Define security up front and stand your ground
Humans Systems File Transfer Patterns 1. Application Integration 2. Multi-Site Integration 3. B2B4. Portal File Transfers5. Ad hoc & email Automated Interactive Security / Visibility / Governance