Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managed File Transfer: Insights and Best Practices

Similar presentations

Presentation on theme: "Managed File Transfer: Insights and Best Practices"— Presentation transcript:

1 Managed File Transfer: Insights and Best Practices
Steven Jordan Director, Supply Chain Solutions

2 Agenda Axway Overview Context: a brief history of file transfer
Managed File Transfer Overview File Transfer Patterns Best Practice Approach Q&A

3 About Axway Serve 11,000+ Customers Globally 1,700 Employees
Multi-Nationals Government Financial Services Fortune 500 Serve 11,000+ Customers Globally 1,700 Employees Global Company -- key US offices in Phoenix, AZ Redwood City, CA 31 US security patents / 15+ years of R&D Acknowledged Innovator and leader Leaders Quadrant – Gartner Managed File Transfer (MFT) Leaders Quadrant – Gartner Business to Business Integration (B2Bi) Leaders Quadrant – Gartner Encryption

4 A Brief History of File Transfer
| © 2010 Axway | All rights reserved.

5 A Data Driven World Over 80% of all business and organizational information is exchanged via files File Size Confidential / Critical Low High 0 MB 10 MB 100+ GB 1 GB Legal Contracts Image / Media Source Code / Software CAD Files Media / Video EDI Funds Transfer Sales Collateral Sales Data Application-to-application (A2A) Credit Card Data Volume, size, type and frequency of data exchange is unpredictable Community Size Structured Person to Person Business to Business System to System Un-structured Small Large © 2009 Axway - Confidential and proprietary. All rights reserved. 5

6 Intellectual Property (IP) Protection
IP protection is widespread and costly An overseas partner pirates a software title and sells it in local stores A sales manager leaves for a competitor – takes contacts and clients An employee inadvertently s an M&A term sheet to a wrong address A data tape containing retiree data falls of a truck en route to a backup facility – Gartner/AMR Research U.S. Department of Commerce estimates that counterfeiting and piracy cost U.S. businesses $250B+ a year Average cost for data breach is $202 per record, $6.6M per breach, 69% of which is associated with lost business (Ponemon Institute) © 2009 Axway - Confidential and proprietary. All rights reserved.

7 Files are being transferred everywhere
Partner System Partner System External Vendor External Customer External Partner ftp SMTP Physical Media DMZ ftp server ftp server Issues: Adding users/partners Visibility into where files are Scripting Security – data & credentials in DMZ Rogue servers Internal users ftp connections sending out sensitive info servers overloaded Lost and missing physical media Application server Internal User ftp server Application server Application server Rogue ftp server

8 FTP – The De Facto Standard
Most Common Internet File Transfer Method Client / Server Architecture Client initiates all connections Many Variations Of FTP, (Vendor Customizations) FTP Problems No Encryption User Names and Passwords Are In The Clear No Integrity Checking No Checkpoint Restart No Tracking No Management FTP Scripting 8

9 Managed File Transfer Overview
| © 2010 Axway | All rights reserved.

10 Managed File Transfer ( MFT ) According to Gartner
The Gartner “Managed File Transfer Suites: Technology Overview” report identifies a managed file transfer suite as having the following functionality: Secure Communications: This entails a collection of commonly used protocols and technologies used for transporting and ensuring the authentication, privacy, non-repudiation and authorization of data between two or more entities. Management: This is the ability to monitor and control the data (regardless of size) throughout the file transfer. Integration functionality: Adapters or exposed application programming interfaces. Streaming input /output: This capability enables the MFT Suites to overcome physical hardware limitations and operating environment limitations. Checkpoint/restart capabilities: This capability lets the user resume incomplete file transfers as a result of interrupted transmissions, accidental or otherwise.

11 are some key findings
Axway 2010 MFT Survey Results Axway interviewed 150+ IT Executives that manage file transfer operations are some key findings

12 Axway 2010 MFT Survey Results
88% - concerned about violation of security mandates and preventing data loss via human driven data exchange 83% - still use FTP for external data exchange 78% - concerned about internal/external visibility and monitoring of data file exchanges 44% - currently use unmanaged methods for sending files too big for corporate exchanges

13 File Transfer Patterns
| © 2010 Axway | All rights reserved.

14 Application Integration Pattern
Internal File Movement Between Systems Peer-to-Peer / File Bus Hub and Spoke Automated and Process Driven Centralized Governance Multi-Platform Considerations Do you have visibility to the data? (i.e., more than system monitoring) Are your internal systems secured? (at a minimum  no FTP) BT “Exact Project” – Telco– Transfer – File Bus implementation – nodes Fed Reserve – Government – ST - Application Integration Hub ING internal exchange project - Bank - Transfer CFT nodes on multiple OS (Z/Os, Unix, Windows, Non Stop Kernel, Os400) SFR - Telco - Transfer CFT nodes + XFB Gateway EDF - Energy - Transfer CFT (Hundreds installation - references should be found)

15 Business to Business (B2B) Pattern
Connecting with other organizations Standards driven Context aware Community and partner lifecycle management are essential Automated and process driven Flexible security Often requires data services Validation Transformation Routing Are your current tools able to address your needs? Do you have the business involved to help manage your trading community? Wells Fargo – Wholesale Banking – Gateway XFB– “Shared Transmissions Platform” (note also using Transfer for A2A) Vanguard – Fin Svcs – Gateway Interchange – Fidelity – fin Svcs – Gateway Interchange – “ Shared Data Transmissions Platform) Jabil – High Tech – Interchange – EDI use case. Kraft – CPG – Interchange – EDI use case BNP Paribas - Banking "BNP Sphere" project - Gateway XFB (Swift Fin + Interact + Fileact) Schenker - Logistic - XFB Gateway + XIB + Passport + Sentinel (Success storie available on Intraxway) Total - Oil provider - Energie - Gateway - Exchanges with providers Nestlé - Foods - Gateway Interchange - EDI exchange with their partners (AS2)

16 Multi-Site Integration Pattern
File movement between systems across sites (hub/spoke or peer to peer) Centralized governance and site management Automated and process driven Broadcast/Collect Multi-platform considerations Publix – Grocery/Retail – Transfer – Corporate to store use case. SFD - Telco/Retail - Transfer CFT + Gateway + Sentinel - Corporate to store and aggregating data from store Carrefour - Retail - XFB Gateway as Hub file platform (more than 1 million transfer per day) Total - Oil provider - Energie - Transfer InterPel + Gateway - Exchanges between Corporate and Subsisdiaries Deploy and manage multiple connections (efficiently) Automate, Automate, Automate

17 Portal File Services Pattern
Connecting the human web experience and MFT Web portal exposing a business service User access and management (LDAP/AD, SSO, On-boarding) Transparent integration with end user workflow and backend systems More than ease of use (secure and efficient file exchange beyond the portal) Seamless and complete integration (no hops, batching, or queuing) Canadian Institute for Health and Information(CIHI). CA –   – ST - Support Related, integrated with support portal. (single sign on to ST web client) NetApp –   – ST - ?? uploading dump files, distribute to back end =- PROSPECT RIM – CPG – ST - ?? NAMSA - Logistic for NATO - Secure Transport is using as a portal for RFP answers Toyota Europe - Car Manufacturer - XFB Gateway (HTTPS) + Endpoint Workstation - File Portal with small providers

18 Ad-Hoc File Transfer Pattern
Unplanned processes between humans Two models Repository based (persistence for sharing) Recipient based (targeted to individual or group) User access and management LDAP/AD SSO On-boarding Policy based control of file access and transfer Airbus – manufacturing– ST – Sharing design documents (repository based ad-hoc) IBM – Software – ST – Customer Support Portal for Log files (repository based ad-hoc) Intel – High Tech – ST -  Uses ST in M&A department to share documents between them and company being acquired or divested. Requirement was highly controlled and highly audited. Can you audit and govern H2S/H2H exchange? (controlling the humans is a must!) Define security up front and stand your ground

19 File Transfer Patterns
1. Application Integration 2. Multi-Site Integration 3. B2B 4. Portal File Transfers 5. Ad hoc & Systems Security / Visibility / Governance Automated Humans Application Integration Replace FTP Extensive Platform Support Non-Intrusive to Applications Integration with scheduling Multi-Site Integration Application Integration + Governance and Configuration management by groups (east coast stores, west coast, etc) Deployment and on boarding efficiency No/low touch at site level B2B Trading Partner Management tailored for a business analyst and to B2B nomenclature B2B content based contextual Routing, Visibility and configuration Extensive Business Protocol Support, Traditional File Transfer Protocol Support and Industry specialization Paves a path to B2Bi consolidation Portal File Transfers Seamless Integration with portal / browser user experience Single sign on and LDAP integration Often the gateway becomes invisible to the user Ad Hoc Ad – Hoc Repository Based Zero footprint client LDAP Integration for group rights / permissions Ad – Hoc Recipient Based Match the users user experience – Enforce Policy for transmissions Interactive

20 MFT Best Practices | © 2010 Axway | All rights reserved.

21 Centralize via a MFT Gateway
Corporate Network Internet Windows DMZ Edge Server UNIX EDIINT MFT Gateway HTTP/S Web Server Mainframe FTP/S SSHFTP Close gaps to the external Set priorities beyond consolidation Stage the scope of pattern coverage Rollout effort based on needs Other Customer Self Service | © 2009 Axway | All rights reserved.

22 Optimize B2B and Internal Integration
Corporate Network Internet Windows DMZ Business to Business Edge Server Application Integration UNIX EDIINT MFT Gateway HTTP/S Web Server Mainframe FTP/S SSHFTP Other Customer Self Service | © 2009 Axway | All rights reserved.

23 Extend Internal File Exchange
Corporate Network Internet Windows DMZ Business to Business T Edge Server Application Integration UNIX EDIINT T MFT Gateway HTTP/S Web Server Mainframe Multi-Site Integration FTP/S SSHFTP T Other Customer Self Service T | © 2009 Axway | All rights reserved.

24 Cover The Human Element
Corporate Network Internet Windows DMZ Business to Business T Edge Server Application Integration UNIX EDIINT T MFT Gateway HTTP/S Web Server Mainframe Multi-Site Integration FTP/S SSHFTP T Other Portal File Services Customer Self Service T Ad-Hoc File Transfer | © 2009 Axway | All rights reserved.

25 Managing Your File Transfer Patterns
Scope out growth and complexity of data framework Define and prioritize critical ‘exchange relationships’ S2S, B2B, A2A, P2P, B2P, B2C, etc. Quantify and qualify data content relationships Outline support for business types, groups, or departments Update compliance to standards and regulations Account for risk factors Consider both external and internal security event paths Identify the risk types (data loss, intellectual property theft, data privacy breach, compliance violations, etc.) Set realistic coverage objectives What level? How comprehensive or complex? © 2009 Axway - Confidential and proprietary. All rights reserved.

26 Questions/Discussion
For more information visit:

Download ppt "Managed File Transfer: Insights and Best Practices"

Similar presentations

Ads by Google