File Connectivity

8/12/2019 File Connectivity

1/4

Global File Delivery Solutions (GFDS)File Connectivity Overview

ENT GFDS 11/23/10 Page 1 of 4

InternetFTP w/Pretty Good Privacy (PGP) A communication protocol governing the file transfer between computers over aTCP/IP network and utilizes a computer program that provides cryptographic privacy and authentication. PGP is oftenused for signing, encrypting, and decrypting confidential communications.

Security and Benefits:PGP messages are digitally signed using the senders Private Key. The receiver of the data then uses thesenders Public Key to ensure that is originated from the sender, which authenticates the file origin andensures file integrity along with originator non-repudiation.PKZIP compression is used to compress data before encryption, which strengthens the encryption as wellas reducing the file size.GFDS utilizes PGP version 7.5, which supports IDEA, Triple-DES, CAST5, AES128, AES192, AES256, andTwofish.GFDS encrypts with AES256.

Requirements:PGP is a peer-to-peer product, which requires the product to be installed and purchased by any GFDScustomer.

Applicability Statement 2 (AS2)A specification for securely exchanging files over the Internet using MultipurposeInternet Mail Extensions (MIME), HTTP, and MDN.

Security and Benefits:Provides synchronous, real-time transmission o f data with immediate message delivery notice.

Industry standards for Internet-based data exchange created for transporting EDI or XML documentsCompatible with any trading partner using an AS2-interoperable solution via the InternetTransmissions are encrypted to ensure only the sender and receiver can view the data

Digital signatures ensure authenticationNon-repudiation of receipt confirms that intended party received the file

Requirement:GFDS customer must have A S2 software package installed on their end

HTTP (Hypertext Transfer Protocol)A system for transmitting and receiving information across the Internet.HTTP serves as a request and response procedure that all agents on the Internet follow so that information can be rapidly,easily, and accurately disseminated between servers, which hold information, and clients, who are trying to access it.

Security and Benefits:Uses a reliable, connection-oriented transport service such as TCP.Stateless Protocol where each request is interpreted independently, without any knowledge of the reque stthat came before it.

Requirements:Outbound and Inbound transmissions must be initiated by GFDSOnly available in conjunction with AS2 so GFDS customer must have AS2 software package installed ontheir end

HTTPS - A secure means of transferring data using Hypertext Transfer Protocol Secure with Secure Socket Layer (SSL)encryption.

Security and Benefits:Transmissions are encrypted using 128-bit SSL encryptionID and password are encrypted and authenticated to allow confidential access to your data

Requirements:

Outbound and Inbound transmissions must be initiated by GFDSOnly available in conjunction with AS2 so GFDS customer must have AS2 software package installed ontheir end


2/4



Internet - continuedFTPS (SSL)File Transfer Protocol Secure (FTPS) with 128-bit SSL encryption.

Security and Benefits:Transmissions are encrypted using 128-bit SSL encryptionID and password are encrypted and authenticated to allow confidential access to your data

Requirements:

Outbound and Inbound transmissions must be initiated by GFDSGFDS may require Firewall changes to allow this option

SFTP (SSH)Secure File Transfer Protocol (SFTP) with AES 256-CBC encryption.

Security and Benefits:Transmissions are encrypted using A ES 256-CBC encryption

SSH encrypts authentication and data before sending it over the open network

Requirements:Outbound and Inbound transmissions must be initiated by GFDSGFDS may require Firewall changes to allow this option

Connect:Direct (formerly Network Datamover (NDM)) Data transfer software product that distributesinformation and manages production activities.

Security and Benefits:Moves large amounts of dataProvides data compressionTransmission check-point and restart

Records security v iolations

Advanced network and data security optionsGFDS uses Secure+ which supports Station-to-Station (STS) and Secure Sockets Layer (SSL)Requirements:

GFDS customer must have Sterling Commerce Connect:Direct Software with Secure+When using STS, public keys will be exchanged with the customer

With TLS, GFDS uses Verisign certificates for SSL encryption


3/4



Value Added Network (VAN)Value Added Network A service provider used to facilitate Electronic Data Interchange (EDI) or provide othernetwork services. GFDS uses Inovis and legacy AT&T Global Network Services (AGNS) connections

Security and Benefits:One connection to multiple trading partners

Requirements:GFDS customer must have a VAN providerInterconnects are available to most other VANs

VPNFTP - A communication protocol governing the file transfer between computers over a TCP/IP network

Security and Benefits:Site-to-Site tunnel using Triple-DES or IPSec encryptionID and password are encrypted and authenticated to allow confidential access to your data

Each VPN customer is secured within their own unique VPN tunnelOnce tunnel is established, no additional cost for adding additional customer

Requirements:GFDS customer must have a supported VPN device (FXR Unit can provide these) note that not all VPNdevices are supported

Connect:Direct (formerly Network Datamover (NDM)) Data transfer software product that distributesinformation and manages production activities.

Security and Benefits:

Moves large amounts of dataProvides data compressionTransmission check-point and restart

Records security v iolationsAdvanced network and data security optionsSite-to-Site tunnel using Triple-DES or IPSec encryptionID and password are encrypted and authenticated to allow confidential access to your data

Each VPN customer is secured within their own unique VPN tunnelOnce tunnel is established, no additional cost for adding additional customer

Requirements:

GFDS customer must have a supported VPN device (these can be provided at a later date)GFDS customer must have Sterling Commerce Connect:Direct Software


4/4



Dedicated Line (Leased Line/Frame Relay)FTP - A communication protocol governing the file transfer between computers over a TCP/IP network

Security and Benefits:ID and password are encrypted and authenticated to allow confidential access to your dataHandles speeds up to and including T1 connections

Encryption method is Triple Data Encryption Standard (3DES) which is based on a 56 bit encryption keyRequirements:

For GFDS owned and supplied router configurations, a Plain Old Telephone Service (POTS) dialconnection is required for router maintenanceIf GFDS customer owns the circuit, GFDS requires 2 circuits one into each of the GFDS datacenters fordisaster recovery purposesTimeframe can be 6-8 weeks for implementation

Connect:Direct (formerly Network Datamover (NDM)Data transfer software product that distributesinformation and manages production activities.

Security and Benefits:

Moves large amounts of dataProvides data compressionTransmission check-point and restart

Records security v iolationsAdvanced network and data security optionsHandles speeds up to and including T1 connectionsEncryption method is Triple Data Encryption Standard (3DES) which is based on a 56 bit encryption key

Requirements:For GFDS owned and supplied router configurations, a Plain Old Telephone Service (POTS) dialconnection is required for router maintenance)If GFDS customer owns the circuit, GFDS requires 2 circuits one into each of the GFDS datacenters for

disaster recovery purposesTimeframe can be 6-8 weeks for implementationGFDS customer must have Sterling Commerce Connect:Direct Software

Documents

File Connectivity