Embed Size (px)
DESCRIPTION
LIBRO
Citation preview
SDTS User Guide
ITS Global
May 2014
1
Glossary
1 Introduction 4
1.1 Audience 4
1.2 Conventions Used in this Document 4
2 Best practices 5
2.1 Transferring very large files 5
2.2 Splitting files 5
3 Accessing SDTS 6
4 Using the SDTS Web Interface 7
4.1 Logging In 7
4.2 Forgotten Password 8
4.3 Transferring Files 10
4.4 Stopping and Resuming a Transfer 12
4.5 Changing a Password 12
4.6 File Options 12
4.7 Deleting a File 13
5 Logging Out 14
5.1 Manual Log Out 14
5.2 Automatic Log Out 14
6 Automated file transfers 15
7 Using SecureFX to transfer files 16
7.1 First Logon 16
7.2 Resume up- or downloads 24
7.3 Delete files 24
7.4 Transferring multiple files at once 24
2
7.5 SecureFX behaviour 26 7.5.1 Download option 26 7.5.2 Drag & Drop from other windows 27 7.5.3 Transferring different file-types 28 7.5.4 Session disconnect 29 7.5.5 Closing SecureFX 30
3
Document review and approval Revision history
Version Author Date Revision
1.0 Remko Feenstra November 13, 2013 Draft
2.0 Daniel Valcq November 19, 2013 Draft
3.0 Remko Feenstra November 27, 2013 Draft
4.0 Remko Feenstra March 24, 2014 Draft
This document has been reviewed by
Reviewer Date Reviewed
1. Daniel Valcq November 21, 2013
2. Jason Jennings November 22, 2013
3.
4.
This document has been approved by
Name Date Approved
1. Jason Jennings November 22,2013
2.
3.
4.
5.
4
1 Introduction
The Secure Data Transfer Service (SDTS) is a requirement from the business (Audit, Tax and ITS Global) to securely exchange large amounts of data between clients, vendors, etc., and KPMG, and vice versa. The service described in this document supports different levels of authentication and authorization, and is capable of handling significant file sizes (in gigabytes).
This application is browser-driven and is located in each of the three global datacentres.
The SDTS services offered are:
Shared Folder: A shared folder is a folder used between multiple accounts for file transfer.
Automated or manual transfers: SDTS is capable of performing automated transfer and routing of files. Files can be fetched from one remote server (pull) and transferred to another remote server (push). Transfer can take place according to a schedule or on event driven basis.
The focus of this document is on shared folders, as this is the most commonly used service.
1.1 Audience Users of the SDTS service who own an account for file transfer. This document provides step by step instructions on how to use the SDTS service, using the web interface and SecureFX.
1.2 Conventions Used in this Document Table 1 lists the conventions used throughout this document.
Table 1: Typeface Conventions
Convention Description
Click OK to continue. All button text is bolded.
Select View, Toolbars and Standard from the menu bar.
Click OK to continue.
When referring to menu items, the word ‘Select’ is used as the command, with the menu items bolded and separated by a comma.
When referring to window buttons, the word ‘Click’ is used.
5
2 Best practices
This application is only a file-transfer service and not a file-storage facility.
The SDTS Web interface only supports file sizes up to approximately 1-2 Gbyte. If you need to transfer files larger then 1-2 Gbyte or encounter transfer issues of files larger then 1 Gbyte you should use an SFTP client such as SecureFX. Please refer to chapter 7 Using SecureFX to transfer files. The SecureFX client is commercial software and would need to be purchased. There are many free alternatives such as FileZilla. It is not possible for this document to cover the required configuration for all the various SFTP software packages available. It is strongly recommended you refer to the vendors documentation to assist with the configuration.
Please be aware that there may be proxy servers that are in between you and the SDTS server which may have time-out settings configured that will prevent the transfer of large files. The time-out on the SDTS server web-server will support transfer of files up to 1-2 Gbyte (depending on the actual transfer speed).
2.1 Transferring very large files If you need to transfer huge files (over 5 Gbyte) you may want to consider splitting the file into smaller parts. Using concurrent transfers may improve your transfer time significantly (depending on the available bandwidth and latency).
When using the web-interface you should split large files in parts of 1 Gbyte or smaller and transfer the files using multiple concurrent sessions (not more the 4 concurrent sessions). You can open multiple browser windows to do so.
When using an SFTP client (like SecureFTP) you should split the file into 4-6 chunks. You can then transfer the chunks concurrently (see the SecureFX user manual in this document). Using more than 4 concurrent sessions will in general not improve transfer speeds (depending on latency and available bandwidth).
2.2 Splitting files You can split files using various tools. KPMG’s standard is Winzip. You can use the Winzip command line add-on to split (and encrypt) a file in smaller parts. The Winzip command line add-on is not installed by default, you can download it at: http://www.winzip.com/prodpagecl.htm
6
3 Accessing SDTS
This document contains information on accessing SDTS, using the web based client and the SecureFX client. The web based client offers a user friendly way to manage your documents. When more functionality is required, please use a SecureFTP client.
7
4 Using the SDTS Web Interface
Standard access to the Secure Data Transfer Service (SDTS) application is via a web browser window. Files can be transferred from any browser that can connect to the Internet.
4.1 Logging In To log in to the application:
1 Open a web browser window and navigate to the Secure Data Transfer Service application appropriate to your region; https://sdts.amr.kpmg.com/ (Americas region) https://sdts.aspac.kpmg.com/ (Asia Pacific region) https://sdts.ema.kpmg.com/ (Europe and Middle East region)
2 The login page is displayed:
3 Enter a valid username and password. If this is the first time the username and password are being used, a further page is displayed, requesting the password be changed before proceeding further.
4 If you have forgotten your password, please refer to section 4.2 5 If this is the first time you are accessing the SDTS environment, you will need to accept
certificate trusts the first time they login into the SDTS.
8
6 Click continue
7 Once successfully logged in, the Welcome page is displayed, showing the Home directory to which you are subscribed to see.
4.2 Forgotten Password 1 If you have forgotten your passsowrd, click on the “Forgotten Your Password?” link. This will
provide the option to put in an email address so that a new temporary password can be sent to you via email.
9
2 Please click on reset password. You will receive an email with a link in it as highlighted below
3 Please click on this link which will redirect you to a web page indicating that an email with the your new (temporary) password will be sent shortly as seen below.
4 The web page can now be closed. It can take a few minutes for the email to arrive.
10
5 Once the email is received, please take note of the temporary password and click on the link to start the login process. You will be taken to the login page where you must change the temporary password, to make a new permanent password. Please be aware of the password strength requirements for the new password.
6 Once the password has been successfully changed, you are requested to re-authenticate by logging back in again, using the new password.
4.3 Transferring Files To upload a file to the shared folder on SDTS:
1 Click on the Browse button, a dialog box appears allowing the user to browse for the files they wish to upload.
11
2 The file can then be uploaded by clicking on the Open button seen at the bottom of the dialog box.
Note: Files should be uploaded to the shared folder only, not the Home directory. The Home directory is only available via your login account thus cannot be shared with other users. Only shared folders are shared with other nominated SDTS accounts.
3 Click Upload File
On your screen you can see now that your file has been uploaded. You can see the name, size,date and time.
12
Note: The upload time is dependent upon various factors, including the size of the file and the available network bandwidth.
SDTS has an optional feature where an e-mail notification is sent to a specified e-mail address once a file has been successfully uploaded; a notification can also be sent if the transfer fails.
4.4 Stopping a Transfer Due to certain circumstances, it may be necessary to temporarily stop a file transfer. SDTS allows file transfers to be stopped as required. Go to the tab account and this will stop the transfer.
4.5 Changing a Password To change the password of your account while is currently logged in, click My account on the Welcome page. A new tab will be opened allowing you to change your password. To abort the changing of the password, close the tab.
4.6 File Options Before you can use the file options, actual files (and not folders) must be available; i.e. files must have been previously uploaded to the server.
1 When logged in, the My Files tab will be present, this tab displays the files which were previously uploaded.
2 To download a file, click the box (you can choose more then one file) before the filename and click on the Download
button
13
3 A new window will open allowing you to browse to the location where the file is to be saved. If you wish to open the file from SDTS, it can be double clicked.
Transfer Mode: You can change the transfer mode between binary or ascii in the start screen located on the top right. It is possible to also change the password in this screen. Binary transfers are the most common.
4.7 Deleting a File A file can be deleted by simply clicking on the box before the file and pressing the delete button
14
5 Logging Out
There are two ways in which a user can exit the application: Manual or Automatic.
5.1 Manual Log Out To manually log out of the application:
Click Logout and you are redirected to the login page again.
5.2 Automatic Log Out For security purposes, the SDTS application has a timeout period. If a session is idle for a predetermined period, the session is automatically logged out.
15
6 Automated file transfers
When you use automated file transfers you need to user SecureFX (see next chapter). Because there is no use for email the webpage is different, for this we use Jelly Ball.
This shows the option to browse locally for the file, just click upload file to transfer the file to the server. You can delete files by using the delete button. Downloading uploaded files is done by the download button.
16
7 Using SecureFX to transfer files
The Van Dyke SecureFX client is the de-facto standard within KPMG to securely transfer files. SecureFX is a fast and reliable option to transfer files larger than 1 Gb.
This chapter will explain the usage of SecureFX to transfer files. This manual does not discuss installation of SecureFX, it assumes you have SecureFX already installed.
Note: Please be aware that SecureFX will not function through proxy-servers, you need a direct Internet connection in order to connect to an SDTS server. All servers in the Global Data Centre can connect directly to a SDTS server, please contact the Global Helpdesk for the correct internal DNS names.
7.1 First Logon When opening SecureFX you will be presented the following window:
To create a session click on New session You will be presented with a new dialog box
17
Select SFTP as the protocol and click Next.
Type the SDTS site you want to connect to (sdts.ema.kpmg.com, sdts.amr.kpmg.com or sdts.aspac.kpmg.com
Click Next.
), port 22 is the default port number. If you are working from servers within one of the Global data centres you should contact the Global Helpdesk for the correct DNS name to use.
18
Enter your username given by the administrator (this is your IID or email address). Optionally you can enter your password, for security reasons this is not recommended.
Click Next.
Fill in the initial directory, or enter “/”, click next.
19
Fill in a session name and a description (whatever you prefer) and click Finish.
The session will be displayed in the Connect window. To connect select the session and click on Connect.
20
If this is the first time you connect to the SDTS server you will be prompted to accept the host key, please click Accept & Save. The following popup is displayed, click OK:
If you have not filled in your username or password you will be presented with a logon box, please enter your username and password and click OK.
21
The directory-structure on the SDTS server will be displayed, in order to simplify drag & drop you can tile the windows (horizontally or vertically) as shown in the next figure.
Click Window, Tile Horizontally.
22
To transfer files you can drag & drop them from one window to another, the transfer status window will be shown.
Note: Per session you can only transfer one file at a time all though you can select the window again you cannot drag & drop another file from and to the SDTS server window until the transfer is completed. If you do so you will be prompted with various error messages. Please see section about transferring multiple files at once.
If the file exists on your local machine you will be prompted and you have the option to rename it or overwrite it before it is downloaded.
23
Click No if you do not want to cancel the download, Rename if you want to rename, Yes if you want to overwrite the file.
If the files exists on the remote SDTS server you will be prompted and you will have the option to overwrite (Yes) or cancel (No) the upload.
24
7.2 Resume up- or downloads SecureFX has the option to resume broken or canceled downloads, please ensure that the file you resume is the exact same file and not another version with the same name. No checks are performed to guarantee this.
If the file is already partly uploaded or downloaded you will the option to resume the up- or download. Click on Resume to do so.
7.3 Delete files Delete files by selecting them and hit the Delete key or click on the X button
Click OK to delete the selected files, or Cancel to abort
7.4 Transferring multiple files at once In order to transfer multiple files concurrently (to reduce transfer time, improve performance over high latency links) you need to open as many sessions to the same server as you want to transfer files concurrently.
The SDTS server will allow to connect more then one session per user. It is advised to use no more then 4 concurrent sessions at a given time as more then 4 sessions in general will not improve file transfer times.
In the example below we have opened 2 sessions. You can now drag & Drop one file from or to each session from or to the local window.
25
You will see 2 transfer status windows:
26
Please note that each separate window to the same server will display different information as the windows are not automatically refreshed.
In order ro update the windows you need to select the windows one by one and click the refresh button
7.5 SecureFX behaviour This chapter will discuss some of the non-standard behaviour of SecureFX.
7.5.1 Download option
The download option will not download the file to the directory in the local window if you have entered a download directory under Global options/Session options. in that case the download directory will be used.
27
7.5.2 Drag & Drop from other windows
SecureFX only supports Drag & Drop from an Explorer window to SecureFX. You cannot drag & drop files from SecureFX to an Explorer window.
28
You can only Drag & Drop one way.
7.5.3 Transferring different file-types
SecureFX will recognise certain file-types and transfer them in either ASCII or Binary mode. If you do not know you should use Binary mode. There could however be exceptions.
How SecureFX handles a specific file type is configured in the Global options under the Options menu:
29
Options are:
• ASCII
• Binary
• Prompt for type (Unknown: ask user)
SecureFX will display the following prompt if it does not know the file type:
Select Binary and click OK if you do not know.
When opening a remote file you can also be prompted:
Open it will download the file and open it in (in this case) Powerpoint.
Save it to disk will save the file locally
7.5.4 Session disconnect
Due to timeout or manual session disconnect you may loose your connection to the SDTS server. If the connection window in SecureFX is still open it will try and reconnect. You may be prompted with the following:
If you Drag & Drop files the Transfer status may indicate that it is Establishing a connection to the SDTS server (bottom line):
30
7.5.5 Closing SecureFX
When closing SecureFX you may be prompted if you want to close the open sessions, please be aware you will get one prompt per open session:
If you have 2 sessions open to the SDTS EMA server you will be see this prompt twice
Contact us
Jason Jennings Connectivity Services T +61 3 9288 5909 E [email protected]
© 2013 KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved.
www.kpmg.com
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.
The KPMG name, logo and “cutting through complexity” are registered trademarks or trademarks of KPMG International Cooperative (“KPMG International”).
