Designing a file transfer system can be a difficult task. Which file transfer protocols should I use? Do I need server-side or client-side software or both? How do I authenticate my file transfer users securely?
Your first step in this journey is to understand your requirements. In this post, we summarize the requirements into sections for you to consider and think about.
After you have determined these requirements, feel free to contact the team or sign up for your evaluation of SFTPPlus MFT below!
Assess your requirements for a file transfer software
The first step is to list down all of your requirements for file transfer technology. While this may be obvious, there may be some items that you have not even considered when hunting for options.
1. What are your protocol requirements?
There are a number of file transfer protocols in place, with certain protocols being more secure than others. We have a guide about file transfer protocols which will help you make more informed decisions.
2. What are your workflow requirements?
Will the file transfer software be able to sync with your current workflow? Will there be any impediments or considerations that need to be taken into account when migrating your workflow into a file transfer solution? Will you be automating any transfer scenarios?
It is questions like these where it helps to get in touch with our Support team with your transfer scenarios. And from there, we can convert these scenarios into the basis of an actual configuration for you to use with our software.
3. What are your programmability requirements?
Will you require access to the API and will the developers be knowledgeable of the API codebase? What are your integration requirements that is required to be programmed as part of the file transfer solution?
4. What are your security requirements?
Will you require an AV programme to run post-process actions after transfers? Will you be able to specify exactly which ciphers should be used? Will the file transfer software meet your AAA framework? Having these requirements in mind will help meet your organization's security goals and will also help us in ensuring that the software is delivered in the most secure manner as possible.
5. What are your operational requirements?
Does the file transfer software support your operating system? Are there any upgrades required in order to run the required packages? Can the software be integrated with resilient and highly available systems?
These five questions are just the beginning in terms of thinking about your file transfer requirements. Please read on for more advice.
Assess proprietary or non-proprietary solutions
Do you require a solution with vendor lock-in and only proprietary protocols? If you are looking for a solution that has vendor lock-in, then you may want to think twice and reconsider the benefits of open standards.
SFTPPlus operates with open and standard protocols, as supported by RFCs, making portability an ease when moving between using one protocol (such as FTPES) in favor of another (such as SFTP).
With the use of permissive free frameworks, such as Twisted Python, our developers also contribute to the upstream libraries that we use.
SFTPPlus is supported across both proprietary (such as Windows) and non-proprietary OS' (such as FreeBSD). The list of supported platforms are available here.
Optimize performance with costs
In terms of costs, SFTPPlus marks at the more affordable side with the focus on being cost effective while also delivering a high-end functional product. While there are larger software suites available on the market, many of these incorporate a number of overhead and other additional costs in order to operate that is not related to the file transfer software itself. Our focus is only on delivering our main product offering and services in secure file transfer and to deliver it well.
Consider the IT infrastructure that will house your file transfer system
You will want to select an option that will integrate with your current IT workflow requirements.
If your users are already authenticating with Windows Domain Accounts on servers running Active Directory, then you will want to use the same authorization mechanism for authorizing file transfer users.
Will you be implementing file transfers within specialized environments such as a high availability network?
Part of your IT infrastructure may also include legacy systems. Are you running on Unix system or do you need an SFTP server for your AIX system? Or what about Solaris 10 which has OpenSSL 0.9.7? Our software has integrated with the above requirements, and more.
Choosing a solution that suits and integrates with your existing IT infrastructure will also reflect positively on sunk costs in terms of still being able to maintain operations with these infrastructures.
Investigate how file transfers will be initiated
Will you be searching for a proactive or a reactive solution? Will you be looking to initiate file transfers (for example, via a user logging in) or will the solution require the transfer to be initiated (for example, by a rule or an event)?
What types of transfer scenarios will you be working with? Push scripts? Pull scripts? Will there be additional processing required?
What types of rules do you need support for the file transfers? Will there be events-based rules? Scheduling? Will there be a filter requirement?
With managed file transfer, you can set many rules to initiate a transfer and automate these actions. If you have not faced these requirements until now, feel free to contact the Support team with your questions and scenarios.
Figure out your authorization, accounting and auditing implementation
Similar to considering the existing IT infrastructure, you will also need to figure out that your authorization, account and auditing implementation is supported by the secure file transfer software.
Will the accounts be authorized with the correct set of permissions?
Will you be able to utilize existing authentication mechanisms with the file transfer product?
Will you be able to conduct the appropriate auditing as required for compliance and obligations purposes?
All of these requirements should be on the table while searching for a secure file transfer solution.
Evaluate options to further secure your file transfer system
Compliance is a requirement for a number of organizations today, especially in regulated industries such as banking and healthcare. You will need to enquire to see if the secure file transfer product has features in place to help with compliance. Whether it is only allowing FIPS 140-2 ciphers, ensuring that you are compliant with PCI or GDPR standards, or checking that the audit trail is HIPAA compatible, you will want to ensure that the options to be compliant and secure are available to you.
What is the approach to quality assurance?
How is the secure file transfer tested? Is it run against an automated test suite, manually tested with smoke test scenarios? Is it tested against the platform that you are using?
What considerations do you also need to undertake testing from your test lab? Soak, systems integration and unit integration testing may also be required. This is to evaluate the file transfer product as an additional check to see that it meets the actual systems, environments, processes and interactions that are specific to your requirements.
Consider any required upgrade paths for the future
While this requirement may be far from your mind when you are looking for a new solution, you may want to take note of what the required upgrade paths are.
How will you export the configuration from one system to another? What happens if an OS upgrade or a patch is made to a system?
Our upgrade paths are well documented and we work with our customers that are working on upgrading their systems that may affect the file transfer component. We have worked with many scenarios - whether it is a full OS upgrade, new nodes or a small patch to fix a vulnerability.
Part of the upgrade may require you having a functional system. In this case, our licensing allows for some time in between testing the new system with the upgraded version and allowing the system to run with the current version.