Overview of the Sterling MFT Product Suite

Sarath Babu V S
QA Architect
IBM ISL- B2B Sterling Commerce Labs (Industry Solutions)

© 2013 IBM Corporation

1
Agenda

Managed File Transfer Overview

MFT product offerings from IBM

IBM® Sterling Connect:Direct

IBM® Sterling File Gateway

IBM® WebSphere MQ File Transfer Edition

IBM® QuickFile™

IBM® Sterling Secure Proxy

IBM Sterling Control Center

IBM Sterling File Transfer Service

22 © 2013 IBM Corporation

Managed File Transfer overview
IBM® Sterling Managed File Transfer enables enterprises to manage and control the critical
information flows that run their dynamic business networks. Through seamless, reliable and
secure data delivery you can improve business performance, reduce IT complexity, support
growth and reduce your risk.

 Capabilities MFT Provides

 Assured data movement
 Centralized Control
 Accelerated transport
 Advanced security
 Regulatory Audit

 Issues MFT Can address

 Failed security audits
 Slow transfers
 Lengthy on-boarding
 “Where is my file?”
 FTP scripting
 Regulatory compliance

33 © 2013 IBM Corporation

MFT product offerings from IBM

IBM® Sterling Connect:Direct

IBM® Sterling Connect:Direct from IBM is the leading solution for secure, point-to-point file
transfers.

Acts as file-based middleware integration with 24x365 unattended operation

Provides assured delivery, high-volume, and secure data exchange within and between
enterprises

Optimized for high performance and throughput

Can move files containing any type of data (text, EDI, binary, digital content, image) across
multiple platforms, disparate file systems, and disparate media

Works on proprietary protocol that has never been breached

IBM® Sterling Connect:Direct Secure+ option provides additional security features

44 © 2013 IBM Corporation

MFT product offerings from IBM

IBM® Sterling Connect:Direct

Offers flexible security options to control access to data, network, or system resources. Supports a
comprehensive cryptographic solution

Automatically establishes connection to remote server when data is ready for transfer. Automatic session
retry re-establishes an interrupted connection; work resumes at the point of failure.

Provides automation through easy-to-use Process definition and scripting. Also, provide options to watch
directories

Provides browser user interface for administration. Also supports non-UI interface that other applications
can directly use (such as CLI and APIs)

Provides a complete audit trail of data movement through extensive statistics logs

Supports extensive configuration options for flexibility of deployment, management of network resources
and optimization of data transfer performance

Provides optional data compression that is configurable for maximum compression or optimal use of
system resources

Supports all major file types, media, and record formats across multiple platforms. Data exchange is
independent of content

55 © 2013 IBM Corporation

MFT product offerings from IBM

IBM® Sterling Connect:Direct

66 © 2013 IBM Corporation

MFT product offerings from IBM

IBM Sterling® File Gateway

IBM Sterling® File Gateway consolidates disparate centers of file transfer activity and
facilitates the secure exchange of file-based data over the Internet. Onboarding features,
communication-channel support and dynamic mailbox-based routing, helps improve
operational execution and time-to-revenue

A single, secure solution for “Edge”-based file transfer handles large files and high
volumes in any format, any protocol and any number of external connections

Onboarding Wizard and reusable templates expedites trading partner setup to accelerate
time-to-revenue

Visibility and self-service for better management leads to better decision making, faster
response and more satisfied customers and Business Partners

77 © 2013 IBM Corporation

MFT product offerings from IBM

IBM Sterling® File Gateway

Onboarding
• An onboarding Wizard and reusable templates enable the rapid onboarding of new partners
• Set up group based controls to limit administration of trading partner relationships
• Utilize import/export functionality to limit risk of production updates to trading partner configurations

Communication channels
• Connect:Direct, Connect:Direct Secure+
• WebSphere MQ File Transfer Edition
• FTP, FTPS, SSH/SFTP, SSH/SCP, HTTP, HTTPS, WebDAV, SOAP, ODETTE
• AS1, AS2 and AS3 support
• Extensible for custom protocols
• Utilize Zip and GZIP to compress files

Business processes
• Create pre-defined event-driven business processes to limit setup and administration of process flows
• Use rules based processing to elevate file transfers to a business level activity

Security capabilities
• Multiple encryption standards (PGP, SSL/TLS, S/MIME)
• Single sign-on, LDAP and user authentication
• Encrypt both in-flight and at-rest files
• Event logging provides a comprehensive audit trail of file transfer activities

88 © 2013 IBM Corporation

MFT product offerings from IBM

IBM Sterling® File Gateway

Management and visibility
• myFileGateway provides trading partners security-rich access to initiate upload and download requests
• Choose from Internet Explorer, Safari or Firefox
• Real-time monitoring and a self-service portal allows users visibility over in-flight file transfers
• Monitor file transfer activity on an “exception” basis using event management notifications
• Auditing and reporting provide metrics to help facilitate regulatory compliance and adherence to service
level agreements

Scalability
• Native horizontal and vertical clustering support the consolidation of file transfer servers and growth in
trading partner collaboration
• The technical architecture supports high volumes of file transfers and extremely large files virtually
without compromising performance

File processing and routing

• Use mapping capabilities to manage file naming relationships
• Automate the replay, reprocess and resend associated with failed file transfers
• Intelligently route files based on sender, file name, file type and file contents
• Reusable templates help reduce staff time to build and maintain file transfers processes

99 © 2013 IBM Corporation

MFT product offerings from IBM

IBM Sterling® File Gateway

10 © 2013 IBM Corporation

10
MFT product offerings from IBM

IBM® WebSphere MQ File Transfer Edition

WebSphere MQ File Transfer Edition provides a reliable managed file transfer solution for
moving files - regardless of their size - between IT systems

Leverages WebSphere MQ messaging as its reliable transport mechanism for moving files
– automatically manages its reliable messaging by using receipts to confirm delivery
and resends file data automatically as needed so that these operations are invisible
to users
– Use of queues to store file data assures reliable delivery even when the availability
of the network, hardware, and receiving applications are disrupted

Audit logs enable organizations to demonstrate that business data in files is transferred with
integrity from source to target file system

Graphical configuration tooling, integrated with WebSphere MQ Explorer, enables quick

and easy definition of transfers without the need for programming

Extend or customize WebSphere MQ File Transfer Edition using user-written exit routines.
User exit routines are Java programs that can perform ancillary processing at certain points
in the file transfer

11 © 2013 IBM Corporation

11
MFT product offerings from IBM

IBM® WebSphere MQ File Transfer Edition

12 © 2013 IBM Corporation

12
MFT product offerings from IBM

IBM® QuickFile™

IBM® QuickFile™ is the latest product offering from IBM

Person centric file transfer

Enables non-technical business users to securely and reliably exchange files inside or
outside their organization without software limits on file size

It is simple to install and use in a virtualized environment

With a Web 2.0 user interface, provides a simplified, yet powerful, user experience that
allows business users to self-register and initiate file transfers without traditional IT support

13 © 2013 IBM Corporation

13
MFT product offerings from IBM
IBM® QuickFile™
Simplicity
• Self-provisioning enables self-registration and use of the product.
• Self-service allows users to transfer files without IT involvement.
• Browser support includes Microsoft Internet Explorer, Mozilla Firefox, Apple Safari and Google Chrome.
• Drag and drop makes it easier to select and transfer files.

Flexibility
• There are no software or browser restrictions on the size of files that can be transferred.
• Pause/resume enables users to self-manage disruptions to file transfers.
• Single or multiple files can be embedded in the same transfer request.
• Multiple recipients can be designated in the same transfer request.
• Notifications help individuals monitor the delivery of files they send.
• Policies can govern expiration dates for files.

Security
• User ID and password authentication policies control expirations and login IDs.
• Data encryption occurs when data is at rest and in transit.
• File transfer events are logged for auditability.

Branding
• Company branding with logos and colors can be applied to each individual deployment.

14 © 2013 IBM Corporation

14
MFT product offerings from IBM
IBM® QuickFile™

15 © 2013 IBM Corporation

15
MFT product offerings from IBM

IBM Sterling® Secure Proxy

IBM Sterling® Secure Proxy is a demilitarized zone (DMZ)-based application proxy that
protects your file transfers from the public Internet, by enforcing tight controls including
trading-partner authorization, multifactor authentication and session break, before the
transfer ever enters your trusted zone

SSL session breaks and multifactor authentication – Help guard against unauthorized
access and reduce data vulnerability to protect your brand

Firewall navigation best practices – Increases perimeter security for your file transfer
infrastructure to comply with regulatory policies and pass tougher security audits

Self-service logon portal – Provides self-service password management for trading

partners reducing the dependency on IT staff

16 © 2013 IBM Corporation

16
MFT product offerings from IBM
IBM Sterling® Secure Proxy
Application proxy
• Resides in the demilitarized zone (DMZ)
• Supports IBM® Sterling Connect:Direct, IBM® Sterling Connect:Express and IBM® Sterling B2B Integrator servers
• Support for multiple DMZ environments
• Supports FTP, FTPS, HTTP, HTTPS, SSH/SFTP, PeSIT and Sterling Connect:Direct protocols
• Supports use of a FIPS 140-2 compliant data encryption module

Firewall navigation best practices

• Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are not stored in the DMZ
• Establishes sessions from more-trusted to less-trusted zones
• Enforces internal and external security policies

Perimeter security
• Prevents direct communications between external and internal sessions by establishing secure session breaks in the DMZ using
SSL or TLS
• Inspects protocol and sensitive control information, enabling configurable error handling for violations
• Session limits and data encryption guard against denial-of-service attacks

Authentication services
• Customizable logon portal provides self-service password management for trading partners
• Supports single sign-on and integrates with existing security infrastructure, including Active Directory and Tivoli user databases
• Multifactor authentication enforces tight controls and validation of trading partner identity in the DMZ before information is passed to
the trusted zone
• Authentication options include IP address, user ID and password, digital certificates, SSH Keys, RSA SecurID

Clustering
• One central configuration manager pushes out configuration rules to multiple engines running in the DMZ, making it easy to scale
• Clustering for high availability and load balancing provides operational continuity and improved performance

17 © 2013 IBM Corporation

17
MFT product offerings from IBM

IBM Sterling® Secure Proxy

18 © 2013 IBM Corporation

18
MFT product offerings from IBM

IBM Sterling® Control Center

IBM Sterling® Control Center gives you a consolidated view of the entire file transfer
environment – plus the power to respond quickly and efficiently to exceptions, and changes
in the environment.

Improve SLA performance with centralized exception management, notifications, rules,

events and reporting

Meet compliance and regulatory requirements through policy definition, auditing and
reporting

Simplify managing the file transfer network through central configuration management

19 © 2013 IBM Corporation

19
MFT product offerings from IBM
IBM Sterling® Control Center
Control Center Console
• Provides visibility into file transfer processing across supported file transfer servers within the network
• Displays properties about managed servers, including IBM Sterling Connect:Direct and/or SterlingB2B
Integrator version number, license information, and high watermark for servers
• Retrieves information about active and completed processes
• Suspends, resumes, and deletes processes
• Defines user roles and security capabilities
• Web browser access with drill down dashboards

Monitoring Service
• Displays alerts and sends notifications about process failures or processes that might not complete on
time
• Monitors file transfer activity:
– Server, daemon, and adapter status (up or down) even in clustered environments
– File transfer errors, exceptions and even successes, regardless of platform, location, protocol
– Business processes

Rules Engine
• Simply define rules about events and actions similar to e-mail inbox rules (for example, send a
notification when a server license is going to expire, or a transfer is late)
• Defines match criteria and trigger actions
• Defines schedules, processes, file names, and other metadata all through a simplified GUI interface

20 © 2013 IBM Corporation

20
MFT product offerings from IBM
IBM Sterling® Control Center
Audit and Compliance
• Consolidates and normalizes file transfer and process data from managed servers into a single SQL
database
• Generates over 35 standard reports
• Embedded IBM Cognos® reporting for:
– Activity and throughput analysis
– Operational audit
– Proof of transactions
– Error analysis
• Control user access to specific data, through criteria based, “data visibility groups”

21 © 2013 IBM Corporation

21
MFT product offerings from IBM
IBM Sterling® Control Center

22 © 2013 IBM Corporation

22
MFT product offerings from IBM

IBM Sterling® File Transfer Service

IBM Sterling® File Transfer Service is a Cloud Service for file-based business-to-business
(B2B) interactions. An alternative to on-premise software, Sterling File Transfer Service
allows customers to manage a single, secure, reliable connection to reach their Business
Partners without the capital expense associated with on premise software or the operational
impact on IT staff

Reduce IT operational and infrastructure costs – Secure cloud-based file transfers,

reduce capital expenses in software and infrastructure and offload Business Partner setup
and support activities to IBM’s skilled professionals

Reduce B2B file transfer complexity – Consolidate redundant file transfer servers,
software and Business Partner connections and leverage IBM’s expertise and experience to
optimize the delivery of B2B file transfers

Grow their business – Leverage our cloud-based, scalable B2B file transfer infrastructure
and support services to respond to business demand for more Business Partner
connections and collaboration

23 © 2013 IBM Corporation

23
MFT product offerings from IBM
IBM Sterling® File Transfer Service
Standards and protocols
• Industry protocols: FTP, FTP/S, S/FTP, OFTP2, and AS2
• Utilize Zip to compress files

Centralized monitoring and management

IBM® Sterling InFlight Data Management visibility tool provides users:
• Reports and alerts for exception based monitoring and event management
• Real-time views into file exchanges with trading partners – all files tracked from start to finish
• Timely and accurate audit trails for all file transfer activity
• Mobile access to search, view and track transfers

Security and governance

• Connect to Sterling File Transfer Service via a secure protocol, including IBM® Sterling
Connect:Direct®
• PGP encryption secures files in-flight
• Single sign on user access
• Administrator IDs manage user access permissions and control screen level access
• Transfer logging provides a complete audit trail of file transfer activities

24 © 2013 IBM Corporation

24
MFT product offerings from IBM
IBM Sterling® File Transfer Service
Scalability
Sterling File Transfer Service scales with your demand with minimal impact on your resources and
infrastructure
• Flexible consumption models – based on file sizes, volumes, and number of partners
• Process high volumes and large files within the capabilities for each protocol without compromising
performance

File transfer automation

• A single, secure connection with Sterling File Transfer Service reaches your partners
• Retry capabilities automate the replay and resend of failed transfers
• Intelligently route files based on sender, file name, and file type
• Protocol conversions in the cloud leverage partners’ existing protocols

Outsourced services
Leverage IBM’s skilled personnel to manage your B2B file transfer environment with:
• Onboarding services to support your transition to Sterling File Transfer Service
• The geographical coverage, language support, availability and level of expertise to meet your support
needs –including phone, Web, and e-mail support
• Partner help desk services

25 © 2013 IBM Corporation

25
MFT product offerings from IBM
IBM Sterling® File Transfer Service

26 © 2013 IBM Corporation

26
IBM Managed File Transfer Suite deployment

27 © 2013 IBM Corporation

27
CD deployment example scenario

• Receives files from

branches on a daily basis

• Depending on the branch type,

performs appropriate processing

Send investment details daily

Send banking details daily

Send card details daily

Send loan details daily

• Accounts • Home Loan • Credit card • Mutual Fund

Savings Account • Vehicle Loan • Pre-paid card • Bonds
Current Account • Personal Loan • Corporate card • Gold
• Deposits
Fixed Deposits
Recurring Deposits

28 © 2013 IBM Corporation

28
CD deployment example scenario

• Receives files from

branches on a daily basis
File Agent
• Depending on the branch type,
Connect Direct performs appropriate processing
+
File Agent

Send investment details daily

Send banking details daily

Send card details daily

Send loan details daily

Connect Direct Connect Direct Connect Direct Connect Direct

• Accounts • Home Loan • Credit card • Mutual Fund

Savings Account • Vehicle Loan • Pre-paid card • Bonds
Current Account • Personal Loan • Corporate card • Gold
• Deposits
Fixed Deposits
Recurring Deposits

29 © 2013 IBM Corporation

29
Control Center Console – sample view

30 © 2013 IBM Corporation

30
 Thank You

© 2013 IBM Corporation

31