The MOVEit product family implements a complete AS1, AS2 and AS3 file transfer solution. MOVEit products can be used to send and receive files using any of these three protocols.
Different combinations of MOVEit products are required to implement the different protocols:
There are a few unusual exceptions to these rules:
The following table summarizes the roles MOVEit products play in providing AS1, AS2 and AS3 services.
See also (on their respective "AS1, AS2 and AS3 - The ASx Protocol" pages):
MOVEit DMZ supports any AS2 client that has been "Drummond" or "eBusinessReady" certified; the software MOVEit DMZ uses to handle incoming AS2 files and MDNs has itself been certified "eBusinessReady" under a program now managed by Drummond.
MOVEit DMZ has been able to participate in AS3 transmissions as a secure FTP server for years. Traditionally, people have thought that any FTP server with basic security features such as SSL with client certificate authentication could be used in AS3 transmissions. However, operational experience and security best practices have led many to higher expectations of their AS3 FTP server.
The MDN response files returned to AS3 file senders and used for non-repudiation can be signed, but are never encrypted. To protect these important files from tampering or unauthorized view, MOVEit DMZ offers its own built-in FIPS-validated encryption and cryptographic file integrity checks while at rest and in transit.
The FTP protocol can be tricky to implement across firewalls and NAT when SSL is introduced. To deal with these challenges, MOVEit DMZ offers comprehensive, remote-readable protocol logs and features that handle almost every possible FTP over SSL or NAT configuration. Three of the technologies MOVEit DMZ uses to avoid FTP firewall problems include a configuration of limited passive server port ranges (that has been widely copied in the industry since it was introduced in MOVEit DMZ), explicit configuration of NAT and a recent technology called "Clear Command Channel" (CCC).
Finally, the auditing facility in MOVEit DMZ can be used to help complete AS3 non-repudiation chains. In order for both sides in an AS3 exchange to agree that both parties have the same file, both sides must possess the same MDN. However, if the MDN is downloaded by the original file sender but there is a later dispute about whether or not this action actually took place, MOVEit DMZ tamper-evident audit logs can be used to show that the original file sender's MDN was made available and downloaded at a specific time by a specific user connected from a specific IP address.
MOVEit Central calculates and stores an MDN for every ASx message it processes whether or not an MDN was requested. This feature allow operations to temporarily disable automatic MDNs and send them later using another channel if the MDN delivery channel has been temporarily disrupted. This will not work for synchronous MDNs, for obvious reasons.
All file transfers, including ASx message operations (and their MDNs), are logged in a tamper-evident audit log.
Configurable, automatic retries on file transfers and MDN transfers.
Time-saving configuration prevents you from having to completely redefine each new file transfer with the same partner and to save steps with new partners.
MOVEit does not support the "RC4" encryption algorithm, although this algorithm could be supported in a future version if necessary. (Contact Ipswitch if you need to support this non-FIPS algorithm.)
MOVEit does not support GET-method AS2 messages. Some AS2 clients support these type of messages, but POST-method submissions are the industry standard (and generally regarded as more secure and less work for operations).