Advantages/Disadvantages of AS2 (Compared to AS1 and AS3)
To an outside observer, AS2 is a strange protocol. ("Why would you want to try sending SMIME-encrypted messages and picking up SMIME-signed delivery receipts over HTTP? Isn't that what email is for?") Its appeal lies largely in the fact that its "sync MDNs" make AS2 the fastest and most discrete of any of the ASx protocols because only one "external" connection between your organization and your partner is required to complete these transactions. (Any other ASx "transfer file and return MDN" operation requires at least two external connections.)
Advantage: AS2 is the most popular of the ASx protocols. Most people who support any one or two of the ASx protocols support AS2. It is a de facto standard in many industries, and an explicit standard in others (e.g., some pharmaceutical file transfer "pedigrees").
Advantage: AS2 is firewall-friendly when sending files. If you can connect to Internet-based web sites from your desktop, you can probably send AS2 files of any size and receive (synchronous-mode) AS2 MDNs for small to medium sized files.
Advantage: AS2 is the only ASx protocol that allows the sender to ask for an "immediate" (synchronous) MDN response. AS2 allows senders to request immediate, "synchronous" MDN's as part of their HTTP file transmission. Synchronous MDN responses are calculated on the fly as soon as the entire file is received and returned as the response to the file transmission over the same HTTP connection. All AS1, AS3 and "asynchronous" AS2 MDNs are expressed as files to be picked up after the original transmission is complete and closed rather than as an immediate response to the current transmission.
Disadvantage: Synchronous ("immediate") MDN responses are only appropriate for small files. Both sides must usually set up an AS2 server if large files are to transferred. AS2 transmissions involving large files can "time out" (with no "I'll get back to you" recourse) if the files sent are large. (The actual value of "large" depends on available bandwidth and timers in AS2 client, AS2 server and any intervening HTTP proxy server.) To handle large files, AS2 asynchronous MDNs may be requested instead, but these may only be requested if the file sender also owns an AS2 server on which the file receiver can post asynchronous MDNs. (In other words, "desktop AS2 clients" can 1) either send and verify small files with a synchronous MDN or 2) send large files without any MDN or verification.)
Disadvantage: AS2 requires firewall configuration and deployment of a designated AS2 server when receiving files. To receive AS2 files, you must set up your own AS2 server (usually in a DMZ network segment) and open up firewall rules that allow remote AS2 clients to connect to your AS2 server. (MOVEit DMZ fills the role of an AS2 server in the MOVEit family.) Neither AS1 nor AS3 require you to host your own server to receive ASx files.
Disadvantage: AS2 messages may be subject to HTTP proxy rules. In most situations AS2 messages are passed through traditional HTTP proxies, which means they are subject to content filters, size limits, server downtime, banned sites, "header" restrictions and other HTTP proxy issues that people may do not want to involve in file transfers with their partners. (In practice, AS2 HTTP proxy issues tend to be less of a hassle than AS1 email server issues, but "header" restrictions are probably an area to keep an eye on because AS2 depends heavily on special headers.)
Disadvantage: AS2 has no standard concept of "username" or "password" when posting files. ("Two-factor authentication" is not standard.) Both AS1 and AS3 support the traditional file transfer concept of providing a username and password before you are allowed to upload files to the server. AS2 does not. (Some AS2 servers may have implemented "basic authentication", but it is not supported in most AS2 clients.)
