|
|
|
|
|
MOVEit Transfer has been able to participate in AS3 transmissions as a secure FTP server for years. Traditionally, people have thought that any FTP server with basic security features such as SSL with client certificate authentication could be used in AS3 transmissions. However, operational experience and security best practices have led many to higher expectations of their AS3 FTP server.
The MDN response files returned to AS3 file senders and used for non-repudiation can be signed, but are never encrypted. To protect these important files from tampering or unauthorized view, MOVEit Transfer offers its own built-in FIPS-validated encryption and cryptographic file integrity checks while at rest and in transit.
The FTP protocol can be tricky to implement across firewalls and NAT when SSL is introduced. To deal with these challenges, MOVEit Transfer offers comprehensive, remote-readable protocol logs and features that handle almost every possible FTP over SSL or NAT configuration. Three of the technologies MOVEit Transfer uses to avoid FTP firewall problems include a configuration of limited passive server port ranges (that has been widely copied in the industry since it was introduced in MOVEit Transfer), explicit configuration of NAT and a recent technology called "Clear Command Channel" (CCC).
Finally, the auditing facility in MOVEit Transfer can be used to help complete AS3 non-repudiation chains. In order for both sides in an AS3 exchange to agree that both parties have the same file, both sides must possess the same MDN. However, if the MDN is downloaded by the original file sender but there is a later dispute about whether or not this action actually took place, MOVEit Transfer tamper-evident audit logs can be used to show that the original file sender's MDN was made available and downloaded at a specific time by a specific user connected from a specific IP address.