Townsend Security Data Privacy Blog

Managed FTP Services on the IBM i – Look for These 8 Features

Posted by Patrick Townsend on Aug 8, 2016 1:03:03 PM

In a previous blog I talked about the security features that you should find in a Managed FTP solution. Of course, we look for the security components first as we want to be very sure that our data is protected in transit and at rest when it arrives at its destination. But with the high volume of FTP transfer activity in the modern organization; we also want to find a number of automation and management features in our Managed FTP solution. That’s the focus of today’s blog.

Secure Managed File Transfer for IBM i Here are the eight main elements of a Managed FTP solution for the IBM i (iSeries, AS/400) platform:

  1. Automation

  2. Scheduling

  3. Application integration

  4. Diagnostic logging

  5. Notification and Exception handling

  6. Resource management

  7. File system support (DB2, IFS, etc.)

  8. Commands and APIs

Let’s take these areas one at a time.

Automation: By its nature FTP is a manual process. This is one of the original protocols of the Internet and it was designed as a command line facility. But our modern IT systems need a solution that is hands-off and lights-out. A good Managed FTP solution should allow you to fully automate both inbound and outbound file transfers. And because our IBM i servers are often located inside the firewall, we need to be able to detect and pull files that are available on remote and external servers. We sometimes call this the automatic scan of remote servers and it is a critical automation component. Your Managed FTP solution should allow you to automate every aspect of sending and receiving files, including encryption of files you are sending and decryption of files that you receive.

Scheduling: Many file transfers have to happen at a certain time of day. This means that your Managed FTP solution should provide for intelligent scheduling of file transfers. Scheduled transfers might happen hourly, once a day, once a week, or once a month. But the scheduling facility should accommodate your transfer needs. Additionally, the ability to schedule a transfer through a third party scheduling application should be fully supported.

Application integration: When you receive a file via FTP it should be possible to automatically decrypt the file and automatically process it into your applications. This level of automation removes the need for human intervention and provides data in a timely fashion to your applications and ultimately to your users. Look for your Managed FTP solution to provide callable exit points, library and IFS directory scan facilities, and plenty of sample programs that you can use to start your automation projects.

Diagnostic logging: It is easy to underestimate the importance of built-in diagnostic logging in a Managed FTP solution. When you are processing many files every day, and when you are processing time critical files (think payroll files), you have to be able to identify the cause of a transfer problem very quickly. A diagnostic log should be available for every transfer and should clearly identify the causes of failures. FTP sessions can fail for a wide variety of reasons including network outages, password changes, remote configuration changes, expired certificates and keys, and many other issues. The presence of diagnostic logging means the difference between a long night hunched over a terminal or a leisurely trip to the pub!

Exception handling: A good Managed FTP solution will tell you when things go wrong. From my point of view this is both a good thing AND a bad thing. We have customers who run our solutions for years and forget that they are there! But this is what you want. A Managed FTP solution should tell you when a transfer failed and give you some clues on the resolution. In our Managed FTP solution notifications are done by email and you have a lot of choices – you can get notified on failure, notified on successful transfer, or notified on all activity. But it is the ability to get notified on failure that is so critical.  Exception handling should also include automatically retrying a failed transfer operation. Look for the ability of your Managed FTP solution to retry a transfer at least three times before reporting a problem!

Resource management: We don’t think of FTP as a CPU or disk intensive operation, and that is generally true. But imagine what it might be like to transfer several thousand files a day!  Those small individual file transfers start to add up in terms of resource utilization pretty fast.  Your IBM i Managed FTP solution should allow you to manage job priorities, schedule transfers during off hours of light usage, manage CPU time slice and pool allocations, and many other aspects of resource management.

File system support: As IBM i users we have a lot of data stored in DB2 files and tables. But we also may have a lot of information stored in the Integrated File System (IFS). A Managed FTP solution should support these file systems for both inbound and outbound transfers. Also consider those special file system requirements. Can you manage file transfers in a Windows network shared folder? Or a Linux/Unix NFS mounted volume? Or in a mounted drive for a remote IBM i server through the File400 folder? These can be important features for an IBM i solution.

Commands and APIs: Last but not least, there are always things we can’t do with the ready-to-use features of a Managed FTP solution. We will want to have access to IBM i commands and APIs to help us handle those special situations. In our Alliance FTP Manager solution we give you access to every single FTP operation directly from your RPG and CL applications. You can perform every aspect of an FTP session under program control, and know if it was success or failed, and why. And of course, command interfaces make it easy to put or get a single file. You might not initially miss the rich set of APIs, but the day will come when you need them!

In this blog I’ve tried to give you a feel for the basic set of features that you should find in a Managed FTP solution. You can learn more about our Alliance FTP Manager solution for the IBM i platform here.

Patrick

Secure Managed File Transfer for IBM i

Topics: Managed File Transfer, Secure Managed File Transfer, FTP Manager for IBM i