8 Features to Look for in a Managed FTP Solution for IBM i
Syncsort recently acquired the IBM i encryption and security products of Townsend Security. The article below is an update to their popular blog post on the importance of encryption in the financial services industry.
When reviewing a Managed FTP solution, the first priority is its security capabilities to assure that data is protected in transit, and that it stays protected at rest when it arrives at its destination. With the high volume of FTP transfer activity in today’s organizations, you also need your Managed FTP solution to have rich automation and management features as well. Here are 8 main elements to look for in a Managed FTP solution for the IBM i (iSeries, AS/400) platform:
- Application integration
- Diagnostic logging
- Notification and exception handling
- Resource management
- File system support (Db2, IFS, etc.)
- Commands and APIs
Let’s review each of these in more detail.
By its nature, FTP is a manual process. This is one of the original protocols of the Internet, and it was designed as a command line facility. But modern IT systems requires a hands-off solution.
A good Managed FTP solution should allow you to fully automate both inbound and outbound file transfers. Also, because IBM i servers are often located inside the firewall, you may need the ability to detect and pull files that are available on remote and external servers. Sometimes this is called automatic scanning of remote servers, and it is a critical automation component. Your Managed FTP solution should enable you to automate every aspect of sending and receiving files, including encryption of files you are sending and decryption of files that you receive.
Many file transfers must happen at a specific time of day, such as end-of-day ACH transfers. Because if this, your Managed FTP solution should provide for intelligent scheduling of file transfers. Scheduled transfers might happen hourly, once a day, once a week, or once a month. You’ll want to confirm that the scheduling facility can accommodate your transfer needs. Additionally, the ability to schedule a transfer through a third-party scheduling application should be fully supported.
When you receive a file via FTP, it should be possible to automatically decrypt the file and then automatically process it into your applications. This level of automation eliminates the need for human intervention to more quickly provide data to your applications and users. Look for a Managed FTP solution that provides callable exit points, library and IFS directory scan facilities, and plenty of sample programs that you can use to start your automation projects.
Be careful not to underestimate the importance of built-in diagnostic logging in a Managed FTP solution. When you are processing many files every day, and when you are processing time-critical files (think payroll files), you must be able to identify the cause of a transfer problem very quickly.
A diagnostic log should be available for every transfer, and it should clearly identify the causes of failures. FTP sessions can fail for a wide variety of reasons, including network outages, password changes, remote configuration changes, expired certificates, expired keys… the list of possible issues is long. The presence of diagnostic logging could mean the difference between a long night hunched over a terminal or a leisurely dinner!
A good Managed FTP solution will tell you when things go wrong. We have customers who run our solutions for years and forget that they are there! But that is what you want. A Managed FTP solution should tell you when a transfer fails and give you some clues on the resolution. In Syncsort’s Managed FTP solution notifications are sent by email, and you have a lot of choices about what you receive – you can get notified on failure, notified on successful transfer, or notified on all activity. The ability to be notified on failure is absolutely critical.
Exception handling should also include the ability to automatically retry a failed transfer operation. Look for the ability of your Managed FTP solution to retry a transfer at least three times before reporting a problem.
We don’t think of FTP as a CPU or disk intensive operation, and that is generally true. But imagine what it might be like to transfer several thousand files a day! Those small individual file transfers start to add up in terms of resource utilization quickly. Your IBM i Managed FTP solution should allow you to manage job priorities, schedule transfers during off-hours of light usage, manage CPU time slice and pool allocations, and many other aspects of resource management.
File system support
As IBM i users, we have a lot of data stored in Db2 files and tables. Additionally, we also may have a lot of information stored in the Integrated File System (IFS). A Managed FTP solution should support both of these file systems for inbound and outbound transfers.
You should also consider special file system requirements. For example, can you manage file transfers in a Windows network shared folder? Or a Linux/Unix NFS mounted volume? Or in a mounted drive for a remote IBM i server through the File400 folder? These can be important features for an IBM i solution.
Commands and APIs
Finally, there are always things that cannot be done with the ready-to-use features of a Managed FTP solution. In these circumstances, you will want to have access to IBM i commands and APIs.
Syncsort’s Assure Secure File Transfer provides access to every single FTP operation directly from RPG and CL applications. You can perform every aspect of an FTP session under program control and know whether it succeeded or failed (and why). And of course, command interfaces make it easy to put or get a single file. You might not initially miss the rich set of APIs, but the day will come when you need them!
You now know the basic features to look for in a Managed FTP solution. Assure Secure File Transfer has them all – download the product sheet to learn more.
For more information on secure file transfers, read our eBook: The Essential Guide to Secure and Managed File Transfers on the IBM i