Pat Townsend Updates MFT Offering for i/OS
January 19, 2010 Alex Woodie
Patrick Townsend Security Solutions last week introduced Alliance All-Ways Secure version 5.0, a new release of its managed file transfer (MFT) solution for System i customers. The product brings support for 128-bit SSH encryption over FTP (sFTP), which will allow customers to share files with banks that have standardized on sFTP. Version 5.0 also brings enhancements in the area of configuration and logging, and makes it easier for IBM i users to comply with data privacy laws, PTSS says.
Pat Townsend (the man and the company) is a recognized expert in encryption on the i/OS platform, and has been selling the Alliance All-Ways Secure file transfer product for many years. Only recently, as the use of the term MFT has taken off, has Townsend begun using this term also. But in no way is All-Ways Secure a new entry into the active MFT field.
Prior to this release, All-Ways Secure has focused on providing i/OS implementations of the Pretty Good Encryption (PGP) and Secure Sockets Layer (SSL) encryption algorithms in an FTP paradigm. PGP was used to encrypt individual files before sending them across the SSL-based FTP (FTPs) connection.
This use of PGP is somewhat unique among i/OS MFT offerings, which typically do not support PGP, says Pat Townsend, the founder and CTO of PTSS. “Our partnership with PGP Corporation brings FIPS-140 certified PGP encryption to the IBM i and I believe we are the only company that provides this level of certification,” Townsend says via e-mail. “As you know many of the compliance regulations are recommending NIST certified solutions, and we stand alone in having a FIPS-140 certified PGP solution.”
With All-Ways Secure version 5, PTSS added support for sFTP, which uses Secure Shell (SSH) encryption to protect data and is an alternative to SSL-based FTPs delivery. While sFTP is more commonly used in the Unix and Linux worlds than the i/OS world, which tends to use more SSL, it is common for i/OS MFT products to offer customers multiple data transport methods, so it’s not surprising to see PTSS add support for sFTP.
“SSH, specifically Secure Shell FTP, or sFTP, is in increasing use for secure transfers between customers and financial institutions,” Townsend says. “Because our customers need to communicate with large commercial banks using SSH sFTP, we felt it was important to add this capability to our product, and to help customers automate these transfers.”
It’s all about providing customers with choice, Townsend says. “SSH complements our SSL FTP offering. Customers can chose which protocol they want to use. Value added networks such as GXS use SSL FTP, so that is an important technology. There is even use of the older implicit SSL FTP, which we also support. There is still a fair amount of this activity,” he says.
Alliance All-Ways Secure 5.0 also introduces an implementation of PGP Command Line 9, which was released several years ago and provides an implementation of the PGP encryption capabilities that can be integrated into script-driven business processes. Townsend says supporting this PGP Corp. product provides customers with features and capabilities above and beyond the basic features of the OpenPGP standard, such as key server support and support for Additional Decryption Key (ADK), which is important for compliance.
Version 5 also brings enhancements in the area of logging and auditing. With this release, security administrators are able to turn on logging as a matter of security policy. This eliminates the need to rely on programmers to activate this “crucial step,” PTSS says. This release also supports detailed logging of encryption and decryption events at the database column level as well as for tape, spooled file, IFS, and save file encryption, PTSS says.
Good logging and auditing practices are critical to achieving regulatory and industry compliance, Townsend says. “All of our secure file transfer solutions provide compliance logging to meet rigorous compliance regulations,” he tells IT Jungle. “Our IBM i solutions implement this type of logging to the IBM security audit journal by policy. This meets the compliance regulations to log all important security events to a non-modifiable, sequenced, and controlled system log facility.”
PTSS sells multiple products that could be considered MFT solutions. In addition to Alliance All-Ways Secure, the Olympia, Washington, company sells Alliance FTP Manager. The major difference between the two products is support for PGP encryption in All-Ways Secure. FTP Manager, by comparison, supports only SSH-based sFTP and SSL-based FTPs. The company also sells products that provide AES encryption to data as it sits on System i, Windows, Linux, and Unix servers; the Alliance Key Manager key management appliance (which shipped last summer).
Alliance All-Ways Secure 5.0 is available now. Pricing was not provided by the vendor. For more information, see the PTSS Web site at www.patownsend.com.