So you have to transmit some files, huh?
When was the last time you found yourself on a project that didn’t involve some degree of file transmission?
No, that one doesn’t count…
Ok, so maybe you occasionally have a solution that doesn’t require any file delivery but every architect worth his weight in .csv files is going to come across this task at some point and have to choose between a litany of options for how to skin this proverbial cat. The question is: How do you decide which method is the best for you and your organization?
Let’s talk about some protocols.
File Transfer Protocol (FTP)
What is it?
At its most basic level, FTP is a method of delivering files. A user/system will generally connect to an FTP server by providing an ID/Password combination over a single “control” channel (e.g., port 21). Once granted access, the system/user can transfer files to the server over server-specified passive “data” channels (e.g., ports 2000-2500). This inbound and outbound traffic will have to be configured on both the client and the server.
All of this communication is handled in clear-text which means it is susceptible to interception.
When should I use it?
On its own, without any protective encryption – never. If the data you’re transferring is of no value or you’re not concerned about anyone tampering with it or gaining access to your system, then by all means knock yourself out. However, you’ll be hard pressed to find any security engineer who would support FTP in favor of other more secure solutions. However, if you’re just uploading funny pictures of cats to your personal website at home, then have at it… they sure do love sinks don’t they?
File Transfer Protocol Secure (FTPS)
What is it?
FTPS is essentially the same model as FTP only it is secured with SSL/TLS. There are still both “control” and “data” channels but by using this extra layer, both the username/password credentials and the content itself are being encrypted.
When should I use it?
FTPS can be a nice option when you’re working with sensitive information that needs to be secured, however, there are some limitations to the protocol that should be noted. FTPS requires the server to open up a large range of ports as it is configured just like standard FTP. As a general rule in security, you want to limit the points of entry to your system whenever possible so this isn’t ideal.
Additionally, FTPS does not provide the level of performance that you would see from a solution like the Managed File Transfer options listed below. If there are specific Service Level Agreements (SLAs) that the solution must adhere to, then this may not be your best option.
SSH File Transfer Protocol (SFTP)
What is it?
SFTP differs from the above methods in that it does not require both a “control” channel or a “data” channel which, as noted earlier, is a benefit when it comes to managing your firewall. All traffic (inbound and outbound) is handled over a single defined port – namely the SSH (secure shell) protocol.
When to use it?
SFTP is the preferred solution when security is important but cost is a factor (i.e. An Enterprise Managed File Transfer solution is not a viable option).
Managed File Transfer
What is it?
When it comes to transferring files, these strategic, enterprise-grade solutions are the bees’ knees. There are many vendors out there in the landscape but they all essentially provide the same things: Increased security, regulatory compliance, automated file transfers, unmatched performance, auditing, etc.
IBM Gentran Integration Suite (aka Sterling or GIS) has been the leader of the pack lately but other products are starting to emerge such as GlobalSCAPE or Axway.
These solutions generally offer the ability to integrate with multiple protocols while also offering their own. For instance, IBM offers the Connect:Direct w/ SecurePlus native protocol which is a very secure and efficient way to deliver files.
When to use it?
When available, this is the way to go. Obviously, if the resources are not available then another option would have to be pursued. However, I’d trust this solution with my 16 year old daughter any day of the week and twice on Sundays.
These are a few of the most common transmission methods that you’ll likely encounter. As you can see, each comes with its own sets of pros and cons and which is the correct deployment for your solution will be subjective.
Feel free to reach out to info@sysflow.com for more information.
Latest posts by Steve Biondi (see all)
- So you have to transmit some files, huh? - Jun 12, 2013