Security services

Transfer CFT offers different types of security services in order to secure communication, protect data, and control user access:

  • Transport security
  • Access management
  • DMZ enabled communication
  • File encryption at rest

After configuring the security system, you define the users and the actions that they can make on the various Transfer CFT objects. These definitions apply to objects declared within the operating systems, such as files and batch procedures, as well as Transfer CFT objects, commands, transfer requests and internal files.

Transport security

Transfer CFT implements the cryptographic protocol TLS (Transport Layer Security) and its previous version SSL (Secure Sockets Layer), which provides authentication between the parties, data confidentiality, and integrity. Additionally, Transfer CFT is FIPS (Federal Information Processing Standards) compliant.

Transport Security is ensured through a public key infrastructure (PKI), which you can managed either using Transfer CFT, PassPort PS or an external PKI.

Note Check the security options included in the license key before attempting to implement in your environment.

For more information on transport security, see the Transfer CFT Security topics.

DMZ enabled communication

Transfer CFTsupports communication in the DMZ using Secure Relay. All of the connections that use this Transfer CFT network resource transmit through Secure Relay for both incoming and outgoing connections.

*Presently not configurable from the Central Governance interface.

File encryption at rest

Transfer CFTembeds TrustedFile in order to encode and decode files in S/MIME, CMS, OpenPGP, XML Signature, XML Encryption, and XAdES (BES and EPES) format. These standards secure data at rest, independently of the data communication method.

*Presently not configurable from the Central Governance interface.

Related Links