as2 or ftp: what’s best for your company - · pdf fileas2 or ftp: what’s best for...

AS2 or FTP:What’s Best for Your Company

John Radko, Chief Technology Strategist, GXSRochelle Cohen, Sr. Product Marketing Manager, GXS

May 19, 2011 | Slide 2 | © 2011 GXS, Inc.

Family Feud: AS2 Versus the FTP ClanSelecting the Right Option for Your B2B Needs

May 19, 2011 | Slide 3 | © 2011 GXS, Inc.

Agenda

AS2 vs FTP John Radko– Review of basics– How do they work?– How to choose the best one?

GXS Solutions for Connectivity Rochelle Cohen– Options available– Additional services

Q&A

May 19, 2011 | Slide 4 | © 2011 GXS, Inc.

What Is a Protocol?

Client? Server?

Channel?

To illustrate the basics of a communication protocol, let’s buy some furniture…

May 19, 2011 | Slide 5 | © 2011 GXS, Inc.

IKEA Protocol for Furniture Transfer

Client

May 19, 2011 | Slide 6 | © 2011 GXS, Inc.


Client

Server

May 19, 2011 | Slide 7 | © 2011 GXS, Inc.


Channel

Client

Server

May 19, 2011 | Slide 8 | © 2011 GXS, Inc.


Synchronous Request/Response(you go to the store, find it, put it on a cart, buy it, and drive it home.)

Channel

Client

Server

May 19, 2011 | Slide 9 | © 2011 GXS, Inc.

N.C. Furniture Protocol

Client

May 19, 2011 | Slide 10 | © 2011 GXS, Inc.


Client

Server

May 19, 2011 | Slide 11 | © 2011 GXS, Inc.


Request

Channel

Client

Server

May 19, 2011 | Slide 12 | © 2011 GXS, Inc.


RequestResponse

Channel

Client

Server

May 19, 2011 | Slide 13 | © 2011 GXS, Inc.

Understanding a Comms Protocol

Clients are requesting data (in the B2B scenario) or services

Servers are providing the data or services The Channel is how the request and data

move (may be combined or discrete) Client/Server is a role – a given system may be

both depending on the situation (AS2)

May 19, 2011 | Slide 14 | © 2011 GXS, Inc.

Looking at the Protocol Families…

May 19, 2011 | Slide 15 | © 2011 GXS, Inc.

A Shared “Family Tree”

Internet Protocol (IP)

May 19, 2011 | Slide 16 | © 2011 GXS, Inc.



Transport Control Protocol (TCP) (UDP)

May 19, 2011 | Slide 17 | © 2011 GXS, Inc.



Transport Control Protocol (TCP) (UDP)TCP/IP

May 19, 2011 | Slide 18 | © 2011 GXS, Inc.




File Transfer Protocol (FTP)

Hyper-text Transfer Protocol (HTTP)

May 19, 2011 | Slide 19 | © 2011 GXS, Inc.






FTP Secure or FTP-SSL (FTPS)

HTTP over SSL (HTTPS)

May 19, 2011 | Slide 20 | © 2011 GXS, Inc.







Applicability Statement 3 (AS3)



May 19, 2011 | Slide 23 | © 2011 GXS, Inc.






FTP Secure or FTP-SSL (FTPS)*




May 19, 2011 | Slide 24 | © 2011 GXS, Inc.

The Extended Family


Transport Control Protocol (TCP)TheInternet

FTP HTTP SMTP SSH

FTPS HTTPS SFTP

AS3 AS2

SOAP

AS1AS4EDIINT

May 19, 2011 | Slide 25 | © 2011 GXS, Inc.

ServerServer

How FTP Works (Active Mode)

FTP Client

FTP Server

Command Channel

Random port above 1023 Port 21

May 19, 2011 | Slide 26 | © 2011 GXS, Inc.

ServerServer

How FTP Works (Active Mode)

FTP Client

FTP Server

Command Channel


Data Channel

Random port +1 (1024)

Port 20

May 19, 2011 | Slide 27 | © 2011 GXS, Inc.

ServerServer

How FTP Works (Active Mode) Challenge

FTP Client

FTP Server

Command Channel


Data Channel

Port 20Firewall that HATES inbound

connections

May 19, 2011 | Slide 28 | © 2011 GXS, Inc.

ServerServer

How FTP Works (Passive Mode)

FTP Client

FTP Server

Command Channel


May 19, 2011 | Slide 29 | © 2011 GXS, Inc.

ServerServer


FTP Client

FTP Server

Command Channel


Server opens a port in the firewall for the client to use for data (>1023)

May 19, 2011 | Slide 30 | © 2011 GXS, Inc.

ServerServer


FTP Client

FTP Server

Command Channel


Data Channel

Server opens a port in the firewall for the client to use for data (>1023)


May 19, 2011 | Slide 31 | © 2011 GXS, Inc.

ServerServer

How FTP Works (Passive Mode) Challenge

FTP Client

FTP Server

Command Channel


Data Channel


Network Admin that HATES inbound connections

May 19, 2011 | Slide 32 | © 2011 GXS, Inc.

Securing FTP

VPN– Creates a secure “tunnel”– Can be used with any

protocol, not just FTP– Some standards (especially

server-to-server), but may require client install

FTPS– 2 types

• Explicit• Implicit

– Uses TLS/SSL to encrypt one or both channels

May 19, 2011 | Slide 33 | © 2011 GXS, Inc.

ServerServer

Virtual Private Network (VPN)

FTP Client

FTP ServerVPN

VPN

Sof

twar

e VPN Softw

are

May 19, 2011 | Slide 34 | © 2011 GXS, Inc.

ServerServer


FTP Client

FTP Server

Command Channel

VPNVP

N S

oftw

are VPN

Software

May 19, 2011 | Slide 35 | © 2011 GXS, Inc.

ServerServer


FTP Client

FTP Server

Command Channel

Data Channel

VPNVP

N S

oftw

are VPN

Software

May 19, 2011 | Slide 36 | © 2011 GXS, Inc.

Explicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

May 19, 2011 | Slide 37 | © 2011 GXS, Inc.

Explicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

AUTH SSL

May 19, 2011 | Slide 38 | © 2011 GXS, Inc.

Explicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

AUTH SSL

May 19, 2011 | Slide 39 | © 2011 GXS, Inc.

Explicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

AUTH SSL

Explicit FTPS is usually used so that non FTPS clients can still connect.

May 19, 2011 | Slide 40 | © 2011 GXS, Inc.

Explicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

AUTH SSL

Explicit FTPS is usually used so that non FTPS clients can still connect.

May 19, 2011 | Slide 41 | © 2011 GXS, Inc.

Implicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

May 19, 2011 | Slide 42 | © 2011 GXS, Inc.

Implicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

May 19, 2011 | Slide 43 | © 2011 GXS, Inc.

Implicit FTPS

ServerServer

FTP Client

FTP Server

Command Channel

Data Channel

Implicit FTPS always uses secured channels, but the software must support it to connect.

May 19, 2011 | Slide 44 | © 2011 GXS, Inc.

AS2 Provides Value-Added Capabilities

– Security• Data is encrypted and signed• Data is secured at all points• Digital signatures allow non-repudiation

– Message Management• Usage of “receipts” (called MDNs)• Defined service levels

– Interoperability• Extensive interoperability testing• Certification by Drummond assures

products work together

May 19, 2011 | Slide 45 | © 2011 GXS, Inc.

Public Internet or Other TCP/IP Network

How Does AS2 Work?

Partner BPartner ASender Receiver

001101…

May 19, 2011 | Slide 46 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner ASender• Sign

Receiver

001101…

May 19, 2011 | Slide 47 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner ASender• Sign• Encrypt

Receiver

001101…

May 19, 2011 | Slide 48 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner A

HTTP

Sender• Sign• Encrypt• Send

Receiver• Receive

001101…

May 19, 2011 | Slide 49 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner A

HTTP


Receiver• Receive• Decrypt

001101…

001101…

May 19, 2011 | Slide 50 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner A

HTTP


Receiver• Receive• Decrypt• Verify Signature

001101…

PARTNERA

001101…

May 19, 2011 | Slide 51 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner A

HTTP

MDN


Receiver• Receive• Decrypt• Verify Signature• Send MDN

001101…

PARTNERA

001101…

May 19, 2011 | Slide 52 | © 2011 GXS, Inc.


How Does AS2 Work?

Partner BPartner A

HTTP

MDN

Sender• Sign• Encrypt• Send• Verify MDN

Receiver• Receive• Decrypt• Verify Signature• Send MDN

001101…

PARTNERA

001101…

May 19, 2011 | Slide 53 | © 2011 GXS, Inc.

A Quick Comparison – Plus

AS2 – Ready for Business Purposely built for B2B Interoperable security Interoperable non-repudiation Built-in business grade transaction

management Proxy/firewall friendly Interoperability testing process Widely adopted in many

communities (opt) Re-start

FTP – I’m Already Here Ubiquitous, on basically every

computer Widely used in almost every

community Vast amounts of experience Nearly instant setup Low administrative overhead*

FTPS – Privacy Included Channel encryption Low administrative overhead Relatively simple

May 19, 2011 | Slide 54 | © 2011 GXS, Inc.

A Quick Comparison – Minus

AS2 – Specialist Requires special software Certificate administration Higher processing overhead (for

encryption and digital signature) More keys/IDs to manage

FTP – Master of None What security? No standard guaranteed delivery No interoperability testing No standardised document

tracking Requires two network connections Can be difficult (or impossible) to

traverse some networks (NAT)

FTPS All the minuses of FTP Not as ubiquitous as FTP

May 19, 2011 | Slide 56 | © 2011 GXS, Inc.

FTP or AS2

Gateway

A Hybrid Community to Mediate Protocols

Partners using same protocol

Partners that use a different protocol

May 19, 2011 | Slide 58 | © 2011 GXS, Inc.

Your B2B Communications Decisions

EDI Translator

EDI Data

CommunicationsSoftware

EDI Translator

EDI Data

Sending Company Receiving Company

Service Provider

Which protocol?How to connect?

CommunicationsSoftware

May 19, 2011 | Slide 59 | © 2011 GXS, Inc.

AS2 and FTP/VPNMost Popular Protocols for New GXS Clients

Protocols Selected by New GXS Clients 2008-2010

0%

5%

10%

15%

20%

25%

30%

35%

40%

45%

AS2FTP/VPN

SFTPFTPS

Other

May 19, 2011 | Slide 60 | © 2011 GXS, Inc.

Global, Flexible Connectivity OptionsEnabling Businesses to Make Technology Decisions Independent of Their Partners

FTP/VPN, S/FTP and

FTP/S

SOAP& HTTPS

AS1, AS2,AS3

Internet Protocols

OFTP, OFTP2

Async /Bisync & SNA

MQ Series

Legacy Protocols

X400

X.25

VAN Interconnect Frame Relay

Private IP Networks

(e.g., ANX, ENX)Web Forms EDI-to-Fax

Other Services

®

May 19, 2011 | Slide 61 | © 2011 GXS, Inc.

Internet

AS2 Direct Trading Partners

AS2

Real-time, efficient communications with your entire community

One implementation with GXS, GXS manages community

All the value-added transaction management services

Leverages AS2 software already in place

Reduce risk of failed connectivity

Trading Partners

Additional AS2 Services: AS2 Contingency

– Back-up access if your AS2 server goes down

AS2 Outsourcing– Comply with AS2 mandates without adding infrastructure, expense, & expertise

Your Company

Full Portfolio of AS2 Options on GXS Trading Grid

May 19, 2011 | Slide 62 | © 2011 GXS, Inc.

Full Portfolio of Secure FTP Solutions

Multiple FTP options: FTP over VPN SFTP (SSH FTP) FTPS (FTP/SSL)

InternetSecure FTP

Trading Partners

Your Company

Easy to implement

Standards based

Wide range of client software support

Multiple security options

May 19, 2011 | Slide 63 | © 2011 GXS, Inc.

GXS BizManager® SoftwareBehind-the-Firewall Connectivity Software for Every Type of User

Func

tiona

lity

BizManager400unlimited connections

BizManager BizConnectUp to 25 connections

Community Size

Windows, Red Hat and SUSE Linux, Solaris,

AIX, HP-UX

AS400

Windows, Red Hat and SUSE Linux

BizManager BizLinkunlimited connections

May 19, 2011 | Slide 64 | © 2011 GXS, Inc.

GXS Internet Connectivity Solutions for Each Business Scenario

Software

Connectivity to GXS Trading Grid

B2B Program Outsourcing

as2 or ftp: what’s best for your company - · pdf fileas2 or ftp: what’s best for...

Documents