Manycom FTP Server Automation and Security
FTP Server Automation and Security is your solution when you want to automate, secure and control the daily OS/400 or i5/OS FTP server transactions.
This solution makes it possible to use your OS/400 or i5/OS FTP server as a secured FTP server, and automatically start local pre- and post-transfer processes via CL commands and data queues configured for the FTP operations the FTP clients issue.
The base solution consists of the MCM FTPSA product, which cooperates closely with the OS/400 or i5/OS FTP server feature. FTPSA provides additional functions and features, which are needed to
- automatically pass the relevant variables such as directory and file names to the configured pre- and/or post-transfer processes, and start the processes when the FTP client issues the configured FTP operation,
- secure the FTP server, i.e. reject unauthorized FTP connections, logins, FTP subcommand as well as resource (directory, file, member, remote command) usage,
- log and control the FTP transactions.
Notice that, MCM FTPSA interacts only with the local applications and the OS/400 or i5/OS FTP server – never directly with the FTP client. Consequently, since the OS/400 or i5/OS FTP server feature alone takes care of the communications with the FTP clients, compatibility with the existing and future FTP client environments is guaranteed. Actually, the FTP client ‘sees’ only the OS FTP server, not MCM FTPSA at all.
The following figure depicts the solution structure:
The solution is very flexible with respect to how to take it smoothly into use without disturbing the already existing FTP server traffic. You can first configure the solution just to log all transactions without rejecting any transaction. After collecting for a while data to the log about the connected IP addresses, used FTP login IDs and passwords, FTP subcommands and requested resource names, you can then start to secure the server by configuring control entries for the allowed transactions.
The security control system and logic follows the principle: “What is not specifically configured as allowed, will be rejected”. Consequently, you need to configure only the allowed transactions, and all other transactions will be implicitly rejected.
See the Solution details chapter and the MCM FTPSA module description for more detailed information.