MFT - SFG - SCC - SCM explanations

Mirjana's picture
Note: This document is created based on Sterling Commerce documentation and articles!!
MFT - Managed File Transfer
IBM® Sterling Managed File Transfer is the market-leading solution for secure data movement that enables enterprises to gain control and oversight of the massive movement of critical corporate data to facilitate data growth, reduce security risk, and improve IT and business efficiency.
The Sterling Managed File Transfer solution is delivered through multiple products that can work standalone, or even better when together. The products are:
  • IBM® Sterling Connect:Direct®—Point-to-point file transfer software optimised for high-volume, assured data delivery of files within and between enterprises.
  • IBM® Sterling Connect:Direct® Secure Plus—An add-on that provides configurable authentication and encryption.
  • IBM® Sterling Control Center—A management solution for all your file transfer activity.
  • IBM® Sterling File Accelerator—High-speed TCP alternative that can increase transfer speed by up to four times.
  • IBM® Sterling File Gateway—An SOA based solution which allows you to incorporate your file transfer communities into all your business processes and incorporates Web-based interfaces for customer self- services and rapid onboarding.
  • IBM®Sterling External Authentication Server - allows you to implement extended authentication and validation services for Sterling Commerce products, referred to as client applications.
  • IBM® Sterling Secure Proxy—An application proxy for securing file transfers across your organisation's demilitarised sone (DMZ).

IBM® Sterling Connect:Direct
Transfer multi-gigabyte files within and among enterprises.
• Near-real-time integration for diverse applications
• Data delivery at the right destination and time
• Proven reliability in demanding industries
• Timely and accurate audit trails and reports for all file transfer activity
• Highly scalable
• Built-in automation and checkpoint restart allows lights-out operation
In this new era of rigorous security and shorter processing windows, IBM® Sterling Connect:Direct is the point-to-point file transfer software optimized for high-volume, secure, assured delivery of files within and among enterprises. Sterling Connect:Direct can deliver your files with:
  • Predictability—Assures delivery via automated scheduling, checkpoint restart, and automatic recovery/retry
  • Security—Ensures that your customer information stays private, and that your file transfers are auditable for regulatory compliance via a proprietary protocol, authorization, and encryption (FIPS 140-2, and Common Criteria certified)
  • Performance—Handles your most demanding loads, from high volumes of small files to multi-gigabyte files
IBM® Sterling File Gateway
Bring B2B file transfer under a service oriented platform.
• Pre-built templates simplify automation for file processes
• Central management of user roles, responsibilities, and policies
with auditing
• Enable business user visibility for B2B document flow
• Comprehensive support for industry-standard protocols
IBM® Sterling File Gateway consolidates disparate centers of file transfer activity, and facilitates the exchange of file-based information securely, in any format, protocol, and file size. With its advanced on-boarding features, extensive communication-channel support, and improved business process management; Sterling File Gateway improves operational execution and time to revenue through a centralized and secure B2B-enabled managed file gateway. Sterling File Gateway solutions offer:
  • A single, secure solution for file transfer—Handles large files and high messaging volumes in any format, any protocol, and any number of external connections
  • Enhanced security and risk management—Offers secure protocols, encryption methods, certificate types, digital signatures, and identity management tools to ensure data integrity
  • Visibility for better management—Leads to better decision making, faster response, and more satisfied customers and business partners
IBM® Sterling File Accelerator™
Speed the delivery of large files over high speed networks.
• High speed transport reduces delays on high capacity networks and dramatically increases transfer speeds
• Built-in congestion control to share available bandwidth with other business applications
• Leverages Sterling Connect:Direct
Digital content explosion is creating bottlenecks
Regardless of the industry, the volume and size of file-based content is causing delays in critical business processes. This extends from check images, patient information, and media and entertainment content, to price updates, backups, and seismic data. Faster network pipes can help, but there is an inherent problem with TCP/IP and network latency that effectively limits how fast TCP/IP transfers can go, regardless of the line speed.
Accelerate your transfers and the business processes they drive
IBM® Sterling File Accelerator diminishes the effect of network latency on large file transfers for more efficient use of your existing large bandwidth line. The result is transfer speeds up to four times faster compared to TCP/IP on the same high speed line. Here's what it means for you:
  • Meet tighter processing windows through a new thinner and stateless protocol that works directly on your existing IP network
  • Cooperatively share the high-speed circuit though built-in congestion control mechanisms
  • Works with IBM® Sterling Connect:Direct® as an alternate transport for our industry leading file transfer product
IBM® Sterling Control Center™
Manage file transfer activity across all your file transfer servers including Connect:Direct, FTP, and Sterling File Gateway.
• Proactive SLA management gives you notification in time to correct problems
• Central visibility and tracking for all data movement activities
• Central configuration management allows you to create,
update, and delete configuration objects with security and logging
• Policy definition and auditing for configurations
As file transfer operations grow, processes need to be monitored and managed across a larger number of servers, applications, business units, time zones, locations, customers, and trading partners. As volumes increase so do exceptions, and your ability to quickly identify, troubleshoot and resolve exceptions will differentiate your business.
Improve customer satisfaction with real-time visibility and control
IBM® Sterling Control Center gives you a consolidated view of your entire file transfer environment—plus the power to respond quickly and efficiently to exceptions, and changes in your environment. Sterling Control Center helps you:
  • Improve SLA performance with centralized exception management, notifications, rules, events, and reporting
  • Meet compliance and regulatory requirements via policy definition, auditing, and reporting
  • Simplify managing your file transfer network through central configuration management 
IBM® Sterling Secure Proxy™
Implement tighter security policies for Internet-based file transfers.
• Session break in the demilitarized zone (DMZ) ensures that no internal service is exposed to attack
• Perimeter security enables the use of the Internet to replace dedicated lines
• Government certified encryption can ensure the safety of consumer data
• Secure protocols, encryption methods, digital signatures, and identity management tools enable you to pass audits
IBM® Sterling Secure Proxy is a demilitarized zone (DMZ)-based application proxy that protects your file transfers from the public Internet, by enforcing tight controls that include trading-partner authorization, multi-factor authentication and session break all before the transfer ever enters your trusted zone. Sterling Secure Proxy will help you:
  • Guard against unauthorized access and reduce data vulnerability to protect your brand
  • Leverage the Internet to lower your file transfer cost and grow your file transfer community
  • Comply with regulatory policies and pass tougher security audits
IBM® Sterling External Authentication Server
Sterling External Authentication Server (EA) allows you to implement extended authentication and validation services for Sterling Commerce products, referred to as client applications. EA includes a server that client applications connect to and a GUI that you use to configure EA requirements.
For SSL or TLS authentication, the connection between EA and the client application is authenticated. Then, the client application sends a request that contains a certificate chain and/or a user ID and password.
  • EA uses the certificate validation or authentication definition that corresponds to the profile name referenced in the request to perform the requested operations.
  • For SSH authentication, the client application sends a request to EA that contains a profile name, user ID, or SSH public key.
  • EA uses the configuration information in the profile to bind to an LDAP directory and look up the SSH key assigned to the user. It also performs an attribute assertion to match the key provided against the list of keys found in the LDAP directory.
  • EA supports a flexible configuration to meet a variety of certificate validation and user authentication and authorization needs. You can configure:
  1. TCP ports (listeners)
  2. SSL/TLS protocol operation
  3. System-wide server connections
  4. Logging operation
  5. Other global system parameters
  6. After you configure the system, create certificate validation and user authentication definitions.
  7. A certificate validation definition specifies validation of certificates against certificate revocation lists (CRLs) and allows validation using attribute queries and assertions. It can include validation using a custom exit to a Java class or an operating system command (for running a program or script).
  8. Authentication definitions configure multifactor authentication using SSL client certificates,SSH keys, user ID and password, and client IP address as factors. They also enable applicationoutputs to allow you to map attributes, such as login credentials that are returned to a query, tooutputs you specify.
IBM® Sterling Connect:Express
IBM® Sterling Connect:Express® is a multi-platform, multi-protocol solution for secure, automated, high performance file transfers over "open" French and European protocols, including PESIT and ETEBAC. It allows for the control, security and automation of file transfers across networks of heterogeneous machines and supports a wide range of operating systems and protocols.
Packaged with its own scheduling capability used for triggering connections to exchange partners Sterling Connect:Express:
  • Manages simultaneous, bi-directional transfers with one or more partners. Partner can have Sterling Connect:Express or any other product that uses one or more of the supported protocols.
  • Optimises flow-through data compression.
  • Integrates file transfers to applications.
  • Offers security functions including system protection and secured access to files.
  • Automates transfers, deliveries, connections and procedures.
  • Supports numerous protocols, equipment and transfer types.
  • Permits the export of large amounts of transfer statistics and information.

AFT - Advanced File Transfer
AFT Advanced File Transfer represented a first generation solution to enable enterprise-level file transfer. It offered consolidated partner configuration and onboarding and enabled streamlined definition of file exchange relationships.
  • Sterling Integrator's Advanced File Transfer (AFT) feature provides reliable, secure, scalable B2B content distribution and Web services across business boundaries, communication modes, and document formats.
  • AFT is a centralized and dynamic file exchange platform for secure transfer of files within and between organizations. It provides end-to-end visibility of file movement in an event-driven, process-oriented, highly scalable framework. These capabilities enable you accelerate new product introduction, improve customer service, rapidly enable AFT partners, and improve operational efficiencies.
  • Sterling Integrator's AFT is built on an extensible Java and J2EE-based architecture that supports comprehensive Internet protocols, document-oriented and stream-oriented processing, advanced application integration, mailboxing, and complete integration with Connect:Direct and Connect:Enterprise UNIX server products. AFT supplies a reliable and secure operational data exchange environment by implementing a policy-based automation and file transfer routing infrastructure.
The primary features of Sterling Integrator AFT are:
1.      Routing – file transfer based on policies and profiles
2.      Visibility – communication adapters record events for monitoring and reporting
3.      Notifications – subscriptions for notification of AFT events to AFT partners by email
4.      Onboarding – streamlines the establishment of AFT partner relationships
5.      Predefined business processes – reduces the number of custom business processes
6.      Extensible – custom features can be added to support additional situations
  • Within Sterling Integrator, you can configure the monitoring capability of the AFT Router. Routing enables a producer of data to direct a file to a particular consumer of that data. In this scenario, the producer and consumer are AFT partners of the router. Partners can be external, such as customers or suppliers, or internal, such as business units of the entity hosting the router.
  • Administrators organize partners into AFT communities for ease of administration and to tailor the set of protocol choices that different AFT partners can employ. Every AFT partner belongs to a defined AFT community.
  • An AFT partner with a mail box accessed over a protocol that is set up by the administrator initiates protocol connections. Alternatively, AFT partners can listen for connections from the router. AFT partners can be either consumers or producers of data. If they initiate connections to their own mail box, they are both a consumer and a producer.
Sterling File Gateway represents the next generation for enterprise-level file transfer. It includes all the features of AFT, and adds the following new capabilities:
  • A Partner still belongs to exactly one community but it can belong to more than one partner group, which is a way to combine partners for business purposes.
  • An Integration Architect can configure the Sterling File Gateway mailbox hierarchy to match that which Partners are already familiar with.
  • The structure for mailboxes is flexibly defined.
  • Sterling File Gateway can perform format unwrapping and wrapping for the ZIP, GZIP and PGP formats.
  • Sterling File Gateway can extract facts from file names and use them for routing and delivery, and as input for generating the file name the consumer sees.
  • Producer and consumer mailboxes are no longer tightly constrained as they were with AFT. Both producer and consumer mailbox patterns can be built from facts available when a routing channel is provisioned; consumer mailbox patterns can also include facts that are only available when a file is being routed.
SFG – Sterling File Gateway
SFG - Sterling File Gateway is an application for transferring files between internal and external partners that can be using different protocols, different file naming conventions, and different file formats.
SFG uses SI as a platform, and every action done through SFG is executed in SI, but web application added for configuration and visibility in SFG is completely new, and one who is uses it does not have to be aware of SI in a background.
SCM – Sterling Community Manager
Sterling Integrator allows you to integrate with Sterling Community Manager to help you manage on-boarding activities with your Trading Partners. You will be able to reduce the need for manual on-boarding and eliminate all duplicate entry efforts by automating the on-boarding process while communicating with your Trading Partners. During the on-boarding process, Trading Partner information is automatically sent to Sterling Integrator to enable a smooth process for transacting with other businesses.
  • When on-boarding a partner in Sterling Community Manager, a series of questions will be asked for both the sponsor and partner that when answered, produces an agreement between the two parties. The agreement represents the information exchanged and agreed upon by both parties in the form of an XML document (the Agreement XML document) or a PDF file.
  • The Agreement XML document consists of all of the pertinent information regarding a single sponsor or partner relationship. This information is processed in Sterling Integrator and referenced from the XpathResponse and XmlTag attributes. The XpathResponse attribute is an identifier that is recognized by Sterling Integrator and allows it to process information from the questionnaire data. The XmlTag attribute is a unique identifier for each questionnaire question block that is used to organize information in the questionnaires.
  • The Agreement XML document processes through a communication channel that securely connects the Sterling Community Manager and Sterling Integrator together. Each time Sterling Community Manager processes trading partner information by way of creation or update, an event is triggered containing the contents of the Agreement XML. An event handler receives the Agreement XML from Sterling Community Manager and transfers the Agreement XML content to the Communication Channel. The Communication Channel consists of a Topic and Queue hosted by a JMS Server. When an Agreement XML is posted to the Communication Channel, it is filtered through the Topic and placed on the Queue for storage until Sterling Integrator is ready to receive the messages.
  • Sterling Integrator provides a JMS Server (ActiveMQ) and has a built-in JMS adapter. The JMS Server and adapter are used to receive agreements from the Queue. When the JMS adapter picks up the agreements, a Sterling Integrator system business process will processes the agreement against a set of converters.
  • The converters parse out the Agreement XMLs and processes them into the Sterling Integrator trading partner data tables. After the application converters are complete, Sterling Integrator will create all the necessary objects to represent the Sterling Community Manager agreement inside of Sterling Integrator. Once Sterling Integrator has processed these records, they are viewable from the Trading Partner > Setup > Advanced > Identities list page (all advanced trading profiles have this option).