Tumbleweed SecureTransport

Transcription

1 Tumbleweed SecureTransport Product Family Overview A Tumbleweed Communications Whitepaper

2 TABLE OF CONTENTS Introduction... 3 Key Applications... 4 SecureTransport vs. Other Means of Data Delivery... 5 Product Overview... 6 User Interfaces... 9 SecureTransport Architecture SecureTransport Standard Edition...15 SecureTransport Enterprise Edition...17 Deployment Configuration Options...19 Secure Data Delivery Functionality Secure File Transfer...22 Guaranteed Delivery...23 User Authentication and Authorization...23 Audit Trails and Tracking...26 Automation and Application Integration Client-side Automation...27 Server-side Active Agents...27 Transaction Manager...28 Integrating Third Party Technologies with SecureTransport LDAP and Microsoft Active Directory...31 Single Sign-on...31 Mail Systems...31 Sterling Connect:Direct...31 ERP and EAI Systems...31 Tumbleweed Products Integrated with SecureTransport Tumbleweed Valicert Validation Authority...32 Summary

3 This overview of Tumbleweed SecureTransport, a secure file transfer and application integration product family, highlights typical applications where Tumbleweed customers use SecureTransport today and describes product components and features that make it the most secure and highest performing secure file transfer solution with the lowest total cost of ownership. The document shows common deployment environments and modes, discusses application integration options, and describes how SecureTransport is integrated with enterprise technologies and other Tumbleweed products. Introduction Modern businesses depend on data much like the human body depends on oxygen for its fuel. Reliable and secure delivery of data within an organization and with its partners, suppliers and customers is as crucial to business operations as the heartbeat that pushes the oxygen-carrying blood throughout the human body. Increasingly, traditional paper-based or private network-based methods of data exchange are being replaced by solutions utilizing the Internet and other IP-based networks for critical data delivery. Tumbleweed SecureTransport is the recognized industry-leading open standards-based data transfer and integration solution with the:! Most security! Highest performance, reliability, and scalability! Best return on investment! Lowest total cost of ownership SecureTransport provides secure file transfer and application integration over the Internet and private IP networks. It supports enterprise-class features including comprehensive authentication and access control, interactive, automated and scheduled batch transfers, guaranteed delivery of very large files, data integrity, comprehensive logging and auditing, event-driven agents, data transformation and application integration and a wide range of inexpensive clients and other partner deployment options. Based on these attributes, its rapid return on investment (ROI), and its ability to inexpensively enable enterprise application integration, SecureTransport has been employed extensively in production applications by:! 8 of the top 10 US banks, 3 of the top 5 Canadian banks, 3 of the top 10 European banks! 12 of the leading health care insurers and claims processors! 8 US state governments, 4 Federal civilian agencies and Department of Defense! Fortune 500 companies in manufacturing, retail, pharmaceuticals, and high-tech industries! 20,000 enterprise users exchanging data with banks, insurers, suppliers, partners and government regulators 3

4 Key Applications SecureTransport is a proven solution used by major corporations to securely move business-critical data between their back-office applications and geographically dispersed offices, customers, partners and suppliers. Over 100 major corporations deploy SecureTransport at over 1000 sites. Use of SecureTransport ranges from data transfer service for financial messaging to enterprise-wide secure and reliable file transfer infrastructure for many applications and user communities. The table below shows some of the more common uses of SecureTransport. Industry Sector Banking, Brokerage, and Financial Institutions Insurance Government High Tech Manufacturing and Retail Applications! Straight Through Processing for Treasury/Cash Management, ACH, Lockbox! Payment processing, Electronic Funds Transfer, check image transfer! Purchasing cards transaction reporting, delivery of reconciliation data! Delivery of loan documents, contracts, collateralized mortgage services! Health care claims processing, payments, remittance advise delivery! Member enrollment, eligibility inquiries and other administrative transactions! Communications with business partners for policy updates and changes! Regulatory reporting, intra-agency secure document delivery! Health insurance claims, retirement benefits services! Product design collaboration, CAD/CAM, manufacturing and testing reporting! Software delivery (developer community, product distribution & updates, disk images)! EDI, contracts and other supply chain processes! Product collaboration, contract manufacturing, credit recovery Tumbleweed s SecureTransport solutions have been chosen by many of the world s top Insurance, Healthcare, Financial Institutions and Fortune 500 corporations to provide secure, reliable and automated data delivery services. Sample customers include: BANKING & FINANCE HEALTHCARE & INSURANCE GOVERNMENT ENTERPRISES ABN AMRO Bank AdvancePCS Internal Revenue Service Dell Computers ADP Aetna California HHS Dept. DST Output Alliance Data Systems Availity Connecticut Dept. of Labor General Motors AXA Financial BCBS Alabama Department of Defense Harrah s Entertainment Bank of Montreal BCBS Florida Hawaii HHS Dept. Hudson Bay Bear Stearns BCBS Kansas City LA Dept. of Mental Health Johnson & Johnson Deutsche Bank Independence BCBS Maryland Education Dept. May Department Stores JPMorgan Chase Horizon BCBS Minnesota HHS Dept Sears MasterCard Premera BCBS Texas Retiree Benefits Dept. Singapore Airlines NASD Regulations Group Health Cooperative US Treasury FMS Symantec Wells Fargo Bank MultiCare Washington HHS Dept. Verizon 4

5 SecureTransport vs. Other Means of Data Delivery You may be considering some alternative means of secure data delivery. The following table summarizes key weaknesses of some alternatives and the advantages you gain with SecureTransport. A number of these areas will be explained in further detail. Technology Weaknesses SecureTransport Advantages Traditional EDI! Very expensive (leased lines, VPN VAN charges, etc.)! Complex new partner set up! Too costly for smaller partners! Protects confidentiality, but doesn t manage file transfer! Not scalable too complex to manage for extranet use! Allows login to OS accounts! No legal-grade audit trails! Internet-based delivery infrastructure costs a lot less! Easily pays for itself in just a few months savings on VAN bills! Easy to scale down for small partners with just Web access and large partners demanding automation, mainframe access, etc.! Complete solution: guaranteed delivery, integrity, automation, integration, and data transformation! Proven scalability, reliability of SecureTransport used to link thousands of commercial clients, business partners, regulators.! Smaller partners/clients use just a web browser for secure transfers! Requires only virtual users with no OS login FTP over SSL Tools Secure Home Grown Solutions! No guarantee of data integrity or delivery! No policy-based access control! No legal-grade audit trail! File size limitations! No control over delivery or forwarding! Must maintain and extend yourself! Platform coverage is expensive! Hard to ensure security! Expensive to support new standards! Complete: guaranteed delivery and data integrity, automation, application integration, rules-based process integration! Field proven solution with many leading banks, financial networks, insurance companies, manufacturing firms, etc.! More reliable real-time delivery, guaranteed! Large file support (checkpoint/restart), firewall-friendly! Business process integration! Professionally maintained and supported product family! Available on many platforms with wide range of clients! Ongoing security reviews by customers and certification bodies! Evolving roadmap of new standards support and other features 5

6 Product Overview Banks & Other Financial Services Deployments A top 10 US bank over US$300 billion in assets is using SecureTransport to support over 70% of its file transfers, including corporate treasury and cash management data exchange with over 6,000 commercial customers. These transfers include $35 billion in monthly ACH payments as well as payroll files, positive pay, lockbox, and numerous other applications. A global investment and commercial banking conglomerate with over US$700 billion in assets under management is using SecureTransport integrated with an internal PKI to support secure document delivery for treasury & loan securitization. Tumbleweed SecureTransport is a secure, enterprise-class file transfer software product. It enables the transfer of valuable and sensitive information over the Internet in a secure, reliable manner interactively or with automation. SecureTransport is designed as Web-enabled client-server software utilizing open standards and technologies including SSL, FTP and HTTP. It includes a range of server configurations, add-on options, and software clients designed to address the varied needs of customer deployments at a low total cost of ownership (TCO). Many companies use SecureTransport to secure their extranet connections, replace costly leased lines, modem pools, and VANs, and streamline paper, fax and phone-based processes within and outside the organization. SecureTransport supports demanding, large-scale production processes in financial services, insurance, supply chain, and other areas. The figure below shows some of the common deployment components. A leading central bank is using SecureTransport to support treasury operations for federal agencies and as part of the national network supporting clearing services between 13,000 banks. A global inter-bank payment network uses SecureTransport to provide a bank-to-bank bulk data delivery for automated financial transactions between its 6,000 member banks. A top 10 US bank and a leading issuer of corporate procurement cards has deployed SecureTransport within its corporate services portal to provide reliable and confidential reporting of p-card transaction data to its corporate customers. A leading European bank with global operations uses SecureTransport in two business units around the world one of them in cash management to automate treasury operations for its corporate customers, the other in its equity trading business to provide position reports to the investment funds using their services. SecureTransport provides several advanced capabilities required for secure, robust and automated data delivery in business-critical environments. Security. To provide the highest levels of security SecureTransport incorporates state-of-the-art features to:! Protect the data during transfer and in storage! Verify user credentials and control user access! Create provable audit records! Track data transfers between parties 6

7 SecureTransport leverages the FIPS Level 1 certified crypto library, the highest level of certification available to software implementations. It also supports Hardware Signing Modules if your environment requires FIPS Level 2 through 4 certifications. Performance and Reliability. To meet the highest performance and reliability requirements of business-critical applications, SecureTransport:! Supports large numbers of concurrent connections! Optimizes throughput for delivering very large volumes of data! Leverages clusters of multiple servers for load-balancing and high availability! Scales well to support many thousands of users Return on Investment. To maximize your ROI and protect existing investments in enterprise IT solutions, SecureTransport is designed with maximum flexibility to:! Support multiple applications with interactive, automated, and scheduled batch transfers! Support diverse user communities through a wide range of protocol and security options! Easily integrate with common enterprise authentication and user management solutions Provide robust, cost-effective integration with back-end applications, databases, and customer s EAI solutions Total Cost of Ownership. To ensure that the benefits of maximum ROI flow to the customers bottom line, SecureTransport provides the lowest ongoing total cost of ownership, through:! A range of low-cost partner deployment options,! Centralized administration and auto-synchronization for clustered servers! Scalable user management methodologies including built-in support LDAP and MS Active Directory, as well as agent-based integration with centralized identity management systems! Centralized management for partner communities User Connections. Interactive and automated access is provided to support internal and external users and applications. End users have a number of options for interactive, batch, or scheduled connections:! Web browser with optional SecureTransport ActiveX control over HTTP and HTTP/S! SecureTransport GUI and command line clients over FTP, FTP/S, HTTP and HTTP/S! Third party ftp and secure ftp (RFC2228 compliant) clients over FTP and FTP/S For applications, client side integration capabilities are provided via two options:! Command line clients callable from a script or an application! Software Development Kit (SDK) with Java APIs for application integration. Back-end Application Integration. In addition to using SecureTransport for interactive data exchange many customers also take advantage of its data and application integration capabilities when using SecureTransport in conjunction with key business applications. Secure data exchange over the Internet enables cost-effective business process integration for legacy and new applications, expanding the reach of new services to a wider range of customers, suppliers and partners. Server side integration is rule-based and supports two levels of rules: 7

8 ! Event-based implicit rules trigger custom agents on a variety of user access and data transfer events, including login, directory access, upload/download, ftp/http commands.! Transaction Manager s explicit rules combine events with extended conditions and trigger multiple agents; it also supports grouping rules to create comprehensive business processes. This wide range of extensibility options enables SecureTransport to be used as an enterprise-wide platform, integrating secure file transfer into multiple business processes and applications. Business processes which required sending paper documents or computer media by post or courier, using insecure, unreliable file transfers, or paying VAN charges for EDI connections will benefit from significant reductions in turn-around time, greater security, and lower cost. Server Editions. To respond effectively to the range of the deployment requirements, Tumbleweed offers SecureTransport in Standard and Enterprise Editions. The Standard Edition supports the full range of the protocols and clients, includes an event-driven integration framework for custom agents, and supports the optional Repository Encryption module. The Enterprise Edition offers additional benefits in the area of highergrade security, more manageability for large-scale deployments, and a more advanced integration framework. The chapter on SecureTransport Architecture describes the differences between the two in more detail. 8

9 User Interfaces Users and applications can interact with SecureTransport in a variety of ways, including from the command line of a number of supported operating systems, a native Windows GUI, a Web GUI, through scripts, or the API provided by the SDK. The SecureTransport administrator can set administrative policies, create users, enable Active Agents, and perform other administrative tasks from either a web-based administrative interface or from a command line. End users also have a variety of choices for how to interact with the SecureTransport system. This section provides details about the different client-side user interfaces and the abilities each has when interacting with SecureTransport servers. The following table summarizes the capabilities of the client-side user interfaces and is followed by more detailed descriptions of the clients on various platforms. The following sections provide further details for specific components. Partner Edition The SecureTransport Partner Edition works with the SecureTransport Enterprise Edition Hub Manager to provides secure reliable file transfers from the hub to a spoke and from a spoke to the hub. Its managed registration process sets up mutually authenticated HTTP/S connections between each partner and the hub; 9

10 defines application-specific mailboxes for bi-directional transfers; manages guaranteed delivery, data integrity checking, full SSL security, and automation for file routing and processing; and consolidates logging for community-wide auditing and reporting. The Partner Edition is easy to manage and deploy either as a singleuser or application end-point, receiving incoming files from the hub and monitoring new files in the designated mailbox folders for delivery to the hub. You can also deploy it as a multi-user gateway with full remote client access for downloading incoming files and uploading outgoing files. Partner Edition (Gateway) is a mini-server that registers with the Hub, synchronizes configuration, triggers mailbox-specific actions for incoming transfers, and manages outgoing transfers. Supports folder watcher and remote client connections to receive incoming files and upload outgoing files. It also supports all the FTP, FTP/SSL, HTTP, and HTTP/S protocols for remote client connections and can be deployed as VPN-like data concentrators for data transfers with an Enterprise Edition Hub. Partner Edition (Single User) works with the Enterprise Edition Hub in much the same way as does Partner Edition (Gateway), but is designed for single user or application end-point without support for remote clients. UNIX Client The SecureTransport Client for UNIX is a command-line client that runs on Solaris, HP-UX, AIX, and Linux. You can use the command line interactively, or you can incorporate SecureTransport Client commands into a script. With the SecureTransport Client for UNIX, users can:! Reliably transfer files with auto-restart, data integrity checking, and checkpoint/restart! Schedule transfers for automated, unattended operation using native UNIX scheduler or 3 rd party system schedulers! Log on to SecureTransport using user ID and password or X.509 certificates for authentication! Upload and download files using secure FTP or secure HTTP communications, even through a firewall or proxy! Depend on secure communications through SSL encryption Windows Client The SecureTransport Client for Windows 98, NT, 2000, XP, and 2003 provides the full SecureTransport client functionality through an easy-to-use graphical interface that is familiar to Windows users. Users can select files and folders from a Windows Explorer-like view and can drag and drop icons to control file transfers. The following screenshot shows a transfer in progress from the local folder in the left pane to the server folders in the right pane. 10

11 Figure 1. SecureTransport Windows Client with Transfer in Progress With the SecureTransport Client for Windows, you can:! Reliably transfer files over unreliable connections with auto-restart, data integrity checking, and checkpoint/restart! Schedule transfers for automated, unattended operation! Depend on secure communications through SSL encryption! Log on to SecureTransport using user ID and password, digital certificates, or smart cards for authentication! Upload and download files using secure FTP or secure HTTP communications, even through a firewall or proxy The same SecureTransport Client functionality is also available from the Windows command line. You can use the command line interactively, or you can incorporate SecureTransport Client commands into a script. OS/390 and z/os (MVS) Client For enterprises that use their OS/390 mainframes in an environment that also includes UNIX and/or Windows, the SecureTransport Client for OS/390 provides secure data transfer operations to move important data to and from mainframes in a secure manner. The SecureTransport Client for OS/390 is a command-line client that runs on OS/390 release 2.4 or later. It runs in the Unix System Services environment and can be executed as an MVS batch job, or as a TSO command processor. To run in MVS or TSO, it must be link-edited under MVS. 11

12 Like the UNIX command-line client, you can use the command line interactively, or you can incorporate SecureTransport Client commands into a script. With the SecureTransport Client for OS/390, you can:! Reliably transfer files over unreliable connections with auto-restart, data integrity checking, and checkpoint/restart from a TSO command line or Unix System Services shell! Include secure file transfers in JCL jobs for an automated, unattended operation! Depend on secure communications through SSL encryption! Leverage built-in ASCII/EBCDIC conversion mechanism! Upload and download files using secure FTP or secure HTTP communications, even through a firewall or proxy AS/400 Client If you or your customers use IBM AS/400 or iseries servers for applications and need to securely exchange data with external systems, the Tumbleweed SecureTransport client for OS/400 provides connectivity to Windows, UNIX, or Linux based SecureTransport Servers. A command line client leveraging OS/400 java environment, it provides all of the core SecureTransport features, including:! Reliably transfer files over unreliable connections with auto-restart, data integrity checking, and checkpoint/restart! Schedule transfers for automated, unattended operation using native AS/400 scheduler or 3 rd party system schedulers! Securely authenticate to SecureTransport server over SSL session to protect your user ID and password! Upload and download files using secure FTP or HTTP/S communications, even through a firewall or proxy! Secure data being transferred through SSL encryption This command line client can be invoked interactively from qsh shell or used in applications and scripts for automated batch connections. Web Browser For simple deployment and light users of SecureTransport, the Web client is a popular alternative to installing SecureTransport Clients on every desktop. With the Web client, users can:! Log on to SecureTransport using user ID and password, digital certificates or smartcards for authentication! Upload and download files using encrypted HTTP/S communications, even through a firewall or proxy server! Depend on secure authentication using userid/password or digital certificates 12

13 Figure 2. SecureTransport Browser-based Client Interface with Transfer in Progress When using MS Internet Explorer on a Windows platform with ActiveX enabled, SecureTransport ActiveX control provides additional features during file uploads and downloads:! Auto restart in the case of a failed transfer! Data integrity checking! Checkpoint/restart Unlike command line and GUI clients, however, the Web client does not provide the following features:! Scheduling! FTP as a communications protocol! Command-line automation or scripting Hub-and-Spokes Deployment Unlike traditional point-to-point systems, which require complex servers to be deployed on both sides of a pointto-point transfer, SecureTransport can use lightweight clients to connect to the server (or a cluster of servers) or another client via a server hub. This hub-and-spokes model makes SecureTransport a preferred solution in any large deployment where many applications and users need to be interconnected. Instead of managing many one-to-one connections with their own protocol, security, and delivery options, you can manage the connections from all the spokes through a centralized hub. While each spoke connection can still leverage its 13

14 own set of options, the management of these occurs in one place on the hub servers. And when adding a new spoke, you need only to define a single connection to the server, instead of several point-to-point connections. Figure 3. SecureTransport s Hub-And-Spokes Architecture is Less Costly and Simpler To Manage SecureTransport s hub-and-spoke architecture minimizes deployment and operational management costs in several ways:! Much lower acquisition and ongoing software maintenance costs for client software compared to servers! Much lower end-user deployment and training costs client software is designed for ease-of-installation and ease-of-use within a non-technical user community. It can be downloaded and installed in minutes, providing reliable trading partner connections in a few clicks.! Much lower trading partner IT costs. Server-to-server extranet deployments require trading partners IT and security personnel to provide operations support and manage their firewalls in a manner that complies with both partners security policies. Once the firewall ports have been opened for these incoming connections, they need to be monitored for intrusion detection an expensive and labor-intensive process. Using client software to initiate all connections significantly reduces and often eliminates these issues and costs.! Lower end-user support and helpdesk costs because there are fewer customer questions or issues. There s also simpler maintenance and upgrade process when only internally managed servers are deployed. Upgrading and managing software patches on externally deployed servers can be a significant cost factor for an IT organization. SecureTransport also provides the flexibility of Hub-and-Spoke connections for applications that require hubinitiated connections. This deployment mode can leverage Partner Edition as the spoke and SecureTransport Enterprise Edition as the Hub. In addition, SecureTransport s agent framework can be used for outbound delivery to third party servers. 14

15 SecureTransport Architecture This section describes key SecureTransport components and their relationship. It also highlights the core differences between the Standard and Enterprise Editions of the product. SecureTransport Standard Edition The following diagram shows the key components in the SecureTransport Standard Edition. Figure 4. SecureTransport Standard Edition Architecture Key Components of the Standard Edition Clients Clients initiate connections to the server and negotiate session security settings. After the session has been established, clients navigate to user s home directory on the server and provide a listing of available files. Users can initiate uploads and downloads, navigate to another accessible directory, and, if permitted, issue commands to delete files, make sub-directories, etc. Tumbleweed clients provide additional capability to manage file transfers and restarts to provide guaranteed delivery and data integrity, and if possible, restart a failed transfer from the point of failure rather than at the beginning. 15

16 Healthcare Insurance Customer Deployments A major insurance company serving over 65% of US healthcare market deployed SecureTransport to support sensitive data exchange, including Protected Health Information (PHI) with over 3,000 organizations such as healthcare providers, pharmacies, other insurance companies and government regulators. This customer has vastly reduced leased line costs, reduced claim processing time from 60 days to 15, substantially reduced error rates and reprocessing costs in the process saving an estimated US$25 million in the first year. A regional Blue Cross/Blue Shield insurer implemented SecureTransport for speeding up and increasing the effectiveness of their claims processing solutions. Strict adherence to industry standards, compliance with HIPAA security and privacy guidelines, and ease of use helped them streamline operations and reduce costs. Insurance claims processors and benefits administrators use SecureTransport to connect with insurers, MCOs, healthcare providers, and corporate customers. These processors securely move files and messages containing Protected Health Information (PHI), such as claims, payments, and patient records and benefits administration information around the country. Regulatory compliance, scalability, and wide range of inexpensive access options for interactive and automated transfers are key requirements for these processors. State Departments of Health and Human Services are using SecureTransport for their secure data transfer needs. These agencies are transferring patient records, benefits administration data, welfare claims, and Medicaid and Medicare information. All of these data streams contain confidential personal information that is protected by SecureTransport in accordance with federally mandated HIPAA privacy and security regulations. Hardened HTTPD Server Accepts and validates incoming HTTP and HTTP/S connections, processes HTTP commands and file transfers. Based on specified event types, it triggers Event Manager and passes relevant parameters. For some agent types this includes the incoming data stream. Hardened FTPD Server Accepts and validates incoming FTP and FTP/SSL connections, processes FTP commands and file transfers. Based on specified event types, it triggers Event Manager and passes relevant parameters. For some agent types this includes the incoming data stream. Active Agent Server A processes event triggered in Event Manager and executes Active Agents in the Scripting Engine environment. Agents can be triggered to handle:! Authentication and authorization events to support enterprise authentication requirements, including LDAP, Single Sign-on solutions, certificates, and other enterprise authentication solutions.! Data transfers and user commands, in order to extend server behavior in application-specific manner, route the incoming data to back-end applications, notify users or operations staff of key events or exceptions, etc. Administration Server Manages all SecureTransport components and provides a Web UI to manage configuration options, security settings, user accounts and agent specifications. The administration server also monitors transfer activity and provides a number of real-time and periodic reports. In a cluster of SecureTransport installations, the administration server of a defined master server can synchronize configurations for all the defined slave servers. This ensures consistent security settings, user accounts, and other configuration information when multiple servers are used together. 16

17 SecureTransport Enterprise Edition Popular with our banking customers and large enterprises, the Enterprise Edition was designed for customers with high-grade security requirements, large-scale deployments or more advanced integration needs. The Enterprise Edition builds on SecureTransport Standard Edition and includes these additional components and capabilities:! An Application Proxy component for secure DMZ streaming deployment! Transaction Manager for rule-based integration options using Active Agents or Java agents! Signed Audit Records for tracking file transfer transactions and non-repudiation! Hub Manager for configuring and automating bi-directional file transfers with Partner Edition As shown on the following diagram, the Enterprise Edition can be deployed on two servers: an Application Proxy server in a DMZ and a Data Management server on the secure network, with secure streaming connections between the two servers. Figure 5. SecureTransport Enterprise Edition Architecture Additional Components in the Enterprise Edition This section describes components unique to the Enterprise Edition. All Standard Edition components described earlier are included within the Application Proxy and Data Management servers. Application Proxy Server Designed for enterprise boundary deployment, SecureTransport Application Proxy is used when enterprise policies and regulatory requirements preclude storing sensitive data in the DMZ. It provides a multi-protocol 17

18 point of connection and authentication in the DMZ without storing any data on disk. It accepts external client connections and authenticates them using SecureTransport account information or enterprise authentication solutions, such as LDAP directories or Single Sign-on services. It supports strong authentication, including digital certificates and smartcards, as well as user ID/password. For an authenticated connection, the Application Proxy:! Validates all commands for protocol conformance! Converts all supported protocols into a single secure connection to the Data Management server! Uses the Data Management Server Connector to stream the data on uploads and downloads between external clients and the Data Management server. Data Management Server Managing the data repository and providing back-end integration are the two key roles of the Data Management Server. It provides the following services:! Manages streaming connections with the Application Proxy server in DMZ! Provides secure repository (with optional encryption) for the transferred data! Manages access control based on specified access policies and permissions! Provides an embedded Application Proxy to support internal client connections! Creates and manages signed digital receipts for all transfers and exceptions! Triggers Active Agents based on specified events for custom processing! Runs Transaction Manager s Rules Engine, which evaluates rule conditions and, when met, triggers external and in-process agents. Data Management server components in the Enterprise Edition are described below. Transaction Manager Designed to provide richer and more flexible integration framework, Transaction Manager is based on a powerful rules-based parallel execution engine. Rules are defined with simple or compound conditions, which include SecureTransport events, environment variable evaluations, and external functions. Each rule also specifies one or more agents to be executed when conditions are met. Transaction Manager provides a Web-based rules editor to define and manage rules and combine application process or policy-related rules in to a rules package. At run time, Transaction Manager s engine evaluates all enabled rules in the system and triggers actions for rules whose conditions have been satisfied. Actions can include externally executed scripts or programs and inprocess Java agents executed within Transaction Manager s persistent Java Virtual Machine (JVM.) Because the JVM is always loaded, the in-process Java agents start up much faster compared to invoking a JVM in a script agent. The Transaction Manager includes a session-keyed state manager, which allows in-process Java agents to maintain and to share session information, transaction attributes, or other context with each other. 18

19 Hub Manager The Hub Manager in the Enterprise Edition server works in tandem with Partner Edition Clients or Gateways to automate the configuration, partner registration, mailbox setup and authentication processes. All of the security and protocol settings are predefined by the Hub and downloaded to the Partner on the first connection, relieving the Partner from many administration tasks. It includes Partner Community Manager which defines and authorizes Partner registrations, predefines Partner mailboxes and security settings, and communicates these to the Partner on the first connection, relieving the Partner from many administration tasks. It also includes an agent for consolidating Partner logs (transferred by the Partners on a regular schedule using a built-in utility) in to a relational database over a JDBC connections. Sample reports are provided based on Crystal Reports. Web Mailbox Viewer which provides Web clients with access to mailboxes, allowing them to upload files for outgoing delivery, retrieve or delete incoming files, and view mailbox reports. Partner Transfers Manager which ensures reliable and secure delivery of outgoing files to Partners, manages pre-defined transfer schedules, provides a file watcher for external directories, and includes monitoring and reporting functions within the administrator interface. Hub and partner communicate over HTTP/S protocol for greater security with mutually authenticated 128-bit SSL sessions and easier firewall navigation. SecureTransport s guaranteed delivery and data integrity features combined with checkpoint/restart mechanism assure reliable delivery of very large files even over unstable network connections. Hub Manager includes a folder watcher process allowing files for delivery to a Partner to be dropped in a monitored folder associated with a specific mailbox. Files for outbound delivery to a Partner can also be uploaded into a mailbox s outgoing folder by authorized users and applications using a remote client or browser connection. The transfers to the Partner are based on the schedule set up for the Partner or a specific Mailbox. End-users and applications access the mailboxes using SecureTransport s Web Client interface or any supported clients to securely and reliably download incoming files and upload files for outgoing transfers. Web Client users can also view status of transfers, delete files, and restart transfers for pending files. Hub Manager also includes an agent for consolidating Partner logs (transferred by the Partners on a regular schedule using a built-in utility) in to a relational database over a JDBC connections. Hub administrator can then use any enterprise reporting tool for a community-wide view of all transfers provided by consolidated logging. Sample reports are provided based on Crystal Reports. Deployment Configuration Options Tumbleweed customers have a range of SecureTransport deployment options that extend this basic configuration to meet their specific requirements. 19

20 High Availability. An automatic fail over and load-balancing configuration can be achieved using a cluster of SecureTransport servers set up with a load-balancing solution (hardware or software) that can detect a failed server and reroute client requests to the other available servers. SecureTransport clients feature automatic restart for failed connections, making the fail over a transparent event from the user s point of view. SecureTransport HA configurations can be run as active/passive whereby some servers are on standby and aren t used unless an active server fails, or as active/active where all servers are running concurrently and can take over a failed server s load if required. The diagram below illustrates a typical High Availability configuration using replicated SecureTransport Enterprise Edition servers. Figure 6. SecureTransport Enterprise Edition in High Availability Deployment SecureTransport Standard Edition can also be deployed in a load-balanced configuration for load sharing and automatic fail-over. To ease the management of such configurations, SecureTransport provides master/slave synchronization capability that allows a single master server to automatically mirror its configuration and user administration information to one or more slave servers. This capability allows any SecureTransport configuration changes or new account creation to be made once on the master server and be automatically replicated to other SecureTransport servers. Remote Agents. The Active Agent Framework can reside on a separate server from the SecureTransport data transfer processes (httpd and ftpd.) This allows customers to offload agent processing for reasons of security, load management, or when agents require access to dedicated resources. If you want to deploy this 20

21 configuration you can install SecureTransport on the front-end machine handling Internet connections and the Active Agent Server on a remote machine. When defining agents on the front-end machine, you can specify the IP address of the remote machine for any agent defined. This will allow SecureTransport to trigger these agents using remote machine s Active Agent Server. Server-to-Server Transfers. Some customers deploy SecureTransport in Server-to-Server mode for bidirectional connection initiation. The Hub server running SecureTransport Enterprise Edition is typically used as a gateway whereby a file uploaded by a client to its home server is automatically transferred to another server running SecureTransport Partner Edition. In a typical gateway connection, the triggering event is client s upload of a file for delivery to another server or appearance of a new file in a server directory designated for folder monitoring. Partner Edition can be deployed with a Client license for a single user/application connection, or with a Gateway license, which supports remote client connections. The guaranteed delivery transfers with data integrity verification, auto-restart on failures, checkpoint/restart for mid-file recovery, and scheduling capability are available in the Enterprise Edition Hub server and both versions of the Partner Edition. Consolidated logging allows the Hub server to provide centralized reporting for the entire community in addition to local reporting capabilities provided by each server. Figure 7. SecureTransport Server-to-Server Delivery 21

22 Secure Data Delivery Functionality SecureTransport provides secure file transfer over multiple protocols. At several points before, during, and after a file transfer operation, SecureTransport agents and rules can be triggered by the application events. This section describes core aspects of SecureTransport file transfer, including a range of security options. Secure File Transfer The core functionality of SecureTransport is the ability to transfer data securely. From a client at the UNIX command line, a Windows GUI, a Web browser, a client at the MVS or AS/400 command prompt, or a custom client built using the SecureTransport SDK, users can securely connect to a SecureTransport server, navigate to an appropriate directory or mailbox, and initiate upload, download and file system commands. An application can initiate the same actions using a native or Java command line client in a script, an API provided by the Java SDK, or using an MVS client as a TSO command processor or in a batch JCL job. Security is provided by:! Strong user authentication, validating user credentials against SecureTransport user accounts or accounts maintained in an enterprise authentication system! Encrypted transfer channel securing the connection between the client and the server with SSL, using FIPS certified software and, optionally, HSMs.! Transparently encrypted repository which secures the data on the server and in the server file system backups! Restricted access policies specified by the administrator for various user classes! Shared folder permissions specified by their owners in Access Control Lists When a user logs in to the SecureTransport Server using a SecureTransport Client (or Web browser), SecureTransport opens a secure session between the client and the server so that important information, such as user ID, password, commands, file names, and data are encrypted. It does this by utilizing end-to-end SSL encryption during control and data channel setup and file transfer. SecureTransport supports several encryption algorithms including DES, 3DES, RC4 and RC2. Unlike many FTP servers, which allow passwords to be exchanged in the clear (and thus easily intercepted), SecureTransport does not pass authentication Enterprise/Supply Chain Customer Deployments A major security software vendor uses SecureTransport to deliver sensitive data to its customers. In response to one security incident, their SecureTransport servers securely moved more than a terabyte (1000 GB) of data a day with over 1,400 concurrent connections. A leading clothing and sportswear manufacturing company has deployed SecureTransport in US and in Europe for secure exchange of sensitive design and manufacturing information between its many contract design shops and factories spread throughout the world. Securing their intellectual property while taking advantage of Internet data delivery has allowed them to bring new products to market sooner with lower costs resulting in market share gains for their products. A billing services company is using SecureTransport for reliable and confidential delivery of a large volume of bills and invoices from utility companies into its bill printing and electronic bill presentment services. This resulted in significant cost savings compared with proprietary data collection networks and attracted new customers. A major global logistics firm is using SecureTransport to manage the software distribution and upgrades for terminals installed by their clients, allowing them to reliably deliver customized software upgrades to thousands of users. A major computer vendor is using SecureTransport to deliver pre-release software to its large, globally dispersed community of external developers, creating watermarked packages for every access to enable them to track any unauthorized release of the software. 22

23 information until the encrypted SSL session is established. After authentication, all files are transferred through this encrypted tunnel. In addition, SecureTransport can be deployed to minimize the exposure of data stored in a sensitive location. The Enterprise Edition provides a 2-tier solution based on the SecureTransport Application Proxy, which streams the data securely across a sensitive location such as the DMZ and delivers it reliably and securely to the SecureTransport Data Management server on the secure network. Further, to ensure that system administrators or backup managers (including offsite backup custodians) do not have clear access to the sensitive data, SecureTransport provides an optional Repository Encryption module, which will encrypt all data stored on disk with a master key set transparently to the users. The data remains encrypted on the server and is only decrypted on download. Guaranteed Delivery The file transfer functionality in SecureTransport is based on industry-standard protocols: FTP and HTTP. When you re transferring business data, data integrity is paramount. You need the assurance of knowing that the data values are correct and that you have received the whole file, not just a portion of it. However, neither protocol by itself can protect against a dropped connection resulting in a corrupted or partial file. SecureTransport adds special extensions to the transfer protocols to ensure a more robust, reliable, and efficient transfers. Each transfer between a SecureTransport client and SecureTransport server is checked for data integrity by having a checksum of the transferred file calculated and compared by the two sides. If the checksums agree, the file transfer is considered complete and accurate; if not, the file is retransmitted until the checksums match. In case of a dropped connection, the client will automatically attempt to reconnect after a specified wait period. SecureTransport s checkpoint/restart feature allows the client and the server to determine if the partially transferred data is accurate up to the point when the connection dropped. If it is, the transfer is restarted from that point to ensure it completes quicker and uses the least amount of bandwidth. For example, if a 4 MB file fails after 3 MB has already been transferred, the restarted transfer transmits only the remaining 1 MB. This saves time, improves performance, and uses less bandwidth. If the transfer cannot be restarted from the point where the connection was interrupted, SecureTransport restarts it at the beginning to ensure complete data integrity. User Authentication and Authorization Key components of the SecureTransport security model are user authentication and permissions. User authentication and permissions specify who is allowed to use the system, what credentials they have to present, what actions they can take, and which directories and files they are allowed to view and manipulate. 23

24 User Authentication Before a user or an application can upload or download files from SecureTransport Server, the system requires the user or the application to provide identification credentials. (SecureTransport can allow anonymous access, like a standard FTP server, but even that case involves a user authentication step.) The SecureTransport Server can be used with a number of authentication methods:! User ID and password (with configurable strong password requirements)! LDAP and Microsoft Active Directory authentication! Digital Certificate authentication (soft certs or smartcards) with OCSP validation and Identrus rules! Custom authentication using Active Agents and, in the Enterprise Edition, the Transaction Manager rules. SecureTransport customers use a number of enterprise authentication and Single Sign-on systems, including:» Network authentication systems such as RADIUS» RSA SecurID/Ace Server with SecurID tokens» IBM Tivoli Access Manager/WebSeal (former Policy Director)» Single Sign-on environments, e.g., Netegrity SiteMinder, IBM WebSphere» Mainframe security systems such as ACF2. Custom development of Active Agents for individual customer environments can be provided by the Professional Services organization. When used with digital certificates, SecureTransport accepts standard X.509v3 certificates. It works with most PKIs, but also provides a built-in PKI for issuing certificates when customers prefer the convenience of an integrated solution. This wide range of authentication options preserves customers investment in their existing enterprise security solutions and allows them to maintain central control over user credentials to optimize user management costs. Access Permissions and Policies After the SecureTransport Server checks the user s credentials, it determines what the user should be allowed to do, based on a number of factors. Access policies can be defined broadly on the basis of user classes or narrowly based on the IP address of the user (Host Access), user s role and the group to which the user belongs. SecureTransport administrators can use a combination of application-level access controls and file system-level access controls to define a user s authorization. Through these mechanisms, user access can be restricted in several dimensions, including:! Restricting the client IP address! Restricting the user to a specific home directory! Allowing a group of users to share directories! Restricting which actions may be performed in each directory (upload, download) 24

25 ! Restricting which commands a user may perform (e.g. disable DELETE )! Requiring a group of users to use encryption! Restricting user access to within certain days/times In addition, other access controls can be added with the use of ActiveAgents, including external authorization lookups (e.g., an enterprise-wide partner access rights database) and Web-based interaction with the user (e.g., asking the user to agree to specific access terms or enter an additional password). User Classes The user permissions in SecureTransport are based on membership in different groups and classes. SecureTransport can use user classes to apply broad policies. For example, you can require a specific user class to connect over SSL. A user class can be defined as a combination of user type, user name, user group, and IP address. The user types are described further below. You can make classes more restrictive by specifying values in all the fields, or more open, by using wildcard characters, for example, to specify that all virtual users from any address must connect using SSL-enabled clients. User Types There are three types of users in SecureTransport:! Real Users who have system permissions based on OS accounts (e.g., Windows accounts or UNIX users defined in /etc/passwd or NIS/+)! Anonymous Standard FTP unprivileged access with no credentials! Virtual User who can ONLY authenticate to SecureTransport. Creating virtual user accounts has several advantages in a secure environment: - No account on the system where the SecureTransport Server runs. The virtual user s permissions ONLY authenticate the user to the SecureTransport application. This prevents unauthorized access to the system where SecureTransport resides or to other parts of your network. - Virtual home directory, which restricts the virtual user to a small segment of the file system. As with anonymous users, virtual users see their home directory as the root of the file system (i.e., like UNIX chroot.) For example, if the virtual user s home directory is /export/users/user1, after authentication, the user simply sees "/" and can only access file system space that is "below" their home directory. Government Deployments A state government in the US Northeast has deployed SecureTransport to replace a traditional process for regulatory reporting, which required tens of thousands of companies to send paper and/or magnetic media to state s Department of Labor every quarter. Replacing this process with secure Internet data delivery enabled the State to significantly reduce their internal costs and reduce compliance costs for companies in the state. A state government in the US Northwest, a leader in electronic government services initiatives, is using SecureTransport to streamline the secure collection and processing of electronic payment files, state employee records, and healthcare insurance administration information. Managed by the statewide IT organization, the service is being rolled out to many departments in the state government as a standard infrastructure for secure data and document delivery for high value and highly sensitive applications. A state government in the US South has deployed SecureTransport to streamline its benefits administration and related data sharing for retired state employees. Secure online exchange of the benefits data between the agencies, private sector, and the retired employees allows them to improve the turnaround time on inquiries, cut costs, and improve customer satisfaction. A large county government in the US is using SecureTransport as the cornerstone of secure data delivery for its health care administrative and financial processes. Secure Internet delivery of Protected Health Information (PHI) with healthcare providers and other insurers allows it to automate the process for significant cost savings while complying with HIPAA regulations. SecureTransport virtual users can access shared directories. In general, most customers opt for virtual users because of the significantly higher level of security they offer. SecureTransport can also limit users so that they can only upload or download into certain directories and restrict which hosts they can access (using Access Control Lists, for example.) 25

26 Audit Trails and Tracking Secure data and document delivery needs strong audit trails for tracking and proof management. SecureTransport provides two levels of auditing: transfer logs available on the Standard and Enterprise Edition servers and MDN receipts available only on the Enterprise Edition server. Transfer logs capture all user sessions and file transfer information. Optional command logging can be turned on to capture individual user commands. Additional logs are maintained for SSL sessions, errors, and administrative actions. The Enterprise Edition provides an option for digitally signed audit records of all transfers using Messaging Disposition Notification (MDN) receipts. These digital receipts capture all the relevant file transfer and status data as well as non-repudiation information such as date/timestamp, data integrity check, and user credentials. For tracking purposes, reports can be extracted based on user ID, disposition status, time period and other parameters. These digital receipts are available only in the Enterprise Edition and are designed to provide not only tracking and reporting, but also proof management required for non-repudiation of data delivery. Since digitally signed records can not be altered without invalidating the signature (which is easily verified), they are suitable as evidence based on accepted legal practices surrounding the use of business records in a court of law or similar setting. 26

27 Automation and Application Integration Client-side Automation You can use the SecureTransport Client in interactive mode (see User Interfaces section II.A for more information), or you can automate transactions to happen in unattended mode, at a future time or on a periodic basis. Scheduling The SecureTransport Client for Windows has a scheduling user interface you can use to specify uploads and downloads on a periodic or time-delayed basis. On other platforms, native schedulers or job managers can be used to schedule file transfer activities (e.g. UNIX cron, MVS JCL) Client-side Scripting The SecureTransport Client on Windows, UNIX, AS/400 or MVS has a command-line interface you can incorporate into scripts. The scripts can then be executed later, called from another application, or started by a scheduling mechanism. SecureTransport does not restrict your choice of scripting languages; you can write your scripts in any language supported by the platform. Software Development Kit (SDK) SecureTransport offers an optional client software development kit (SDK) that provides access to application programming interfaces (APIs) for all the functions of the SecureTransport Client. You can use the SDK to create your own custom SecureTransport client or integrate SecureTransport client functionality into software distributed to the end-points of your extranet. The SDK is available for Java 1.2 and later. In one case, a customer has used the SDK to integrate secure data transfer into their electronic funds transfer (EFT) application to enable their clients to securely route the EFT transaction files. Another customer has used the SDK to build a custom-branded client for their user community. Server-side Active Agents Active Agents provide server-side automation and enterprise application integration. Active Agents are scripts, external programs or in-process java classes executed by the server when triggered by any of the thirty three SecureTransport application events. Using these triggers, you can start custom processing on client connections to the server, on file uploads and downloads, and on errors and exceptions. The following table shows specific actions, which can trigger an Active Agent. 27

28 Agent Name Login Logout Incoming Start/End Outgoing Start/End Cert Auth Config FTP/HTTP commands When Agent Runs When a user logs into the SecureTransport Server When a user disconnects from the SecureTransport Server When files are being uploaded to the SecureTransport Server, at the start or at the end of the upload When files are being downloaded from the SecureTransport Server, at the start or the end of the download During the SSL negotiation if certificate verification is enabled When the PASS(word) command is received from a client When the USER command is received from a client When particular FTP or HTTP commands are received from a client Active Agents are used by Tumbleweed customers for a variety of customization needs. The following list shows a sample of different uses of Active Agents:! Extend the authentication framework to support Single Sign-on or enterprise authentication solutions! Provide user notifications and operational alerts on user login, directory access or file transfer! Transfer incoming data to a back-end application, repository or message queue for further processing! Notify back-end systems of data arrival or user requests to retrieve data! Watermark file requested for download with user-specific marking for auditing or tracing of external distributions! Perform local data management and archival on the server Transaction Manager The Transaction Manager server available in the Enterprise Edition provides a flexible and scalable way of defining and triggering Active Agents, based on attributes of events that occur as files traverse through SecureTransport. The Transaction Manager adds greater flexibility and more powerful execution environment to the Active Agent capability available in the Secure Transport Standard Edition server. It provides the following key benefits:! Ease of development of agents to extend SecureTransport using a rule based paradigm and a visual editor! Flexible triggering mechanism that adds conditions and custom functions to core event model! High performance agents that can be written in Java and run in Transaction Manager s provided JVM 28

29 The Transaction Manager allows developers to define two kinds of agents:! External Agents - External agents are server-side scripts or executables that run when rule conditions are met. However, they are managed by the Transaction Manager and can be run as independent server processes.! In-Process Agents - In-process agents are Java classes or jar files that are executed when rule conditions are met. The Transaction Manager manages them within its JVM. Rules and rule packages are created in Transaction Manager using the built-in Rules Editor with the Web User Interface shown in the screenshot below. Rule packages can be imported and exported for ease of deployment across multiple servers, or staging from development to production environment. Figure 8. SecureTransport Transaction Manager Rule Packages Rules in SecureTransport Transaction Manager are organized into rule packages. An individual rule can be replicated in multiple packages. Rule packages can consist of a collection of rules that are applicable to a business process. Rules are made up of conditions and actions as described below.! Condition - A condition is a boolean expression that can contain a comparison operator or a condition function. It defines events and event attributes.! Action - An action is a set of agents that should be triggered if conditions are matched. The actions are typically agents that are written in Java and allow in-process sharing of information between agent invocations. Alternatively, out-of-process mechanisms can be integrated with agents written in scripting languages such as Perl or Python; such actions are executed through a shell mechanism. 29

30 Figure 9. SecureTransport Transaction Manager - Rules Editor View At runtime, the Transaction Manager receives events from the SecureTransport server. Depending on the event, the Transaction Manager selects the rules, evaluates their conditions, and when a match is found, executes defined actions within an embedded JVM or through an external process. The diagram below illustrates Transaction Manager flow. Figure 10. SecureTransport Transaction Manager - Rule Evaluation and Execution 30

31 Integrating Third Party Technologies with SecureTransport SecureTransport is extensible at the client side via the SDK and at the server side via Active Agents, Data Integration Suite, and Transaction Manager. So if you need to integrate with technology deployed in your environment, you and Tumbleweed consulting can make it happen. This section shows common integration options for 3 rd party technologies. LDAP and Microsoft Active Directory SecureTransport can use user credential information stored in an LDAP (Lightweight Directory Access Protocol) database or MS Active Directory for user authentication. Single Sign-on Single Sign-on products manage authentication of each user and provide their authentication credentials to different systems and applications, so the user is only prompted and authenticated once. SecureTransport has hooks that can be used to integrate with single sign-on systems (via PSO engagement.) The first implementation of Single Sign-on integration to SecureTransport was with IBM Tivoli Access Manager (also known as IBM Policy Director/WebSeal.) Other popular Single Sign-on systems used with SecureTransport include Netegrity SiteMinder, IBM WebSphere and Entrust GetAccess. After authentication is complete, the Single Sign-on system stores the user's credentials in an encrypted form, perhaps in a cookie or a database by process ID. When the authenticated person accesses an application on a different Web server, or even in a different domain, the Single Sign-on system can use these stored credentials instead of prompting the user for credentials again. Using a Single Sign-on system makes it much easier for the user, and simplifies the administrative problem of user credential management. Mail Systems SecureTransport can create -based notifications, which can be sent through any available SMTP server. Sterling Commerce Connect:Direct SecureTransport can interoperate with Sterling Connect:Direct product using file-level integration to receive and forward files. For stronger integration requirements customers can use mutual client-based invocation: Connect:Direct command line utility can be invoked from SecureTransport agent, and SecureTransport command line client can be called within a defined Connect:Direct job to provide bi-directional transfer of files. ERP and EAI Systems SecureTransport can interoperate with variety of EAI systems leveraging file system level integration. The Active Agent hooks can also be used for integration with message buses like IBM MQ Series and JMS, 31

32 Tumbleweed Products Integrated with SecureTransport SecureTransport is part of the end-to-end electronic transaction security product line offered by Tumbleweed. This section describes how SecureTransport interacts with other products available from Tumbleweed. More information on these and all Tumbleweed products are available from your Tumbleweed sales representative or at Please see the back page of this document for additional contact information. Tumbleweed Valicert Validation Authority With SecureTransport release 3.0 and later, customers have the option of using Tumbleweed Valicert Validation Authority to check users digital certificate credentials when logging in to SecureTransport. SecureTransport with Validation Authority can be used for simple certificate status check or full validation using Identrus rules. Validation Authority provides high-performance, reliable, and scalable digital certificate validation, with all the tools necessary to identify and validate certificates, and if necessary, to disable expired, revoked, or bogus certificates Validation Authority provides validation regardless of the applications being used or the Certificate Authority (CA) issuing the certificate. In addition to generic certificate validation, the Validation Authority can be used in Identrus environments to validate the certificates using the specific rules defined by the Identrus consortium of leading global banks. 32

33 Summary The major advantage of Tumbleweed SecureTransport is that it is built with security in mind from the ground up. Unlike many data center-oriented file transfer solutions designed to work within a closed enterprise, this solution leverages a proven security infrastructure to provide the highest levels of performance and reliability with the lowest total cost of ownership from initial deployment to large-scale rollouts. With SecureTransport, Internetfocused security, broad range of inexpensive access options and robust Internet-facing deployment configurations are not an afterthought these are the core attributes of SecureTransport product family. Over 100 leading banks, insurers, enterprises, and government organizations and over 20,000 of their internal and external users benefit from these key attributes of SecureTransport: Security: ensures confidential, private transfer! SSL-based high performance transport encryption! Transparent repository encryption! LDAP, SSO, and PKI-based authentication! Wide range of authorization policies! Agent-based custom extensions for authentication and authorization Low cost of ownership: ease-of-deployment! Inexpensive and easy-to-use client software! Web browser access and optional thin client! Broad range of clients for enterprise platforms! Firewall-enabled protocol implementation Speed: increases information velocity via automation and application integration! Client-side scheduling and SDK! Event-driven Active Agents! Rules-based Transaction Manager Efficiency: eliminates need for paper proof! Guaranteed delivery and data integrity! Legal-grade audit trail through digitally signed MDN receipts Cost: cuts hardware and shipping costs! Can replace leased lines, crypto links, and courier use! Eliminates per-mb costs of EDI VANs 33

34 FOR MORE INFORMATION, PLEASE CALL Tumbleweed Communications Corp 700 Saginaw Drive Redwood City, CA Phone Fax Tumbleweed Communications Corp. All rights reserved. Tumbleweed is a registered trademark and Tumbleweed SecureTransport, SecureTransport Standard Edition, SecureTransport Enterprise Edition and SecureTransport Partner Edition are trademarks of Tumbleweed Communications Corp. All other brand names are the trademarks of their respective owners. STFWP