Managed File Transfer

 View Only

An easy way to stay ahead of security standards and practices – IBM Secure Proxy and SEAS 6.0

By VIJAY CHOUGULE posted Thu July 18, 2019 02:59 PM

  

As an IBM Managed File Transfer user, you know that ability to move data efficiently and securely over the Internet is critical to your company’s success. Security administration, management and integration can be extremely time consuming and requires specific expertise. Most teams don’t have the bandwidth to add these duties to their current responsibilities of making sure these mission critical systems are up and running and accessible by all the users who need them. In fact, a study by Vanson Bourne found that 63% of organizations report their file transfer systems are limited by security concerns.

 

IBM Secure Proxy addresses this challenge as a demilitarized zone-based application that sits on the edge of your enterprise and ensures connectivity with external partners is secure. Many of you have been relying on IBM Secure Proxy and Secure External Authentication Server (SEAS) solutions for edge security for years. Our latest 6.0 versions (previewed in this webcast you can watch on demand) include enhancements that make it easy for you to stay up to date with the latest security standards and adopt leading security practices and technologies.

 

Here are 4 ways we’ve got your back

 

  • Expansion of Single Sign-On simplifies management and improves compliance. A common best practice is to use a corporate portal to centralize authentication and improve compliance with corporate security mandates. Dozens of external identity providers or Federation Services providers including Shibboleth, Microsoft Active directory, CA SSO, Oracle Identity Federation, and IBM Security Identity Manager enable single sign-on (SSO) based on the SAML 2.0 specification. Secure Proxy has been supporting SSO via SEAS, and now includes SAML 2.0 support. You can configure SSO with an authentication provider of your choice and use the same usernames and passwords, often without having to login again, to access your IBM Managed File Transfer solutions.

 

  • Proactive security helps you stay ahead of breaches and potential disruptions to the business. Blocking authentication attempts by suspicious or probing users keeps bad actors out. But what do you do when 100s or 1000s of authentication attempts eventually result in a breach, or create performance issues for legitimate users? It’s difficult and time consuming to mine through logs to find suspicious IP addresses and block them, and this takes you away from your regular day job. In Secure Proxy 6.0, an additional layer of security proactively restricts the login attempts by blacklisting IP address patterns or userID patterns before suspicious users even try to login. Attempts are blocked prior to authentication to improve security, safeguard file transfer performance and save your team time.

 

  • Extended support for Highly Available scenarios with SEAS provides more robust failover. File transfer is considered mission critical, so you expect support for 24x7x365 operations. Secure Proxy has been supporting High Availability deployments. However, in event of a disruption or failure the tokens from one SEAS wouldn’t sync with another SEAS so you would have to restart the authentication process over again. In 6.0 we enhanced the ability to synchronize the tokens between SEAS failover servers and now offer even more robust support for High Available scenarios. The solution works reliably behind the scenes so that users aren’t impacted or even aware of failures, and no intervention is required by you or your team.


  • Laying the foundation for moving to the hybrid cloud with simplified integration. Organizations are at different points on their cloud journey. Our job is to provide solutions that allow you to take incremental steps towards the cloud and move forward with confidence. Newly developed RestFUL APIs allow authorized client applications to interact with SEAS. The ability to integrate with external applications seamlessly and improved flexibility in configuring SEAS objects is becoming a more common need, especially for cloud deployments. In SEAS v6.0 different RestFUL APIs have been exposed which can be used by any kind of application to perform CRUD (Create/Read/Update/Delete) operations with respect to SEAS Configuration objects. Objects that can be managed via these new APIs include: Session, SSL info, Truststore, Authentication, Certvalidation and CRL. Much of this work is foundational to support containerized deployments in public and private cloud environments. Watch for that capability in the near future.

 

These major upgrades for IBM Secure Proxy and SEAS demonstrate our investment and commitment to providing capabilities that allow you to adopt the leading security practices in an easy and effective way.

 

How to Get Started
If you are current on Service & Support, you can download the upgrade guides for IBM Secure Proxy 6.0 and SEAS 6.0 through Passport Advantage.  If you are new to these solutions, contact your IBM sales rep or business partner and they will help you get started.

As always, please share your comments or questions in the discussion forum. We appreciate your feedback and will make every effort to respond quickly.

 


#DataExchange
#filetransfer
0 comments
41 views

Permalink