Understanding file transfer protocols for B2B and EDI
What does a file transfer protocol standardize?
Secure transfer protocols enable data transport by outlining a standard procedure for regulating the data exchange between businesses. The standard procedure, as defined by the file transfer protocol, acts as a set of rules that enable businesses to connect and share data.
What are the benefits?
The main advantages of sending and receiving files over a secure communications protocol are the ability to:
- Transfer data internally, to and from point-to-point solutions, and to entities outside the firewall
- Automate transactions and eliminate errors
- Increase reliability and scalability
- Securely share business intelligence
- Meet compliance and SLA requirements for trading
What are the challenges?
Not every business requires or even uses the same protocols.
While protocols are a set of rules, the rules defining which “set of rules” to use are determined by individual organizations, based on their own industry and compliance needs. This implies that there is not one, but rather, many file transfer protocols that are used to communicate today.
Gain Competitive Business Advantage with Protocol ConnectivitySee How
Cleo File Transfer and Data Integration
Protocol Flexibility to Support Business Growth
Protocol flexibility becomes increasingly important as your network of trading partners and customers grows. Depending on your business needs and trading partner requirements, one or many protocols may be appropriate for you.
File Transfer Protocol Comparison
Comparing the functional elements of security, including privacy, authentication, integrity, and non-repudiation are at the core of evolving protocols and the business expectation for heightened security around the data transfer.
Understanding your current and future file transfer needs — including file sizes, volumes, frequency, and security requirements — will help your organization select the best protocols for your business.
Applicability Statement Protocols
AS2: Applicability Statement 2 is a standard by which users transfer EDI or other data, such as XML or plain text documents, over the Internet using HTTP and HTTPs. AS2 offers increased verification and security achieved through the use of receipts, digital signatures, and file encryption. Its transactions and acknowledgments occur in real time, increasing the efficiency of document exchanges.
AS3: Applicability Statement 3 enables software applications to systematically communicate data, including EDI and XML, over the Internet using file transfer protocol (FTP). AS3 is not the next version of AS2 as it offers its own unique features and provides security for the transport payload through digital signatures and data encryption. AS3 may be particularly well-suited for FTP-centric businesses that have a significant investment in FTP scripting, applications, or security.
File Transfer Protocols
FTP: FTP, or File Transfer Protocol, is an application protocol that uses the TCP/IP protocols. FTP is commonly used to transfer webpage files from their creator to the computer that acts as their server for everyone on the Internet. It’s also used to download programs and other files to your computer from other servers. However, FTP does not include any options for encrypting data in transit and is generally considered unsecure.
FTPs: FTPs (FTP over SSL) adds a secure encryption layer (Secure Sockets Layer) around the FTP protocol to secure the commands and data that are being transferred between the client and the server.
SFTP: Secure Shell File Transfer Protocol (Secure FTP) uses SSH to transfer files and requires that the client be authenticated by the server. Commands and data are encrypted to prevent passwords and other sensitive information from being exposed to the network in plain text. Unlike FTP, SFTP protects data while it is being transmitted and does not use separate command and data channels. Both data and commands are transferred in formatted packets via a single secure connection.
Minimal Lower Layer Protocol
MLLP (Minimal Lower Layer Protocol): Commonly used within the HL7 (Health Level Seven) community for transferring HL7 messages, MLLP provides a minimalistic session-layer framing protocol. MLLP supports only direct connections between a sender and a receiver, and there is no authentication process.
RNIF (RosettaNet Implementation Framework): This protocol defines how systems transport a RosettaNet message. RosettaNet is a set of XML standards for integrating business processes between companies, and RNIF is a robust transfer, routing, packaging, and security standard.
WS (Web Services): Web services are XML-based information exchange systems that use the Internet for direct application-to-application interaction. These systems can include programs, objects, messages, or documents. Additionally, Web Services are not tied to any one operating system or programming language.
IBM® MQ: IBM’s proprietary technology is a robust messaging middleware that simplifies and accelerates the integration of diverse applications and business data across multiple platforms.