Title: Ted McKendall
1Secure Internet CommunicationsSafe and Automated
File Transfers over the Internet
- Ted McKendall
- Product Manager, SecureTransport
- February 23rd, 2006
2Todays Agenda
- Tumbleweed Company Summary
- Tumbleweed Product Suite
- SecureTransport Product Overview
3Tumbleweed Communications
At a glance
- The leader in file transfer and email security
- 12 years protecting enterprise data and email
- 1,500 enterprise customers
- Award-winning products
- Publicly traded (NasdaqTMWD)
- Market Leader in Managed File Transfer (MFT)
Founded 1993 Global HQ Redwood City,
CA Employees 275 Solutions Email
Firewall Secure Email Secure File Transfer
Identity Validation Industries served
Financial Services Government Healthcare
Retail Technology Enterprise Standards
Development IETF Open Group FSTC ITAA
Anti-Phishing Working Group
4Representative Customers
At a glance
- Customer snapshot
- 9 of top 10 US Banks
- 7 of top 10 Brokerages
- 6 of top 10 Euro banks
- 3 of top 5 Canadian banks
- 6 payment/clearing networks
- Several central banks
- U.S. Federal Reserve
- Bank of England
- Over 100 of the Fortune 500
- Over 100 financial svcs. firms
- Over 100 health care orgs.
- Over 100 law firms
- 6 of the 10 largest pharmas
Recent European Success Enterprise Spam Defense
Prudential Telewest Adldleshaw Goddard
Manches Solicitors Fila MailGate RoSPA
Secure Email WCC Ernst Young
Wolverhampton City Council Secure File
Transfer Airbus GM EU Clearstream AXA
5Tumbleweed Product Suite
Tumbleweed Product Portfolio
- Email Security Suite
- MailGate Edge
- MailGate Anti-Spam
- Email Firewall
- Secure Messenger
SecureTransport
ValidationAuthority
6Evolution of the File Transfer Market
Todays Challenges
Evolution Path
Multiple, departmental file transfer point
products
Centralized, enterprise-wide file transfer
infrastructure
Proprietary, single vendor file transfer solutions
Interoperable products based on open Internet
standards
Expensive private links, leased lines, VANs,
modems
Ubiquitous reach and low cost of the Internet
Home-grown applications straining under the load
Enterprise-class scalability and reliability
Regulatory changes requiring secure
communications (HIPAA, GLB, SOX)
Encrypted file transfer with signed receipts and
auditability
7Mission-Critical
- Top Ten Bank
- File Transfer is the second most critical
application in the bank its more critical even
than email. - As File Transfer becomes more critical it leads
to increased exposure, and a whole new set of
requirements - FTP just aint good enough anymore.
8Emergence of Business Critical Reqs.
- New Level of expectations
- Rapid scalability
- Centralized management
- Availability of information
- Time sensitivity of information
- Ease of Use
- Management of Internetbased File transfers
- Security and privacy of data exchange
- Flexibility to accommodate a variety of business
partners - Automation
- Ad hoc transfers
9Tumbleweed SecureTransport
Enterprise Firewall
SecureTransport Edge and Server
- Data Management
- Event-based File Processing Routing
- Rules Editor w/Web UI
- Application Integration
- Event-driven Agents
- Outbound Transfer Management
- Signed Audit Records
- Repository Encryption
- Secure Data Delivery
- Multi-Protocol Secure File Transfer
- Guaranteed Delivery
- Data Integrity Assurance
- Checkpoint/Restart
- Secure DMZ Streaming
- Enterprise Authentication
- Robust Access Controls
- Open Standards
HTTP
HTTPS
FTP
End Users
FTP/S
SFTP
SCP
AS2
10Standards for Internet File Transfer
SSL
HTTPS
XCRC
FTP
AS2
SCP
FTP with PGP
SFTP
S/MIME
FTPS
SSH
SMTP
TLS
HTTP
Plus legacy protocols Async/Bicync, NDM, VANs,
11A Menu of Connectivity Options
SecureTransport Connectivity Menu
Client Entrées cont.
SecureTransport Server offers many connectivity
options to meet your business partners needs.
- Other FTP/S Client. FTP/S
- RFC-Compliant FTP, FTP over SSL/TLS
- Windows, Unix, AS/400, z/OS, etc.
- Other SSH Clients SFTP,
- SSH2 Standards-based SCP
- Native on many OSes
Lighter Fare
- Web Browser (Zero-Footprint Client) HTTP/S
- Ubiquitous
- Easy setup for new users
- Customizable UI skins
- Web Browser with ActiveX. HTTP/S
- Guaranteed Delivery
- Restart/Resume
Server Entrées
- Other AS2 Server... AS2
- EDI trading partners
- Payload signing and encryption
- Certified eBusinessReady
- SecureTransport Server. AS2,
- Bidirectional Communication FTP/S,
- Secure, Guaranteed Delivery HTTP/S
- Data Management
Client Entrées
- SecureTransport Client.. HTTP/S,
- Automated and scheduled transfers FTP/S
- Guaranteed Delivery
- Restart/Resume
- Available on Windows and Unix
- Heart Healthy
- Indicates Hot Spicy!
12Security
- Data Security
- Transport encryption v. payload encryption
- Data segregation and access control
- Data integrity verification
- Secure data storage
- DMZ Security No storage of sensitive data in
insecure zones - Encrypted data repository
- High Availability
13Automation and Management
- Transfer Integration
- File Routing
- File Storage
- File Processing
- Notification
- User/Trading Partner Management
- Authentication/Authorization
- SSO, LDAP, Netegrity
- Auditability
- Extensive user and administrative logging
- File Tracking and Reporting
- Signed transfer records secure audit trail
- Delegated Administration
- Administrative Roles
14SecureTransport Components
Enterprise Firewall
Internet Firewall
Backend Processing
Standard Web Browser
DMZ
Email
Mainframe
ST Client
Web Browser w/ActiveX
Transaction Manager Integration
FTP/S, HTTP/S, AS2, SFTP, SCP
3rd-party FTP/S Client
SecureTransport
Application Layer Streaming
3rd-party SFTP Client
?
SecureTransport Server
Data
No Data
Audit Logs
AS2 Server
Audit Logs
SecureTransport Edge
ST Server
Repository Encryption
MDN Receipting
15ST Deployment High Availability
16Q A