File Transfer and Data Security Installation

The Optimum Implementation of your MFT or DLP Software

Once you have found the ideal file transfer or data security product for your enterprise, you want to give it the ideal conditions in which to work. Effective integration with your existing systems, your architecture and your business policies helps to guarantee long-term success.

To date, we have delivered more than 400 enterprise file transfer and data security installations worldwide. No two installations are identical – but every installation has been a success.

Through our relationships with leading vendors, we have insight into the leading file transfer and data security solutions, as well as access to additional support and advice direct from the manufacturers.

Read on to find out more about the prerequisites to a successful installation, or contact us now for more help.

File Transfer and Data Security Installation Pre Requisites

At the point of implementation, there will be a variable amount of prerequisites to consider. We’ve put together this helpful checklist to give you an idea of the most common prerequisites.

Of course, we can help you answer these questions as part of our File Transfer and Data Security Installation services.

Architecture

File Transfer Solutions

Some managed file transfer (MFT) solutions reside in the DMZ of your network, while others stream files across the DMZ with a reverse proxy. Some solutions split the automation engine from your secure file transfer server, while others use a single application.

In short, file transfer solutions vary – many offer multiple options for configuration.

You will need to decide:

  • How many machines are required to host the complete solution?
  • Where will these machines live in relation to the DMZ and your internal network?

With this information in place, you’ll need to consider your availability requirements. You may need a High Availability option with automatic failure, or to cover all single points of failure in your design.

The route to High Availability is usually hosting the database that powers your MFT solution individually, equipped for failover.  But how will you replicate your data?

When it comes to availability, you will need to decide:

  • For secure file transfer server failover, are you deploying a shared or replicated database?
  • For gateway server failover, are you using a load balancer or cluster configuration?
  • For automation engine failover, will you use a shared or replicated database?

Data Security Solutions

Generally, a data security solution requires fewer changes on an architectural level. As part of our data classification, data loss prevention (DLP) and website security portfolio, we will consider your architecture as necessary.

System Requirements

Your system requirements depend entirely on the file transfer or data security solution that you choose. We are able to consult on system requirements in pre-sales discussions, comparing software requirements against your hardware and operating systems.

Many file transfer solutions require a database, but offer a selection of database types including MS SQL, Oracle, MySQL and more. The type of database that you plan to use will affect your overall system requirements and the platforms that are available to you.

Of course, we are also happy to take a reverse approach, advising you on which solution is best for your current hardware.

Hardware

File Transfer Solutions

For file transfer, the hardware that you require in terms of storage, CPU and RAM will vary depending on the solution that you select. However, many of the most important decisions when it comes to hardware will depend on your enterprise.

In terms of overall requirements, it is a good idea to deploy hardware that exceeds minimum hardware requirements. This leaves you with room to scale your file transfer solution over time.

Disk space is determined by how you will use your file transfer solution. Installations tend to be lightweight, but if you plan to use your file transfer solution for storage (as opposed to transit), you will need a larger hard disk. Generally, multiplying your monthly file transfer volume by three is enough for a data-in-transit MFT server.

Gateway servers do not store data, so you will easily meet requirements with a 10GB hard drive.

Although Automation Engines do not store data, they need to cache large amounts. 10GB is enough for installation, but caching may require up to double your peak transfer volume.

Database requirements vary by vendor. One approach is to implement the database storage recommended by your vendor, plus 5-10MB per 1,000 file transfers.

We can advise you on the ideal amount of storage for each element of your file transfer solution and also help to implement a regime of monitoring and pruning to keep overall storage low.

Data Security Solutions

The hardware requirements of data classification, data loss prevention (DLP) and website security products are determined by the solution that you choose. However, most installations have small hardware footprints and, with the availability of hosted and cloud-based solutions, robust data security is available to all.

Network

File Transfer Solutions

An important step in establishing a successful file transfer solution is preparing your firewall to permit network access. This is best done in advance of installation, allowing you to begin transferring files without waiting for network changes to propagate.

Here are some general guidelines for network firewall configuration:

  • Internet Firewall – Open ports for the various Secure File Transfer Protocols that you will be using. These are: HTTPS (443), FTPS (21, 990 and a Passive Port Range), SFTP (22). Of course, you can change these ports for security.
  • DMZ to Internal Network – No ports should be opened. If your MFT solution requires this, change your MFT software.
  • Internal Network to DMZ – Two-Tier solutions will require an outbound connection from your Secure File Transfer Server to your Gateway. The ports vary by vendor.
  • Automation – Automation engines require outbound connectivity to the Internet across HTTPS, FTPS, SFTP and – where the secure file transfer server resides in the DMZ – you will need connectivity from the internal network to the DMZ.

Inside your network, your chosen file transfer solution may also need to see various other hosts, depending on the services that you will be using. These may include:

  • Access on port 25 to SMTP for notifications
  • Access on port 1433 to your database (if it is remote)
  • Access on port 389 to LDAP (if you are using LDAP authentication)
  • Access on port 514 to your SYSLOG server
  • LAN access and a service account with sufficient privilege if you plan to store files away from the installation

Data Security Solutions

The network configuration for a data security solution will depend on the nature of the solution that you choose. Many solutions do not require any connectivity.

On the day

File Transfer Solutions

Following the above steps ensures that your infrastructure is ready for a successful file transfer installation.

On the day of installation, you will need:

  • Access to the file transfer installation software
  • A valid serial number or license file from your vendor
  • Sufficient account privileges on the host system to install software
  • If your solution requires online activation, access to the Internet

You may also want to consider:

  • A testing check list
  • Customisation (logos, style sheets for web pages, wording for notifications)
  • If you are using workflow automation, a list of file transfer processes that you plan to automate

Projects don’t always run to schedule, but preparation is the secret to success.

Data Security Solutions

We offer a full range of data classification, data loss prevention (DLP) and website security software installation services. We also offer exhaustive testing as standard to ensure that your installation is successful.

“I’ve just had an update call with the Project Team
you are currently working for. They feel HANDD
have done a fantastic job providing a service above
and beyond what was initially expected.”

Jodie Mckane, Detica

“The implementation of the system was completed
expertly in a very short period of time by HANDD,

and without any major problems.”

 
Chris Petrie, Stephenson Harwood

“HANDD’s support was excellent. At last we have
a highly secure and simple means to transfer  files
efficiently over the internet, 
and I know we can
rely on HANDD 
Business Solutions.”

 Oliver Rhodes, London Borough of Enfield

Comparison Matrix
Managed File Transfer Vendors
Comparison Matrix
Adhoc File Transfer Vendors