SFTP Server

SFTP servers provide secure access to a remove computer using the Secure Shell protocol (SSH). With GoAnywhere MFT’s SFTP server, trading partners can securely exchange files with your organization using SFTP (SSH File Transfer Protocol) and SCP (Secure Copy) protocols. GoAnywhere MFT supports the latest SSH 2.0 protocol standard and offers robust multi-factor authentication using passwords and SSH key authentication.

An encrypted tunnel will be created between the SFTP server in GoAnywhere MFT and any trading partners using an SFTP client, which will protect all data, user ids, passwords and commands that flow over the connection. Secure FTP is critical for compliance with PCI DSS, HIPAA, HITECH, SOX and state privacy laws, and GoAnywhere’s SFTP server capabilities will greatly support your compliance initiatives.

SFTP Server Features:

• Highly scalable with no restrictions on the number of trading partners
• Support for multiple listeners with configurable port numbers
• Remote administration and monitoring through a browser-based interface
• Robust security and granular permission controls
• Multiple authentication methods; database, Active Directory (AD), LDAP and IBM i
• Administrators can view active sessions for logged-in users
• Event triggers to automatically process files or send email notifications
• Support for client requests to resume file transfers
• Configurable settings for maximum number of sessions, maximum login failures and idle timeouts
• ZLIB compression to reduce bandwidth requirements
• Ability to accept or reject files with certain extensions
• Allows only strong NIST-certified encryption algorithms when in FIPS 140-2 Compliance mode
• Can be installed in the private network without opening inbound ports, when paired with GoAnywhere Gateway in the DMZ

SFTP Logs

Audit trails (logs) are generated for all SFTP and SCP sessions in GoAnywhere MFT to meet auditing and compliance requirements. This detail includes commands issued, messages, IP addresses, user ids and file names transferred. Log messages can additionally be sent to a SYSLOG server using UDP or TCP connections.

SSH Key Management

Intuitive graphical screens are provided in GoAnywhere MFT to allow for the management of SSH Keys. This Key Manager can be used to create SSH public and private keys, import and export keys, and view keys. Both RSA and DSA key types are supported with key lengths up to 4096 bits.

Standards Support for SFTP Server

The SFTP server in GoAnywhere MFT provides support for the following standards:

Protocol

• SSH 2.0

Ciphers (Symmetric Encryption Algorithms)

• AES-128
• AES-192
• AES-256
• Triple DES (DESede)
• Blowfish

MAC Algorithms

• HMAC-SHA1
• HMAC-SHA2-256
• HMAC-MD5

Key Exchange Algorithms

• diffie-hellman-group1-sha1
• diffie-hellman-group14-sha1
• diffie-hellman-group-exchange-sha1
• diffie-hellman-group-exchange-sha256

Compression

• ZLIB