If you have any questions that come up as you're watching and listening, you can submit those through the questions pane. And we have a couple team members online answering those for you throughout. We'll also have a Q&A time at the end of the webinar too. So, if you want to get any questions in live, we'll try to get down to answer a few of those for you.
And lastly here, after the webinar ends, you'll see a quick survey pop up. Filling that survey out gives us good feedback on what parts of the presentation were most helpful to you. So, if you have any questions that are answered on today's call, you can definitely enter those there as well and someone will get back to you.
All right. So, let's look at our agenda for the call today. We'll start out with a quick company overview if you're not familiar with HelpSystems. We'll tell you a little about us and about GoAnywhere. We'll talk a little about file transfer challenges that are unique to a lot of organizations. Maybe they'll be familiar to you.
We'll talk about what is GoAnywhere MFT and give you a brief introduction and then Dan is going to go into a nice overview of the features that GoAnywhere offers and a real quick look at what's new in our latest version, 6.0. He'll do a live demo and then we'll wrap up with Q&A.
So, without further ado, I will formally introduce you to Dan. Dan Freeman has spent the last 10 years of his career in various security roles ranging from systems engineer to security officer. He currently serves as Senior Solutions Consultant at HelpSystems for the GoAnywhere product line. So, with that, Dan, I will let you take it from here.
Dan: All right, thanks Brooke, and can you still hear me?
Brooke: I can hear you great.
Dan: Excellent. And thanks to all who took the time out to join us to learn a little bit more about some of the challenges we face with the transfer and manipulation of data, how to keep it secure. And then we'll talk a little bit about what managed file transfer is and how to alleviate some of these pain points.
Not to mention, all the regulatory compliance that a lot of folks have to deal with to make sure they are properly protecting all this data moving about in cyberspace. Speaking of space, have you ever sat back and thought to yourself, "How does NASA organize its company parties?" They plan it.
Okay. All right, I think we're ready to get this session started here. All right, let me take a little bit, a moment to share a little background on our company. HelpSystems has been around for over 35 years and focuses on developing cybersecurity, automation and operations management solutions.
We do have a little over 600 employees and 20 offices around the world to serve our customers. The corporate headquarters is in Eden Prairie, Minnesota, but most of the GoAnywhere R&D staff, support and sales are located right outside Omaha, Nebraska.
Our R&D team is constantly improving GoAnywhere, which is primarily based on valuable feedback from our user base. There are two or three major releases of GoAnywhere per year, which demonstrates our active development schedule. Feel free to read the release notes on our website.
We also believe in providing the best possible service to our customers with 24/7, 365 days a year. Now, I realized a lot of people want to say that, but that leads me to the next point with the fact that almost 99% of our customers stay on product maintenance for Anywhere, which is quite impressive.
And really, the most important metric to excel at. We believe that number alone speaks for the excellent support as well as the intuitive and very functional product that simply does what it's asked to do.
And finally, as a member of the PCI Security Council, we do keep up to date with the latest standards to ensure customers can use our products to maintain compliance.
Now here, you'll see GoAnywhere has partnerships with major operating systems providers including IBM, Red Hat. Microsoft and Red Hat. VMware as well as Splunk. This allows us to gain access to the latest releases and technical resources for testing and support.
The cool thing about going to our solution is that it's truly multi platform. For instance, you can start out by running on a Windows or an IBM platform today. But if your needs change, the flexibility is there for you to transfer license to another server like maybe Linux. And by the way, you can do that without getting charged for the transfer.
The slide here is just a sampling of our customer list. And as you can see, we do have customers in a wide range of industries. Almost any size company can use GoAnywhere from smaller IT shops up to fortune 500 companies. We kind of like to think of us as a Swiss Army Knife of this functional software.
File Transfer Challenges
Okay. Now, let's talk about some of the challenges that your organizations may be facing with your file transfers. Now, a lot of IT departments are using older technology and a variety of legacy tools to transmit files. Many companies do not have good error alerts when transfers fail. Some have to wait for their trading partner to call to indicate that they did not receive the file.
To add to these challenges, many end users are still sending files through unsecured email or cloud services like Dropbox without any controls or centralized management. Now, your organization might still be using PC based tools for transfer files.
It is often a manual process and is prone to human error and great risk. What if the user downloads or uploads the wrong file? Or what if the file contains sensitive information and the user forgot to encrypt it before transmission? Or maybe they actually do encrypt it but they use the wrong public PGP key. And by the way, who's going to run the transfers when the primary user is gone for the day?
With many file transfer tools, there are often no logs of where the files are sent, or at the very least, no centralized logging or single pane of glass to manage. This is becoming a real issue with auditors since many organizations cannot tell them that sensitive files are leaving the network. Because of all these vulnerabilities, it's become very difficult to meet strict compliance requirements using traditional transfer tools and manual processes.
In order to automate file transfers, many companies have built FTP scripts on their systems. However, these scripts have many downfalls. For instance, a lot of times, these tasks being translated to scripts require programs to be written, which can be a very extensive resource.
Every time something changes for the trading partner such as maybe a new IP address, password, file name, the programmer might have to get involved to make those changes. Not to mention, there's a real potential that there are multiple scripts that use the same connection information.
When something does change as mentioned, it can be a real pain in the rear to hunt down where that information is being referenced. These costs can really add up over time and distract from other priority projects.
Another huge problem of scripts is that your trading partner's passwords are often stored in the clear which can make those servers very vulnerable to attack. Many scripts are very basic in nature, and we're not programmed to have advanced file transfer capabilities like auto retry, alerting for failures or audit trails, which is why a lot of organizations have been looking for alternatives to this legacy approach.
So, what is managed file transfer? Now, managed file transfer, also known as MFT is a solution that allows organizations to control and secure their file transfers through a centralized framework. MFT covers all aspects of the file transfers within your enterprise and with your trading partners including batch transfers between systems, as well as ad hoc file transfers between individual.
MFT provides automation that you need for your file transfers protecting that data with strong encryption while provide any audit trails you need for compliance to strict regulations. Just looking at that step down graphic, you can think of a common scenario where a company needs to send file securely leveraging PDP file of encryption and maybe transferring that file via SFTP protocol.
Maybe you used to have certain employees manage that process and depending upon who they were sending them to would apply the appropriate PGP key and then use some PC client software to send out via SFTP. This is where that manual process performed by human beings are very susceptible to errors. Instead, you could use an MFT solution to monitor the file system for specific files, pick them up and call a project that applies to the appropriate PGP key and send to the correct associate SFTP server. All this by automating every step of the way and providing notifications of any failures or successes.
What is GoAnywhere MFT?
All right. Here, with GoAnywhere, we do believe that this is a best enterprise level MFT solution in the marketplace. This diagram and diagram does give a quick top down view of its capabilities. It is a pretty busy slide, but it will help frame we're going to go over in the demo portion.
Being a job application is pretty much operating system agnostic and can installed in most any OS including Windows, Linux, IBM i, AIX, Novell, etc. All administration can be formed right to the browser, so there's no need to download any client management software.
GoAnywhere connect as both the server side of things as well as reach out to other servers and services out to the client. For the inbound connections, we have listeners such as AS2, your FTP flavors like FTP, FTPS, FFTP, as well as an HTTPS web client hosting some pretty cool ad hoc ways for partners to easily transfer files securely.
As far as acting as a client, we can define connections to other servers and services that we define as resources. Now, sample set can be viewed in the clear box at the bottom of the slide, but we'll jump into a few of the resources when we get into the product.
What's really cool about GoAnywhere is what we can do when we get those files dropped off or how we move and manipulate files to send out to our trading partners and customers. This is where workflow automation comes in. Specifically, what we define is projects as a central theme.
Now, here's a look at some of the enterprise features listed out. Now, we've already mentioned a lot of these, but I do want to highlight a couple of the encryption capabilities. GoAnywhere does have the ability to provide end-to-end encryption by choosing secure protocols for transfer, as well as folder level encryption at rest by defining encrypted folders to protect those files using strong AES 256 bit cipher algorithm.
To do this, we have a fully functional key management system that can manage SSL/TLS certificates for any of your HTTPS transmission needs, file encryption or digital signatures. SSH keys to protect your SFTP transmissions. And finally, leveraging industry wide open PGP keys for file level encryption as well as digital signatures.
On this slide, we'll cover most of these items in the live demo, but I'd like to point out a couple architecture concepts with GoAnywhere. Now, starting at the bottom bullet point, GoAnywhere can be set up as a cluster for load balancing, performance enhancing. As probably most importantly, making your MFT solution highly available with an active cluster.
Talking to the security side of things, we have multiple options to provide multi-factor authentication for both admin and web users. Whether you're using certificates, SSH keys, radius, time-based, one time passwords, we can offer something a user knows like a username and password with something that they have, an SSH key, certificate, token, authentication application.
From a security architecture standpoint, we offer the GoAnywhere gateway pictured over on the right. This is not an appliance, but a service installed on the Linux or Windows machine out in your DMZ. It provides the buffer between your organization, your outside customers, or trading partners and your internal data.
As noted on the slide picture to the right, we do this all while streaming data in and out without ever staging files in your DMZ. And probably most importantly, we do not have to open up inbound ports from your DMZ instance into your internal network.
Now, just a quick run through on how this actually works. This being your private network, your DMZ where they're going over gateway services on that Linux or Windows instance, and then your outside customers.
So, what we do is we were going to spin up an actual control port from internal MFT. So, an egress port out that firewall to the DMZ and it's going to give its IPs, ports, basically all its proxy information to be listening on. So, when trading partners do come in, we'll say they're coming on traditional SFTP and port 22, they'll come into that gateway. It's going to use that pre-existing channel.
So again, not having to open up those inbound ports, come back and say, "Hey, I've got John Smith here. He's coming in on port 22. Here's his username, password, maybe SSH key, maybe both. If everything checks out, we'll open up a separate channel. And this is going to be a data channel, another egress port out that firewall. And this will go ahead and broker that connection so now data can flow in and out all without, again, most importantly, without opening any ports on this inbound firewall to your private network. So again, just another nice security feature to protect your information within the product. There's the erase all drawing there.
GoAnywhere Live Demonstration
Okay, let me bounce out of here for now, and let's jump right into the product here. So, what you're looking at here, we kind of quickly mentioned that this is going to be a web-based application. So, we don't have to download any client software. I'm going to be using Chrome throughout this demo, but you can use IE, Firefox, Opera, whatever the case may be.
By default, upon install, we're going to choose a port called 8000. These things are all configurable to you. A couple other things to note, if you do have a system name defined as we do here, this is actually going to be part of a two system cluster on a Linux instance. And then another environment variable which is not required, but it is nice to configure within the system so that you know what environment you're logging into, whether it's a demo environment, which you can probably be a little bit more liberal with some of your changes or if it's a production environment, so at least you have that idea of what's going on.
One quick thing too on the fact that it's a Java based application, it makes management from a sysadmin perspective. We've been a sysadmin for over 10 years before this. Really appreciate those types of things. From install, you'll notice it's pretty much a next, next, next install. We do ship it with a built-in Java derby database. That's kind of for you to get the product up and running within literally about five minutes. You don't have to get your DBAs involved.
After that, you can externalize it to your traditional enterprise database server, but also things like upgrades. Upgrading the product is as simple as pulling a file from our portal, putting it into a folder and running it batch files if it's windows. Maybe an SH command if it's Linux. Very, very simple process. So, a couple key things to note on that as well.
All right, I'm going to go ahead and log in with my admin credentials. With every administrator account, everyone is going to have their own dashboard, which is intuitively called My Dashboard. This dashboard has a couple different layouts. You can do a single pane, a few flavors of double pane, or triple pane layout as I have here.
What this is being populated with is one of 25 different gadgets that you can choose from whether you want to look at service status. Maybe you're a sysadmin, that cares about what services are up and running. Maybe recently blacklisted IP address from a security standpoint, or act assessments and job activity. You just click on it, it will show up on your dashboard and then you can kind of move things around. When it turns green, you can let it go.
And then also, you can click on the little hamburger icon to edit each individual gadget. So, maybe I want to look at just yesterday. Say that and we'll kind of see what's going on just from yesterday as far as recently blacklisted IP addresses.
Okay, one of the links that we'll kind of go through to get some basic concepts. First one is going to be this quick links. We'll talk about the admin and web users first. These are going to be two different exclusive users. Administrative users is going to be probably for the most part what you're going to see going through this webinar for me and the actual admin console.
But these are going to be the folks that are going to be logging in, doing some configuration changes, installations, creating service starters, things like that. Within here, we do have 16 different R back roles. So, we can maintain that job separation of duties and the least privilege.
So, you're only giving access to your administrative users to things that they need to be able to access. You're not just throwing blanket. Product admins is one of our most encompassing roles. You can really divvy out, maybe just want someone have the auditor role to look at log files and completed jobs. So, you can definitely keep that separate.
The other users and, again, completely separate, are going to be your web users. These users are the ones that you're creating to actually log in to GoAnywhere to leverage any service that you're offering. We quickly mentioned your HTTPS web client, your FTP flavors. Those are going to be the things that you're going to decide like on this features tab which protocols they have access to.
And then pretty important when they do get access, where do ... When they land, where can they actually physically go. We'll kind of dive into this a little bit later, but this is going to give them virtual directories and then you decide where the physical directories are, whether they have disk quotas, and then probably pretty important, the actual granular permissions they have within those directories.
All right, let's jump back to our quick links page here. Next one up is resources, and we'll dive into this a little bit. But here, this is a way to define connection information, other servers and services that GoAnywhere can leverage. So, this is kind of us acting as the client. These resources can contain usernames, passwords, IP addresses, basically any information need to make a successful connection.
Now, once your resources are properly defined, you can leverage them for use and reuse throughout the product and specifically within the project. Now, remember when we mentioned if something changed like an IP address or username, and how annoying it would be to update all your scripts or resources are your one place to make that change. So, if the resource is using multiple projects, you don't need to worry as it will reflect those changes wherever it is being used.
All right, up next, we got projects, and we'll go through a couple of these. This is going to be our workflow definition. At a high level, this is where you specify what to do with your data. You can almost think of projects as business functions replacing script files. Although projects are much more intuitive to build and much more flexible.
This is where all the workflow pieces and tasks are defined to move, store, manipulate data to your business needs. And all projects can initiate multitude of ways whether you're running them interactively by an admin or automated means through schedulers, monitors and triggers. And more on that in just a little bit.
Go back to our quick link. The scheduler trigger and monitors, just that. We do have a built in scheduler that you can use or you can use your own enterprise scheduler like maybe you have robot, Cisco Tidal, or Windows Scheduler or any other program you're familiar with. But you can define holiday calendars and give conditionals on what to do if your job falls on a holiday or even retry a job for a predetermined amount of time should it fail. So, kind of like built-in retry attempts on jobs that are not finishing properly.
Triggers, these are based off of web user actions. So again, those users that are logged in to GoAnywhere to upload, download via SFTP, HTTPS, whatever the case may be. So, that's for instance a web user uploads a file via secure folders, or SFTP, you can kick off a project and manipulate the said data and processes as directed. Or maybe you just simply want to send an email to the appropriate personnel to notify them that a file is available for processing.
Monitors, and we'll take a look at this as well, are going to be monitoring the file system for data creation, modification, deletion, or even simply if a file exists within a specific folder to kick off a project automatically.
Now, our audit logs here. The GoAnywhere audit logs. We'll use all web user activity within the product. You'll notice it is divvied up by service protocols. But also, it will administer or audit all administrative activity within it, so we can see what changes are done, when they're done, who's doing the changes. As we all know, auditing and accountability is very critical for any regulation no matter what industry you're in. Those guys definitely want to know that you know what's going on within your system.
Reports. This is going to be all the audit logs that we are gathering. They can be used to generate PDF reports about system activity usage. They issue automatically to the appropriate staff who administer the system, so for management, for snapshot status of what's going on, or they can be run on a scheduled basis.
The completed jobs, we'll kind of look at this a little bit more as well. This is kind of auditing on individual product project basis. Every project that runs creates a unique job ID so you can always view the job details as needed.
And finally, we got a cue job section, which here we don't have any cued jobs, and that's where it will show up, but it kind of goes towards more of our job queue manager. This can allow for prioritization of jobs. So maybe if you have certain SLAs, those jobs can be set with a high priority, 10 being the highest.
So, this one looks like high priority job that queues. It's got a priority of 10. Whereas with other jobs that are normal or have low priority set, you can set that too. Again, if this is most like a low priority, set to two.
Okay. Let's kind of jump in to some of the features of GoAnywhere. We'll start with resources. So this is, again, where we're going to define certain connections for us to act as a client to reach out to certain services. I'll just touch on a couple like maybe your Amazon S3 buckets if you guys are using those. You'll just provide the information here.
Every single resource has a test button. So, it's going to basically be your sanity check that everything that you put in here is actually correct. So, we can hit that test button. It's checking for network connectivity, obviously. And then it's also going to check for any credentials that's applicable, or in this case access and secret access key IDs.
If you get that resource test successful, that's a good thing. Now, we can actually leverage that resource within projects. Azure Blob Storage, a database server is very, very common one as well. It's pretty straightforward. We do load the most common 2.0 drivers here. So, you'll grab the driver.
URL is probably not the most intuitive thing, but we do have a URL wizard. So, if we are using an I series database, it looks like we just need to provide the IP address and you can hit that generate URL, and I'm not going to select this one, but this you can just hit select and it will plop it right in here. And then your DVA whoever is managing that database can give you a username and password. Key point is, again, we have the test button to make sure that we can actually connect to that.
Another one that's pretty popular. Again, I'm not going to go through all these. Network shares. For obvious reasons, this can be destination locations for web users to drop off files or pick them up. Or maybe origination folders for folder monitors to look for certain files and then grab that file list and call a project to do whatever we're going to do, which we'll do an example of that as well.
These can be simple things from maybe doing an SMB share or native to the operating system, define the host, user and then the actual user account that you want to use to connect to that resource.
SSH server is very, very popular as well, in particular SFTP. I'll pick this one down here. Pretty straightforward, put in your host, port, username and password. If you are using or if the person you're connecting up to is requiring an SSH key for authentication, that's where you can go into our key vault and select the key name.
Where's this coming from? I'll kind of bounce out of here real quick, just to give you a quick look at our KMS that we mentioned earlier. This is where you can manage not only SSL/TLS certificates, but SSH keys as well as PGP keys. Whether you're creating them from scratch, you can do all of that.
SSH and PGP keys are pretty straightforward, but you can do self signed certificates. You can generate the CSR straight from our product. And then when you get the CA reply from VeriSign, or GoDaddy, or whoever you use, you can import that right here. Or you can import all these keys if you already have them available.
So, once they are imported in there, let's jump back to that SSH server and kind of take the ... That's where we can actually select those keys should they be asking for it. Another quick thing to kind of look at, I think it's important for connections like your SFTP connections or any kind of connection oriented to definitely define retry attempts.
So, you're doing your due diligence on the client side to make sure that you have a successful connection. These are things like maybe router reboots, or Just some sort of small hiccup in the network connections. So, your project that's using this doesn't just flat out fail and has to wait till the next time, we can try and do those automatic retry attempts here on the client side to ensure that actual delivery.
Okay. So now, we've defined a couple resources. Let's go into our projects area. And we'll go into ... Let's go down to my section here. Let's go ahead and start from scratch. We'll look at another project, but let's just start from scratch to kind of get you familiar with the project designer window. We'll take the example that we kind of talked about in the beginning, maybe PGP encrypting a file and then SFTP and out the door. So, we'll just do PGP to SFTP.
One thing to note, when you first get into the product, obviously you're probably not familiar with projects. We do have about 40 or so different templates that will give you a skeleton base of certain common functions. So, if we were doing PGP as in this case, you can just type in PGP. And it will pull all the PGP tasks that are in these template projects.
So, for ours, maybe we're going to ... Not database, but PGP to FTP to be one. You can kind of pick out those pieces. Again, to just give you a good idea of how this actually works if you want to. We're just going to go from scratch, so we'll go and open this one up.
This will give us a chance to look at this product designer window. So, this is where we're building out our business functions. We have four separate areas here as you can see here. The first one, the component library, this is going to be where your action items are. So maybe connecting up to a database to do any SQL commands. Maybe some common file system tasks.
We talked about doing an SFTP connection, which we'll kind of go through. Maybe an SFTP put connection as well as we talked about PGP. Whether we're going to encrypt them and maybe digitally sign them and then send them out the door.
Also, a lot of job control where you can do and get very granular and what the actual business function is doing. Point being, when you do select a task, you can drag and drop it in there, you can double click it into your project outline window, which is your second one here. And this is just that. It's a graphical depiction of what this function is going to do and it's going to go step by step.
You're looking at the three different, I guess, components within the project outline. The black P is your project, and that's kind of just your placeholder. So, if a monitor trigger or whatever is calling this project, it knows what to call. You can have modules in there, and modules are going to be kind of a common grouping of certain tasks. You can have as many modules within a project.
And then here, the task level is going to be just that. It's going to, in this case, we're going to do a PGP encrypt task. So, that will just build out your project here in the graphical menu.
This third window here, this is where we're going to do a little bit of some of your attributes to the tasks that you are dragging into the project outline. In this case, PGP encrypt will have a few things like, "What am I encrypting? Who's got a couple different sources of input files?" And we'll go through that in a second. Which key am I using is very important. This drop down list is going to be populated by the keys you either created in the KMS or that you imported in that came out.
This final window over here, variables, we do have system variables that are always available to you. A lot of these here are pretty self-explanatory, like system job log will actually attach a job log to me via an email. We're going to kind of go through like a system job workspace is a variable that's going to create a temporary directory.
So, a lot of the file manipulation and movement, so you don't have to physically put them in locations. You can put them in this temporary workspace, and then at the very end kind of delete out that workspace once you've had that final product go through.
One thing that we'll bounce out on them, we've got a couple other variables. One is called a folder variable and I'm going to kind of kick out of here and we'll kind of read it out in a second.
When you first go into projects, you've got this folder tree structure and that's completely up to you. You guys design that how you want to do it. But the folder variable is you'll notice, we can pick a folder and actually edit. And we can define some variables at that folder level.
Now, this is usually going to be for common variables that you're going to use. This is just a help desk email group. Although it's my individual address. It's probably via distribution list. It's going to all your help desk staff. This one just being a common SFTP resource maybe that I use all the time.
The point being is any project that I define underneath this Dan demos folder and any recursive folder underneath here will be populated within that. So, let's go back to PGP to SFTP. Recreate that. So, you'll notice ... Oh, never mind, it did say it. Okay. We'll go back into that one.
You'll notice when we first created that, those already got created. They're automatically in there. Some of the things that we'll look at when we build out this project here, you can have what's called output variables, which is very, very common.
So, in this case ... Oops, I don't want decrypt. Let's do encrypt here, or drag it in there. Come on in there. There we go. So, if we have an input file of we'll just say whatever.txt. It's going to be our input file. The output file, we could put as ... Or actually, the output directory. Maybe we're going to want to use that system job workspace, which I'm going to show you here. We have to create the workspace for us first. We'll kind of look at that in a second.
And then maybe we want to hold the contents of this here into an output files variable. We'll just call it PGP files. I know it's a single file in this case, but we'll kind of see how this worked. And maybe you want to keep track of the process input file or the original file. Just kind of showing this so we can see that those output variables get automatically created over here.
And then the last variables here can be user defined or project variables that you can throw in here. And this could be whatever. You can give an initial value, or maybe this is just a placeholder so you can pass in a parameter at runtime. So, that will be your project variable.
All right, I'm going to go ahead and delete that here. Let's go and build this out as an individual file that we're going to go and PGP encrypt. We have to select the key. So again, this is going to come from the KMS. The keys you either created or important, but this will be the public key of whoever you're sending it to. And then we want to turn around right away and do an SFTP put to send those files
Now, the SFTP server, this whole list here is being populated by the resources you defined earlier. Let's grab that AWS one here. Put files. The source file is going to be in ... Again, we'll put the PGP files as the output and destination directory. When I hit the ellipsis, it's going to browse out to that SFTP server that I defined. So, I'm going to choose an S3 bucket as my resource. And then we'll go ahead and actually move the original file from this location to a process folder.
And so we'll take the original file, and we'll move it out to a network share. And this will make more sense when we do the monitor here in just a second. And we'll go to monitor and process. Okay. Now, all these things can happen. And just real quick, we can do some error trapping as well. So, in case something fails in here, we want to definitely grab that, so let's grab a module. And we'll just call these errors.
So now, we need to define, well, if anything happens in this main module, so any of these paths. I want to, on error, I want to call a module, and we're going to call that error's module. That's the case. And all I'm going to do is pass focus that error's module and let's just send an email and we'll select an SMTP server. Again, a resource that you have to define.
I'm going to leverage my folder variable, although it's not going to a group, it's just going to me. Project. Failed. Let's call that whatever. And then here, we can leverage an attachment and use that system job log as a file attachment. It will just be the text file of whatever failed there. So, let's go ahead and save that.
Now, this one here is not the best example because we're taking an explicit individual file. But what we're going to do is take this PGP to SFTP, and let's build a monitor to create or kick off these projects. So, let's go to the monitor section. I think we got one here. We can just modify.
The monitors section here is going to, one, take the monitor location which could be local or network share, which can be obviously the network shares you defined or Amazon S3 buckets or blob storage. You'll select the folder by hitting the ellipsis. I've selected the folder here.
What event type, created or modified. Explicitly created, modified, deleted, or file exist is what I'm going to choose. On the schedule here, you can do it throughout the time of day how often. So this one, just for demo purposes, we can see it actually in action. I'm going to do it every 15 seconds, Monday through Friday.
The key point is it's going to kick off a certain project once we get a hit on that folder. I did a quick test. Let me change that to the one we've just created. And PGP to SFTP. And the key point is here, every monitor is going to build out a variable that's going to have a file list of those files whether it's one, five, 10 or 100 files to pass into that project as a parameter.
So, I'm going to make sure that's inactive for now. Say that. So remember, we're monitoring that file, that folder. If any files come in there, when we check every 15 seconds, it's going to build out that list and call that project we just created. So, we've got a little bit of modifications to do here, because now the PGP encrypt task, we're not putting an individual file in there.
We're actually going to pass in that input file is variable, which is that files variable created by that monitor. We're still going to put the file because this is a complex variable. It could be one file, it could be 10. We don't know. So, we'll put an output directory putting that system job workspace that temporary space. And we're going to have that output files variable, meaning everything that gets PGP encrypted. We're going to put it into this PGP file that we created.
And if we want to keep the process input files, the original files, maybe we want to archive those. We're going to go to the SFTP task. We already did that. We're going to put, and instead of source file, now it's going to be that source file's variable, PGP files, and that's the output from that previous step.
Destination directory, we'll leave it there. And the move is going to be it can be original file, but since it's coming from a monitor, you can also do this because the file as that comes in ... Oops, we don't want it on the file section. We want it in the source files variable. And we're going to put those in the process folder.
If anything goes wrong, we're going to send an email out to say, "Hey, something went wrong." All right. So, let's say that. The actual folder we're going to be looking at is this folder, this monitor folder. So, we should just see this test.text when we open up this monitor. And let's go ahead and enable that monitor here.
Monitor, make sure I'm calling the right project. PGP. Okay. Let's go and save that. It's going to do a snapshot of that entire folder, so that in 15 seconds, it's going to look for what's changed in there and we just chose file exist, so it should. Let's go back that monitor folder. We should see that this one disappear, and it should end up in the process folder. In about two to three, four, five seconds. There we go, so it disappeared, showed up in the process folder. And now we can look, if we just go to our completed jobs list. Now we can see that project name and we can open up the jobs list and go through that individual project.
So, we did the create workspace. We added the public key of the person we're sending it to. The actual resource file was passed in from that monitor. One file was encrypted. We did a PGP task and then we did the SFTP. And then we moved it to the process directory here, and now we're done.
So, that move was kind of from a folder monitor perspective, because that monitor is going to keep going every 15 seconds, and we're just looking for file exist, so we definitely want to move that file to another location or delete it so that we're not processing that same file again.
All right. So, monitor is one way to kick off projects. Schedulers is the other way and these are pretty straight forward. You can build holiday calendars to signify which days the holidays land on. And within the actual calendar here, you can decide, "Okay. Hey, I'm going to choose that holiday calendar that I defined. And if something does fall on that day, I want to skip the project to a previous or next business day."
The repeat options here, this is kind of a schedule within the schedule, or I like to think of it more as like an auto retry. I think the job fails is a very, very common one. So, if this job fails, I want to repeat it for a two hour window every 20 minutes. Email Notifications. Again, if the job fits successfully or fails, and then project variables.
If the project that you're scheduling has actual user defined or project variables as we noted within that original project, they'll show up here. And actually, if they do have project variables, that's when you can do things like specify conditions met. Maybe you're looking for a number of files variable and you wanted to equal or be greater than five before your kickoff this project.
Monitors, we kind of took a peek in it. So, kind of breeze through that one. Triggers, we should have gotten an email of doing that upload that we just did. But there's a lot of different triggers. I'm going to go to the most popular one, the upload successful trigger. So, we've got one set here. And this will open up for me.
So, the first condition is a file gets uploaded successfully and we're going to look at any service. I don't care what service it is. The second condition in this case is going to be event username, which is web user equals DFreeman. So, if DFreeman uploads a file successfully, I want to, and in this case, I'm going to send an email to function, but you could do things like call a project, which as you saw, you can be very, very granular with that, or maybe just a couple copy, delete, moves, renames or maybe executing a native command.
So, just things from a web user perspective, anything that they are doing, whether it's file upload successfully, whether it's their account gets disabled. They try to delete a file, they're unsuccessful. There's a lot of different conditions or triggers that you can use to kick off certain action. So, make sure that people know what's going on when that stuff goes.
All right. And by the way, let's kind of look at that. So yeah, here's that email that came in 10:39 when we just did that upload. So, it's just saying, "Hey, by the way, there's your trigger that kind of came through. 100 really put in an email. That kind of shows you that trigger kicking off. All right, let's switch over to the server side real quick. And I'm kind of looking at the time here.
The server side is pretty straightforward. What you're looking at here is going to be all our service listeners. As I mentioned, this isn't an active, active cluster. That's where you're seeing two copies of these. Your HTTPS web client. Your FTP listeners go fast very, very quickly. They file acceleration protocol, proprietary to GoAnywhere.
An agency is going to be kind of remote services or actually little programs that are installed on remote locations for kind of that remote file manipulation to connect out to maybe, again, like remote location that you might have or maybe even trading partner sites. If they don't want to set up an SFTP server, you could actually install an agent to connect back into GoAnywhere.
I'm not going to go into details on how to set these up. They're pretty straightforward. You're going to pick a port that you want them to listen to, and then maybe slap an SSL certificate on pretty much all these HTTPS, FTP, FTPS. GoFast and Agents, or an SSH key as far as SFTP is concerned.
All right, one quick thing here. Let's go to the web users. Let's look at my DFreeman account. Again, before we log into the web client. On authentication, you do have authentication types. So, in the case of HTTPS, maybe we do want to leverage radius or TOTP, SFTP. Maybe we want to do some dual authentication using SSH key as well as username and password.
Again, the features going to be what you give them access to. This horizontal column is all the HTTPS web client features that are available out there. We'll go through these quickly. And in the folder section again, this is what you're going to give those people access to once they do connect up to your system.
All right, let's go to the web portal quickly and let me log in here. And the web portal is going to be a lot of the ad hoc ways that you can have people share files securely. First one, we'll start off with ... It was called secure folders on every version up until the latest one that we just released back December 12th, which is 6.0, which is what you're looking at. We've kind of condensed it to files.
And again, complete overhaul of the web client, but kind of a moot point to you guys, because I don't know if you've seen it before anyway. But secure folders, this is a really good either supplement or replacement to traditional FTP type transfers. Maybe you have an organization that you deal with that doesn't have an IT staff or they don't want to maintain files that are WinSCP or any kind of client. They can just come to the web client here and just take files.
I know my Windows Explorer is on the other side, but they can drag files from their desktop and just drag them right into the web browser. It says just let go, and those files will pop up right in here. For your use to either whatever you want to do here. This is, again, this folder structure, this is going to be defined by the administrator. So, again, just a quick easy way to drag and drop and share files as you see fit.
GoDrive, it's going to emulate everything that secure folders can do, but the difference is, couple differences here, you are not as an administrator defining what they have access to here. You turn on the GoDrive feature, and then the users can create their own folder structure. Everything in GoDrive is on your internal network, wherever you want to put it and it also is AES 256 bit encrypted at rest.
Administrators can't go back and kind of look through these things and browse through them. It is completely encrypted at rest. A GoDrive from, I guess, high level here is kind of your collaboration software like maybe a SharePoint, Box, Dropbox. One of the key things that we added in version 6 was the ability to share via public links.
We've always been able to share via secure mail if you want to. You could share via GoDrive, meaning the other person has to be a GoAnywhere user. But the public links is kind of a nice one. It's a big request from a lot of our folks where you can provide a password if you want to, you can do expiration date, and then choose whether they want to just be able to download on view or be a contributor to those either folder or files that you want to share.
A couple other things, you can do things like revision history if you want. Trash bin, you can have a certain time that you can recover files, things like that. So, it's kind of our collaboration. It's nice because it is on-prem. It is encrypted at rest and you have come control of what goes in and out of your network. Whereas some of those cloud services you do not.
Okay, let's move quickly to the secure mail here. This is going to be a web client version here, but you can also do an outlook plugin should outlook be your email client, but it's kind of nice too. And this is, again, something that you guys probably aren't aware of.
But before, you kind of had to compose a message now with the navigation here, we can just kind of take files and drag them right to the compose section and it will launch that right there. Automatically attach that and we can go ahead and send out those emails.
Lot of different options as far as how they access the files, but the main part, again, this is also a directed at AES 256 bit encrypted, but it will take all the contents, put it in the packages directory in your internal network, replace it with a URL link to send out to folks that can click on it. Again, however, you want to do it via password, whether it's just URL protected or whether you have to be a registered user on an account to actually come in and read those.
Lastly here, we've got secure forms. I'll kind of just show you a quick one very, very simple. This is a chance for you to build out a form on the page here. This is a very simple one, a help desk request option. We can fill this in. This would be the user filling this in. My machine crashed. That's pretty specific. And then maybe drag in a log file. This isn't really a log file, but we'll just drag something in there.
The point is with secure forms, each individual field is tied to a variable. So, when I hit submit or the user hit submit, what's going on in the background is it's actually calling a project similar to like that monitor called a project. And it's using all the fields that are tied to variables as parameters to that project.
So, very quickly, let's go to that project, secure forms, help desk. And this project is very, very, very simple. Just for logging purposes, printing out each individual, variable that I defined on each individual field and I'm just sending an email saying, "Hey, this is going to the help desk group." Name of requester, operating system, description of issue, and then I'm attaching the actual file.
So, if we look at our email, hopefully it came in. So, there's that email that just came in. We've got an email. That's the file they uploaded. John Smith, Windows, my machine just crashed. Again, super simple example. You could do things like data validation on a back end database. Lots of different options from the secure form standpoint.
Okay. All the stuff, and I realized the time here. I do want to look at from an auditing perspective. So, everything that we've just been doing should be in our logs. Looks like here from administrator standpoint, DFreeman did monitor or did change this project webinar, PGP to FTP. Kind of see all those different things, all the different things that I've modified in the last few minutes to our HTTPS.
So, we should see those uploads. Well, this is also a secure form. We did the submit form, upload file. All the different things that I downloaded, added attachments, we're going to see all those things. That one file that we uploaded, it also kicked off a trigger. So, you can kind of look at the trigger that it actually kicked off. And what happened was successful, all those things. You'll notice that pop that right down to the triggers log, so you can kind of come in here, see all the triggers activity.
Completed jobs is going to be probably one of your most common areas to be whether it's in the audit logs or whether you just kind of go from it here. This is where you can get a good description of the text file of everything that happens with each individual job. And then the file audit. Anything coming in and out of GoAnywhere is going to give you a file audit, whether it's by source, destination file name, who actually did the actual transfer, all those things are going to be audited within here.
A couple other quick things. All these auditing, we did talk about reports. I'll just show you two. What's a really good one that a lot of folks like is the security settings audit report. This will go through and run through about 76 different configurable settings, but they can go anywhere. And just to give you a quick snapshot of, hey, you passed, you failed, or warning. It will give you mitigation steps should you fail.
And for now, we're matching it to the PCI DSS section looking to add maybe some of the NIST framework as well to kind of map those. I know it's a little bit more popular as well. And then just added in 6.0. No, there it is, product usage report. This is also nice, a quick snapshot. Not only will it tell you your architecture, what you have as far as gateways, clusters, but also activity report, so here's your system and cluster, domains, gateways, all the resources you have, but also some of that activity stuff. How many file transfers do we have per protocol? Again, nice, quick snapshot of what's been going on. In that case, I did buy on that first week.
Let's see here. I know we're running out of time. I'm going to skip the slides. I was going to kind of mention cloud connectors. That came out in our previous version, 5.7. There are a couple slides on it, but I'm going to skip it just from the time perspective.
But Cloud Connectors, you can come in here. If you add Cloud Connector, we can go into our marketplace. These are getting added constantly. I think when I did the 5.7 release, we had seven, we have 27. You can see there's all kinds of different ones in there, lots of AWS ones, Azure, Box, Dropbox, Google services.
The point being is you can install them. There's a price tag to them. Once you install them, then they'll show up as resources, and we'll pick on my EC2 ones. I just got a project real quick here, but you can hit add Cloud Connector. If you install it, it's going to show up in your Cloud Connector, Dropbox.
We'll look at the EC2 one. You just put in your information, so everything up in here in AWS. You're going to want to see and put that stuff in there. I'm going to run one real quick. Let's look at our EC2 instances, running instances. And let's go back here. Obviously, get the test button, make sure everything works. We got success. Let's go to an associated project real quick.
Cloud Connectors, and this is one I'm just doing every week. I'm going to shut down certain instances, so they're not running over the weekend. But now, we've got in our component library, we've got all these Cloud Connectors that we've defined, and we're going to look at the EC2.
So now, we've got some custom tasks as easy as just dragging and dropping up in there. In the background, there's probably a lot of rest and post, stuff going on in the background for these stop instances and delete volume, all these different things.
But in this case, I'm just using a stop instance. I'm defining about five different instances. I'm doing a delay of two minutes and stopping because this is the backend database server.
So, if I execute this, what we should see, and I'm going to escape and kind of go to an active jobs. Just kind of see what's going on. This is cool too. You can look at an active job as it's running and see the log file being written out as it's going. So, it looks like it is stopping the instances. Those five or six that we had. So, if we come here to refresh this page here.
Okay. Now, it looks like they're stopping. So, all those are stopping. And then when these get done, this one, ProServices DC, the one with the delay, that will stop after those are done.
So, just looking at the time. The Cloud Connectors are just a really nice way to leverage things like Salesforce, Box, all those things. So, you can have centrally located here, again, with that single pane of glass from an auditing perspective, making it really, really simple just from a drag and drop within that project designer window to do certain tasks on a scheduled basis or ad hoc basis. Whatever you see fit.
So again, I apologize. I didn't have a whole lot of time to go through those Cloud Connectors, because they're definitely something we're proud of. They keep pumping them out just constantly, but something definitely worth looking at.
With that, just kind of went through and showed a few of the features, and I apologize with the hour. There's just tons and tons to go over and go anywhere. Just want to get you a good feel for the basics. Hopefully you guys got something out of this. And hopefully, this stuff can show how you can manage your data in a secure and automated fashion. And again, key point all within a centralized location. With that, let me skip those slides here and let me kind of pass the mic back to Brooke. Brooke?
Brooke: Hey, thanks. Yes. So, real quick, if you're interested in giving GoAnywhere a spin, we do offer a free 30-day trial, but you can download from our website. And if you're already using GoAnywhere instructions on how to update to 6.0 are on screen. So hopefully, that is explanatory, but if you have any questions, our contact info is on the screen. Dan's email in our general contact info as well. So, feel free to reach out and we're happy to help.
So, we've got a few minutes left. We'll take some questions live. For those of you who need to drop off or have already had your questions answered, I just want to thank you for joining and we hope you have a great day.