Secure and Automate Your File Transfers for IBM i

Thank you for viewing for this on-demand webinar. If you have questions following the webinar, please contact us. You can also download the presentation slides here.

 

About the Webinar

Using IBM’s built-in FTP and Open SSH servers to transfer files to and from your IBM i systems can be time-consuming, if not riddled with meticulous details. From scripting knowledge to running commands, there’s a lot to consider – and the safety and integrity of your files is most likely at the top of the list.

GoAnywhere MFT automates and secure file transfers on the IBM i platform using Secure FTP, OpenPGP, and other popular protocols and encryption standards. To learn more about why so many IBM i shops are switching to GoAnywhere MFT to automate, manage, and log their SFTP transfers, watch this on-demand webinar.

Transcript

Patrick: Thank you for attending this power cast: Secure and Automate Your File Transfers for IBM i by HelpSystems. My name is Patrick [inaudible 00:00:15], admin assistant for [inaudible 00:00:17], and I appear on your screen as the webcast host. If you experience technical issues during the presentation, send me a chat message using the dialog box bottom right of your screen.

If you would like to send a written question during the presentation, use the Q&A area in the lower right section of the screen and select to send to the host and panelist. The presenter will answer your questions at the end of the presentation as time permits. A little bit about the speaker today. Heath Kath is a senior solutions consultant at HelpSystems, working on GoAnywhere managed file transfer product line.

He provides presale support, specializing in demos and proof of concepts. Heath has over 27 years of database experience, accessing and distributing data around the IBM i, including 11 years working at IBM. With that, I'm going to pass it over to our speaker today, Heath Kath.

Heath: Thanks, Patrick. All right. Let's see here. Make me presenter so I can share my desktop, if you don't mind.

Patrick: You now have control.

Heath: Perfect. Thank you. All right. Well, thanks again for the introduction, Patrick. Appreciate it. Let me jump forward a little bit there. All right. Well again, thanks everyone for joining us today. I really appreciate it. We're going to start off here today by running through a quick overview of our company, it's HelpSystems.

And then I'm going to start off with the presentation by talking about some of the common challenges that many organizations are experiencing with their file transfers, including both the system and user file transfers within their own organization. And then next, I'll talk about what I believe are the best practices to solve those challenges, including discussions about secure protocols and managed file transfer solutions really to try to meet your compliance requirements.

Then, I'll give you a brief overview of our managed file transfer solution called GoAnywhere managed file transfer. And we'll dive into a live demonstration and really kind of showing you around the product. I'll actually cover both system to system, batch file automation as well. How files can be shared securely by your end users on an ad hoc basis.

And at the end there, as Patrick stated there, if we have time, then we'll jump back into some Q&A, some questions. If not, I'll definitely follow up with afterwards. So let's go ahead and get started here. Well, with HelpSystems, we started back in 1982. That's over 35 years ago. I've actually been with HelpSystems for 17 years. So if you have any of the robots or automation products, I may have spoken to you in the past year.

But we now have over 650 employees in 25 offices worldwide with over 16,000 customers. The majority of the GoAnywhere team is located in Ashland, Nebraska, just South of Omaha; with our headquarters located Eden Prairie, Minnesota, the Minneapolis area where I'm located. Our focus is on delivering the best cyber security automation and operations solutions to organizations of all sizes, including S&B, the government and Fortune 500 companies.

We do believe in providing our customers the best customer service. We offer support via email, phone and online chat. We do offer support around the clock, 24 hours a day, 365 days a year. You'll find our research and development team in our Ashton office along with the support and also the majority of the sales staff. Our development team have a very active schedule, with two to three major releases a year.

Many, if not most, of those updates are primarily based on the valuable feedback from our user community. So we love to hear from our customers. And as a testament of our excellent support team, our solutions and the service that we provide, we have almost 99% customer retention. I really think that our product and those that contact us and support especially really play a huge role in that.

We are also a member of the PCI Security Standards Council, which allows us to keep up to date with the latest security requirements and helps ensure that our product stays compliant. So let's talk about some of the common file transfer challenges that many organizations are facing today, and maybe you as well. First of all, human error is a big problem.

Unfortunately, many companies are still using those PC-based tools to transfer files, and since this is often a manual process, it is really prone to human error and risk. For instance, what if the user sends the wrong file or forgets to send the file, sends it at a wrong time? This could be an important order or some key finance financial document, and the delay could cause some huge effect, affecting your relationship with that vendor or customer.

What if the user downloads or uploads the file to the wrong trading partner? Maybe they accidentally sent the wrong price and list with special discounts that were intended for another customer. That also could be very bad for your business. What if it contains sensitive data and the user forgets to encrypt it before the transmission? Another thought: who's going to run those manual transfers when the primary user is gone for the day? For instance, if they're out sick or on vacation.

These are the risks when manual processes are being used for your file transfers. And again, I'm sure many of you guys face those today. Secondly, a lot of IT departments have a lot of inefficiencies with their file transfers. They may also be using unsecured technology; the old technology like FTP or maybe using the old traditional emails to send out those attachments, those documents.

Now, in order to automate the file transfers, a lot of companies have built FTP scripts on their systems. However, these scripts have many downfalls, and one of those big problems with those is that your trading partners' passwords are often stored in the clear, which can make those servers very vulnerable to attacks if hackers get ahold of them.

FTP scripts are written by programmers, and we know that that can be a very expensive resource. To write the scripts properly, these programmers should be able to code or include in those scripts to perform like auto retries and self connections, send out air alerts and write out good detail logs, audit logs, really tracking what's going on with the file transfers, which can really take a lot of time to program properly.

Plus every time something changes, say for a trading partner such as their IP address for the server or maybe the password of the file name changes, then the programmer has to get involved again to make those changes within those scripts. These are all additional costs, and they can really add up over time and distract your expensive IT resource, taken away from the other priority projects that they should be working on.

We have talked to a lot of organizations that have hundreds, or even thousands, of those FTP scripts. And over time, those become very, very unmanageable. It's just too much to manage, almost impossible. Another problem with file transfer today, for a lot of organizations, is that they may have an end user that jeopardizes the sensitive data by downloading it first from a secure corporate server, a less secure PC or laptop, making that data much more vulnerable to attacks.

For instance, the user has to download an ACH file from the server before they use their PC tool to send it to the bank. In that instance, the user may forget to remove the file from the PC after they have transmitted it. And since PCs and laptops are often more vulnerable than back-end servers, that file could be attacked by a hacker. Also, email is frequently used to send sense of data.

When a user sends a file as a regular attachment in an email, that attachment is not encrypted by default, which also makes it very susceptible to theft. The users, they also have their own free file sharing services like Dropbox. They are using to send files through without any type of really controls or audit controls or really security behind it, and for IT departments, that becomes a really huge nightmare.

So with having a good internal policy for your end users and file transfer would be key, but they don't have it today because they're using these tools to move their files around that are not secure. They don't have that auditing. They don't have that tracking. They don't have that ability to track it all. And finally, another big problem with file transfer today is that a lot of scripts and PCs tools just don't have good alerts if you want to test for fails.

Sometimes you may have to wait for your trading partner to call you and to alert you that they did not receive the file, and maybe by that time it's too late. Maybe some Heather impacting going on there. But with these legacy tools, there's often no logs of where the files were sent. This is becoming a real issue with auditors since many organizations can that tell or prove what sensitive files are leaving their organization.

For instance, can you quickly tell what files have left your network on a given date or time period or by which user? Because of these vulnerabilities and lack of reporting, the log-in that is really needed, it's becoming really difficult to meet strict compliance requirements using those traditional tools and processes. So for best practices... What we recommend, first of all, is that you move away from standard FTP and email for sending sensitive files.

Instead, use secure protocols like secure FTP, AS2, HTTPS, as they really offer strong authentication and encryption technologies to really fully protect your confidential files. Those files should not only be encrypted when transmitted across the internet, and even within your own internal network, but they should also encrypt those files at rest whenever possible, especially if you're staging those files in a DMZ, which is that public facing portion of your network.

The automation of file transfers will remove that manual process and the need for vulnerable PC tools. These automated processes should alert you immediately when file transfers fail, instead of waiting for the trading partner to tell you that the files were not received. And to help meet those compliance requirements, you should be able to keep at least a year's worth of audit logs of file transfers activities.

Plus you should be able to quickly generate reports on those audit logs; maybe filtering by that user, date range, time range, even by the file name. And to bring this all together, we really recommend that you look for what's call the managed file transfer product, also known as MFT. But these MFT solutions, they allow organizations to control and secure their file transfers through a centralized framework.

MFTs cover all the aspects of file transfers within your enterprise and with your trading partners. That's going to include any batch transfers between systems as well as any ad hoc file transfers initiated by your end users, either with other users or within your back-end servers. MFT solutions or systems provide the automation you need for your file transfers, protecting that data with strong encryption protocols, while giving you that audit trail you need for compliance with strict regulations.

So MFT really does bring it all together, and it helps you solve many of these challenges I had mentioned earlier. This kind of leads me into GoAnywhere. GoAnywhere is our managed file transfer solution here at HelpSystems that we have developed and sell around the world, and we do believe it's the best enterprise-level MFT solution in the marketplace.

This diagram gives you a quick overview of its capabilities of whom we can share files with. GoAnywhere can be installed on most operating systems. You can install it either on prem or within your own cloud environment. And then you can use it to connect with all your various trading partners, from customers, vendors, internal systems and so forth.

You can also connect to many cloud connectors like Box, Dropbox, SharePoint, Google. You can use GoAnywhere to initiate file transfers and to accept files from your trading partners. So it handles both inbound and outbound file transfers through both badge and ad hoc type requests that can be initiated through the product.

On this diagram, it gets a little more detailed on how all the different types of systems that GoAnywhere can communicate with and how. So if you kind of look down below, this kind of shows all the various platforms and services and so on. But let's start off initially with the platforms. With the platforms here, you can actually install GoAnywhere on many different databases. It's always agnostic from Windows Lenox, the IBM i and so forth. It's your choice.

As for file services, you can use secure FTP, FTPS, HTTPS, etc, for your file transfers. So let's say you have a file sitting on a Window server or maybe on a Linux box or of course, the IBM i, the integrated file system and the IFS. You can use GoAnywhere to connect to those systems with whatever protocol and credentials you like within the product, as long as you are authorized to access those files, to then push and pull files through the product.

We also have cloud services: Amazon, Azure Blob Storage, AWS, and also Microsoft Azure Blob Storage. We continue to add custom cloud connections to GoAnywhere, of which then allow you to easily integrate with proper SOAP and RESTful web service applications like Salesforce, Box, Dropbox, Microsoft Dynamics, and so many more. GoAnywhere can also connect up to your backend databases.

You may have information stored in certain database tables; you can extract that information and then translate that data into various formats. I mean, to be able to connect up to your SQL server, MySQL, Postgres, SIS base, etc. It gives you that power to go out there and read those tables; read and write as an X amount, text, Excel, JSON and other formats.

We can build these files and then send them off to your trading partner, or maybe you need to parse them out and then import those into your database. Now, as a part of an overall workflow, GoAnywhere can also do some calls out to your existing applications. Maybe you have some existing scripts or programs on let's say the IBM i of which you need to call.

We can call those applications, even passing in parameters, getting results set back, and then process them through the workflows. Last but not least, you can install what it's called our GoAnywhere Agents or MFT Agents. Agents allow you to connect to remote systems as if it was a local connection. Maybe there's no good way to connect to them otherwise, to either trading partners.

Maybe they are not able to set up a remote SFTP listener. These agents can make it simple and efficient to connect and run file transfer between you and your trading partner using GoAnywhere. So that's kind of a quick rundown there. But just a couple of things on this slide here to mention. And in a few more slides here, we'll enter into our live demonstration.

It is again, a multi-platform solution. You're going to stall it on an IBM i, a Linux, a Windows. Well badge and ad hoc requests can be easily handled by the product. All file transfers, all activities, inbound and outbound are being tracked and audited. And we have a browser-based interface for administration and monitoring, allowing you to use a browser of your choice. So you do not need to install any desktop client on your systems.

Now again, we do provide those APIs. That is if you do need to have a system that needs automatic lodge transfers. In GoAnywhere, you can call those APIs on your system. We have them for have IBM i, AIX and other systems. You can use the web service call to make a request to GoAnywhere to kick off those jobs. Earlier, I had mentioned that we allow for inbound services, inbound connections.

You can set up a listener with secure FTP, HTTPS and AS2. Also, files community encrypted in-motion, and you can also encrypt them at rest using AS2 56 bit encryption. For those that work with the federal government, we do use FIPS 140-2 validated encryption ciphers. So it's only going to use secure and validated ciphers to protect that data at rest and in motion.

Built in to GoAnywhere, we do have a key measured system allowing you to import, export, create and manage your PGP keys, any SSH keys that you need for your SFTP connections as well as any certificates that you may use for FTPS or HTTPS connections. We also have role-based permissions in GoAnywhere so you can have certain administrators for certain levels of security, certain features they can do.

For instance, you can have some administrators that can set up new jobs to find certain domains within GoAnywhere. You can have other admins that can only look at audit logs, as I had mentioned earlier, as an auditor to come in through. Other admins that can actually just do some schedules, execute jobs and things like that. Plus these admin uses can be authenticated against your active directory or LDAP.

And we do support dual factor authentication as well, if you need that. So you have some additional built-in fact factors that help you out. But maybe you want to use a token or some sort of key authentication in addition to you as a phone password. All right. One last thing I want to talk about here is regarding, before we get into the demonstration, really regarding accepting those inbound connections.

You can also use what's called our GoAnywhere gateway. You can actually put that out on our DMZ area and that's going to act as a reverse proxy. It can also act as a low balancer. So when you have connections coming in, they can hit the gateway first. So users might think they're connecting directly to you, let's say your secure FTP server, but really they're connecting to port 22 on your gateway.

That gateway is then going to take that traffic and going to proxy it using the propriety control channel up into GoAnywhere. Now, in this example, we're actually having two copies of GoAnywhere running within network: one on production system one and one on production system two. This is also demonstrating how you can run GoAnywhere in a cluster environment for a true active-active high-availability solution.

Now, it's going to load balance those connections. So if you were to get a second connection coming in, it will then round robin that over to the production system too and vice versa. And the gateway is going to be smart enough that if one of the system was to fail, maybe due to hardware issue or stuff like that, then the gateway will just send the transfer session to those remaining systems in the cluster.

As I mentioned, through the gateway like this, it also serves as a reverse proxy. The benefit of this is that no additional inbound ports will come into your private network. The control channels actually open up from the private network into the DMZ at starter time. So you don't have to have those inbound ports coming in. You're just keeping the wall solid there, getting no inbound ports coming in.

And since you're secure FTP server or HTTPS server will actually be living in your internal network, in your GoAnywhere MFT solution there. You don't have to stage any files or user credentials in your DMZ as well. So that's going to keep those auditors happy, because you don't have files sitting out there. And your security team will also be happy as you also don't have any additional inbound ports coming into your system.

All right. So let's go ahead and jump into a live demo. I'm going to spend probably about 20, 25 minutes here going through it, just to give you a quick overview of GoAnywhere. All right. So what you're looking at here, first of all, I'm actually using GoAnywhere through IE, but you can use Firefox, Google, Chrome Opera, your choice of browser. Your choice is there.

But I'm going to connect them to my database. You can see the IP address on top there and you can also see my port number of 8,000, which is the default port for a HTTP. This URL will be pointing back to where you installed GoAnywhere on. This can be in your network, approximately the call like on Amazon or Azure instance or on the IBM i. It's completely up to you.

With GoAnywhere installed, then you simply put in the IP of where it's installed. Again, got the default port of 8,000 for HTTP. 8,001 is the default port for HTTPS. Once you're there, you just simply need to log in with your authorized user credentials. These users can be authenticated in a few different ways like active directory, LDAP, RSA Ready, and even using the IBM i profile. So you do have some options and how to do that.

Starting on the left hand... And first, let me jump on below here. We have this initial dashboard. This is a dashboard as an admin that you're going to see when you first log in. It's a kind of a quick glance of what's happening around your system or on your file transfers. Think of like a good morning report even. But at quick glance, you can see what's going on in your system, what services are up and running, maybe some recent completed jobs, top web uses by transfers and so forth.

So you have this dashboards that you can customize and lay it out any which way it makes sense to you. And this is your own personal dashboard as an admin. You can actually rearrange this dashboard. You can remove gadgets. You can even edit some of the gadgets. In this example, we have the completed jobs for the last seven days.

Maybe I want to change the title to match up with the last 30 days or 90 days, etc. So you have different flexibilities you can set up within there. You can also come up here and add in more gadgets and things like that. So different gadgets that you can include in your dashboard. There's like 26 different gadgets that you can lay out and bring into your dashboard.

Another nice feature: this is to be able to create a dashboard that you can share with other admins. We have a handful that are created here on the side, but let me click on operations just to show it to you. So now, these dashboards again, can be customized, but they can also be shared with other admins. So you do have some additional flexibility. This operations dashboard we got: the recent completed jobs, the web users logins, the blacklisted IP addresses and so forth.

So you get the idea of how these can be laid out. Again, these can be shared. If I jump back into my initial dashboard, if you look on the side over here, we call them here the recent completed jobs, we have a job that terminated there. We can do more details to expand on that list, and we can easily get into a job like clicking on this little link in the left hand side to look at the job log to see what happened with that particular job so we can actually drill into it pretty easily.

Then, also, we have the ability to... Let me back up here for a second. Go back into my dashboard to rearrange it, to look at different information on these dashboards; again, completed jobs, etc. So let's jump ahead. So we have the good morning report, the dashboard KV a full of what's going on. We have some icons across the top, some actions right here. But we also have quick links.

Either way, it makes it easy for you to navigate in different areas of the product. And we've got resources and projects and different links right here that you can get to. But I like to typically work on top. So if you go to resources, kind of first place I like to start with, and it is one of your more frequent place you'd be going to, because these resources are where you can be setting up your various connections for various types of systems that you want to connect up to.

On the left hand side, we can see we have the Amazon S3 buckets, Azure Blob storage, cloud connectors. And I believe we have a good handful of different cloud connectors already defined in here. Going down this list, we also have a HTTP servers, IBM i servers. We have a few that are created out here. If I click on it, you can see the basic information.

We got the sole description and the IP address of that system and the profile that can actually log into that system. What's nice about these resources: it's really easy to test to validate if that connection is good. On this I-series, you just got click on test and it's pretty quick there. So that resource we know is good. That resource can connect up to that location, that database, or maybe to your trading partner.

We also have mailboxes. We can actually scan your inbound mails that are coming in and then pick them up, grab those attachments and process them. REST and SOAP. We can actually make a request up to those connections and process them. SSH servers such as your secure FTP or probably one of the more common ones; you can actually set up those resources, and you can set up as many as you need within here to make those connections.

Selecting customer ABC, we can see that information and what's needed to connect up to them to that server. We got the IP address. We got the port number that I need to use to connect up to them through a secure FTP, the profile and password, and even a key file. And these keys can be managed within our product to make it really easy for you.

Once you fill that information in, just like before, you can test it. Let's make sure that connection's good before I go any further. And here we have a connection. Of course, we're looking for that blue successful line right there in the top. So we know this connection is good. So let's walk through the next of the tabs. The connection: this allows us to setup some recovery.

What happens or what if that connection just dropped, there's a glitch in the line? In this particular setup, we're going to retry to connect up to five times with 10 seconds between each one of them. So now I've got that flexibility to actually reconnect up. And what's really nice, let's say if you're transferring a very large file and you got that little glitch in line.

Well, with this, we can actually recover that connection and pick up the transfer where we left off versus re-sending the entire document. You can even set up a proxy. So if you need that on proxy, you can define that. Algorithms. Maybe you need to use certain cipher suites and stuff like that. You can define and use those and select them.

The contacts tab is just the login informational piece. What if this resource is not working, not able to connect up? Who should it contact to figure out what's going on? So again, as a recap, you can create as many resources that you need to for any type of resource types; Again, from Amazon, IMB i servers, network shares. I don't think I mentioned that earlier, but even some network shares.

and that way you can actually grab files from there or send files there to your network share through GoAnywhere. The next process: once we have those resources created and working, and you've got the connections working, you jump into workflows and we jump into projects. So these projects are similar to scripts. This is where you can do your file processing: you're sending of files, picking up files, etc.

And you may have some different ideas on how to help manage these projects through folders. So these are some folders he could set up, sub folders, etc. These folders can be based on maybe a certain location, a trading partner's name, or even the type of transfer. It's up to you guys how you name them. It's just a way to help you manage your file transfers or these projects within them.

And what's also nice, at these different levels of folders, you can actually set up the different permissions. And within this particular FTP protocol, you can see I have a few different admins in there and how they can access that folder and the contents. I've got read and execute, just execute, etc. So you can actually define who can actually get into that area for you, the folder.

With the different projects here, there's a couple of ways I'm thinking how we should start. But let's just start from scratch. Very simple. Click on the creative project. You come in here. You have a template to select from. And these temps of great. There's a lot of different templates, making it really easy for you, depending what you want to do.

Maybe you want to do FTP git, an HTTP task, merge files, move files, etc; you just picked a template that you need to perform, what kind of action you're trying to reform. A common one is to send a single file using secure FTP. So if I select that, and give it a quick name. It's called ABC test. And click on save. So at this point, it's going to bring us into the design mode.

You have four different columns you can work with. The component library: we have over 130, 150 different components within here that you can perform within this project. You don't need to be a programmer. You don't need to write any codes at all or any scripts; it's just kind of drag and drop and double-click for the most part here.

On the component side, depending on what you want to do and what you want to perform. In this example here, we're doing a secure FTP. We're doing a put. And that actually comes right over here if we do the file transfer, secure FTP, and right there is that put. So that's where that came from. I can also turn on and do a get and bring that into the project and just drop it in there to add to this project, to do another little task within it.

So you do have the flexibility to add and remove and things like that within the templates. So quickly walking through this, we got the first task to connect to that server, to connect up to that resource. Again, that could be your trading partner, it can be your customer. And on the next column to your right is the server. This refers to that resource you would have set up earlier.

And within here, you can go down and select that customer or that trading partner or whoever you want to connect to. And I will select ABC customer. And at this point because again, we know that resources are good to go, as we saw earlier, and then the actual task to do a put, even navigate to your source file. You can easily click these three dots and navigate to your file just to pick it up this way.

And this is one of the ways you can transfer those documents around. And to keep it quick, let me just grab one and select it. And then the destination file or directory, this is where it's going to end up. And if you look on top, here's that resource name. So I know I'm out to that resource. I'm connected to that database, to that server, and I'm looking at their folder structure that I have access to.

And I can quickly or simply just select the right folder. And for the most part, this project is done. I do recommend, and this is why I came from the template, but I do recommend an air module. And within the air module, you can handle a what if type of scenario. If this fails, what do you want to do? Do you want to run another project? Do you want to send an email like this one's doing?

So if I jump out of this task, we have some default values pulled in from the template. I do have a SMTP server already defined. So let me select that from that resource. And typically, I would fill in the rest information there and make sure it's valid or correct. But just because of time, I'm going to jump down to the message and the subject line.

If you look closely, we're actually using a system variable, and it came from the list to the right. So system project name, system project name again, but also there's system job air. So at runtime, if this does fail, an email will go out and it will include the project name and the job air right there in the message. Plus, in this example, we do have the job log also using the system variable.

So now the recipient's going to receive the information that they need to further investigate what happened there. You can validate it and make sure it looks good at the high level, and then can even execute it and run it. And this one completed successfully. In design mode, you can take a quick look at the job log you're in. I only have basic messages turned on, but you can turn on debug if you really need to. This is pretty simple, where you can risk uploading a file. And it was uploaded successfully.

Okay. So let's jump back out of that one. Let me show you another one here. A little more complex on what it's doing. And just to get an idea, these projects can do a lot. You can do very simple tasks just straight down type of logic, but you can actually build in some loops or some conditioning logic within these scripts to make sure you get the processing done as you need to.

Again, for the most part it goes down. But as I mentioned, you can include loops, do a wild loop for each loop. You can do some conditioning if doesn't have that type logic in it. So you have a lot of flexibility. You can add to these. In this example, just to keep it pretty quick, we've got a couple of variables on top here. They were setting some values up before this run of the job; just the salary there being compared to the records found just a variable.

It's saying its true by default. But what's nice about this project, we'll actually create a temporary space; a temporary space within this project run to hold these files temporarily. Easy cleanup that way at the end. Retrieve records. We have the ability to go out there and retrieve records from one of our databases. Here, we're connecting to the Davis server called Production 400.

And we're turning around and writing an SQL statement like a query over the file based on those values above that minimum value salary. If records are found, it's going to create a file. So we're taking those results, creating an Excel file. What's nice here is the ability to use variables. My data. If I jumped back for a quick second, my data.

The records that are falling in the select statement are being held in an output variable, and then I can use that in a following step here like I should write to Excel. I can turn on and take the results, this Excel document and encrypt it real easily. And this encryption PGP file, I can turn on and send it through secure FTP. So you can kind of see how it walks through it. Some email confirmation.

Some people really like to have that, or really require that even the process to know that the email was sent out or the document was transferred. We're going to clean up the workspace and then a couple of different problem handling. If there's any airs, you got some air modules down below. Even in this one here, I can run it pretty quickly just by executing it.

Again, this is going to run for the most part just straight down. And it should transfer the file, encrypt it and then transfer it. I should get the completion back, and I did. And here as well, I can look at the job log. This one's a little bit more complex, but we've got the unique job number, the job name, who submitted, who ran it, and you can even see the select statement that I'm performing.

We got the encrypting of this file, the XLS 2, XLS PGP. So we know it was supposed to be encrypted and we got the confirmation there. And then we also uploaded the file successfully. So it's a nice detailed log, really step by step what happened. Now, in a sense of automation, it's really kind of a key area for everyone here, right? I had mentioned earlier that we really want to get away from the manual processes that users are taking today.

So we really should be automating these processes and these file transfers. And we have a few different ways. If we go back to workflows and then we have scheduler. So first, we have our own built in scheduler, allowing to schedule these tasks, these file transfers to run within the project or different projects here. And we have all these different jobs if I go down.

I'm actually going to just create a job from scratch. Give it a quick name, ABC job. A bit description, this is the project. And you can easily navigate to the project that you created earlier and you just grab a project, whatever you want to grab that you need to automate. Let's just grab the one I was just showing you guys right there.

The admin profile that has the rights to actually run the job and then their password. So you'd fill that in. You can define the run queue and run priority. The schedule button allows you to schedule this job to run. Maybe it's just a onetime thing, but otherwise, maybe you want to run it in a minute, hourly, daily, weekly, monthly, etc. So you can easily select what you need there.

If you pick on daily, you can do your start and end date. You can even include a calendar. So if you want to omit any holiday days like that, you can actually omit those so they don't run on those days, etc. Email notification. This allows you to be notified if a job completes normally or if the job fails. Project variables. This one has a variable in it; I can actually pass some values into it.

I can override this at runtime to a different value. Now, this time says $25,000, and maybe next time I'm looking for those salaries greater than 50,000, etc. So that is one way, is to use a scheduler, and a scheduler's job is to run. The next way is through a monitor. And what's nice about monitors, you're actually able to monitor a log, and these logs can be local to your server or external to one of your resources out there.

This HK trading partner, we're actually monitoring a remote location through a secure FTP connection. This is the folder we're monitoring on that end. And if I click on these dots, it actually goes out to that SMTP resource called GoAnywhere. And what I'm looking for is for the advent type. What do I want to kick off this project? There's a few you can select from.

We got file created or modified since the last time we looked. File modified, deleted, or if anything exists. If this file exists in this folder, let's run this project. The next parameter is regarding the filing pattern. Right now, I got customer-XLS. So customer has those, starting with the file name. But maybe I want to do an asterisk anything with a CSV or PDF. Pick those up, or anything in the folder.

You have that flexibility. So you got the wildcard there, but you can also use a rigger expression to locate it. The next step is to schedule how often or when do you want to monitor that particular folder? You can schedule this or monitor this all day long, 24 hours a day if you want, or a certain time period. And then you can check every 12 minutes or every 15 or 30 seconds looking for a change in that file that you're looking for, or if it's created or if it exists.

And what day of the week do you want to run it? Monday through Friday or every day of the week? If that file is found, so you do have one out there that needs to be picked up and moved, then what project do you want to execute? What project do you want to run? Here, we got this project being executed. I got my profile to run it. I even have a variable tied to this project that gets passed into this project.

When you're monitoring a folder, that folder could have one or several files in it. This is a file type of variable, so it doesn't matter to us. It could be one or it could be a dozen different files. When it gets passed into this project, we can work with each one of them that it picks up. The advanced tab allows to look at a little safety caution here.

We can make sure there's no locks on the file. We can do a secondary snapshot since it's a remote connection. We're going to delay 10 seconds and make sure the file is still not growing; make sure there's no change in it. And then email notification. I mean, we always want you to be notified if there are any issues or concerns around the file transfers.

So on air, if we're not able to actually monitor that location. Maybe the servers down. Maybe you can't get connected because the password changed or something. So, who should be notified? Project success, project failure. What if no files are falling within that time period? If you really expect a file, well, let's be notified if there's nothing there. So that's a monitor.

At the same time, again, everything's being tracked. If I jump over to logs and audit logs. Then, we jump down to completed jobs, and you can see these jobs that have ran recently, and those that have terminated, you can see them in the list. You can jump into the job log of I click on this link. You can even come over here to the left and maybe resolve it.

Maybe you know what the issue is. You review the job log. Let me take a look at this one. Okay. So yeah, I wasn't able to transfer it there. Run password with the decryption. And if I go back to that same one, say I resolved that issue, I fixed it, I updated the password within it, I can come into here and I can resolve it. And I can put some notes on how I resolved it, my initials and what I did to fix the problem.

So that way, when you come out here as an admin who's monitoring these jobs that have terminated, we have this filter option on top to help you find the different jobs and how they completed. There's one called resolution. Unresolved. You can find the ones that still have not been yet resolved and take care of them, if you need to. So different things you can do to help with the searching for the right job.

You can even have a file audit to search on your different files that have been transferred. Administration. Those administrators that are making changes, once they log in, we're tracking what they're doing. Here, you can see we created some jobs just recently. Eric out here actually got the old new values. So we've got the before and after images on those changes he's making, etc.

If customers are coming in, dropping things off through HTTPS, we can actually quickly find those. So it's very detailed information that you can get. At the same time, you can jump up to logs and reports, and we also have some advanced reports. Another way to look at that information. We have quite a few different reports. Let's take a quick look at one.

With this one here, we're looking at completed job statistics. Date range, let's do the last 30 days just to get some more records in there. And let's group the day by date of week. Screw the data. And I'll take everything from status. And that's running. So these reports are going to create a PDF report that can come back to you. They can be embedded within your projects, and these workflows you're doing too as well.

So that should come back here in a second, and then we can take a quick look at it. And it's taken us time here today. There we go. Open. And now we have the report coming up in some other screen. Let me grab it. So here we have the complete job statistics. Let me shrink it down just a little bit. It's a nice looking report. You've got some charts and some data down below. You can see your file count.

And right now we can see that Wednesday's the heavier day for running jobs, so maybe we want to try to balance this out; add a few more jobs to Tuesday and Friday, if necessary, just to balance the workload and things like that. Now I'm going to shift gears just a little bit. So far we've been talking about resources, workflows. You guys are acting as a client. You're initiating the file transfer, the pushing and pulling.

What if your customers want to come in to you and access your database to either pick up a file or drop files off. You can actually set up services. You can actually set the service manager and control how these users come in, what folders they have access to and all that, but because of time, I'm not getting into it. But let me show you what it looks like.

So jumping over to the HTTPS different port number. But this is a web user client coming in to go anywhere. I have everything enabled to my profile so I can get into all these different features, different modules of GoAnywhere. But the most typical or most common one are your secure forms. And as a user, I'm coming in, logging in, I see I have three folders that are defined to my profile.

And if I go into inbound from training partner, I can see all the documents that I've uploaded or I have access to. I can quickly grab another document and bring it and then drop it off to add to that list pretty quickly. The permissions are defined on the admin side of things. In other words, if I jump back here and go into the web users and I select the same profile I'm showing you guys.

Let me jump into folders just to show it here. Here are those same three folders. What's really nice about these folders, they're just virtual names that the user sees. You can make it really clear in what it is: trading partner, ABC, drop files here, or put files here or pick up files here. It's anything you want. It's just a virtual name. But underneath the covers, it'll be pointing to another location.

It could be a local folder on your database. It could be remote side. When you set this up through an admin, you have the ability to code your home directories, even go to your resources that you would have to find. So a customer, a trading partner could actually drop a file off with you, but turn around and send it to another location, to another customer, if that's your process.

It could end up going to a secure folder, so you may encrypt a folder, etc. And then you get the permissions; what they can do when they log in, and you can see I have list, upload and delete. It's all they can do as a user. Okay? We have GoDrive. GoDrive is another option or module that the users can have. And GoDrive is really basically like a replacement for Box to Dropbox.

It's that file syncing and collaboration that we allow you to do; the biggest difference is that we have full control of these files and your permissions, and we're also tracking it, we're logging it, unlike the other solutions out there. Secure mail. We can compose and request mail or attachments through this feature, through this module. And it's pretty simple to set up.

Let's say if I send you an attachment, I can define when that attachment expires, so it expires after five days. Other things that you can do: you can set up how many times they can download it, and then if it requires a password to open it up. So there's different things you can set up to make that a little more efficient and more secure.

The other thing, if I have it open, is that we also offer an add in with an outlook. So up on top, if you have outlook, you can actually add in these secure mail add ins. So you can easily attach a document here and then securely send it out. What happens behind the scenes is that when these emails go out, the attachment does not go through your mail exchange server.

It actually goes into your database and the only thing that goes out to the customer or to the recipient is a link that they can download the attachment through an HTTPS connection. This all secure. And the last one is called secure forms. Let me just grab one. Secure forms. If you have customers or clients or someone that you need to get information from or about them, you can actually create a customized form as you need, any which way you want, requesting information.

Here we have employee ID, etc. They have to fill information, toggle button for the dependent number. Are you enrolled in health care or not? Different things like that. Radio buttons. You can even include an attachment box, where they actually attach a document. And when they submit it back to you with GoAnywhere, we can pick that up through your file workflow and process it.

We can validate the information, grab that attachment, maybe zip it, maybe encrypt it and then send it off. Whatever you want to do on that end. Okay? All right. I think I better wrap it up here. I know we're getting close to the top of the hour, so let me go back to my PowerPoint. Just a couple extra things I want to touch here. All right. Just really quickly here before we take questions.

Again, if you have any questions, please send them my way. And if I don't get back to you before we end, we'll definitely follow up with you. But GoAnywhere supports commands and APIs. Doing a workflow. We can drop all of the workflow process and run some native scripts, running the other applications like ICAP and MQ, and then come back into your workflow and continue with that file movement.

We provide these commands and APIs at no additional cost to you. Really quickly, we had mentioned earlier, you can also run these jobs from your own applications. So for instance, if you are an IBM i customer, you can actually code or run project commands right in your own CL program. We also have service programs for RPG. In this example, we've got the project name.

You can see the project name there. We got a variable parameter being passed into it. So monitor messages, where to send the airs out to the upper message queue, etc. A quick little example. If you prefer to run on a Windows or Linux box or maybe on a US box, you can use our commands there as well. Here's a shell script for Linux, where you're stating the location of the project, the project name, and we also have a couple of variables here for the vendor number and also the status.

The above example is the Windows example here. Here also, we're going to pass on some variables for the file name and the folder path. These variables really add and really simplify your project creation in the long run. And let's just quickly talk about the installation requirements. You can install GoAnywhere around any or many different databases, different platforms, as I've mentioned earlier, including like the IBM I.

As I know, most of us listening here today are on the IBM i one way or another. But with the I-series, we support OS V7R1 and higher. And with the latest version of GoAnywhere, we do require Java version eight. If you want to put on a AIX system or Unix or Solaris box, no problem. This will take about 250 Meg, etc. We also let you deploy to a Linux or a Windows system. There are installation requirements listed here.

Additional options, you could actually install it in a virtualized environment. No problem. We also have images up on Amazon and Azure that we can also install too. All right. Patrick, let's take a quick look and see what we got.

Patrick: Great. Thank you, Heath. Right now, we'll begin the question and answer portion of the webcast. Just a reminder, if you would like to send a written question, use the Q&A area in the lower right section of the screen and select to send to host and panelists. First question, is GoAnywhere able to work with IBM spooled files?

Heath: Oh, that's a great question. Regarding that, yeah. IBM for many years they got those full files. And they do take up some space out there with GoAnywhere for the s400 or if I-series sealed, they'll have it there. We do offer a single user license of severe s400 at no additional cost.

s400 is the easiest way to see if there are trigger on files that you're using. Plus s400 has other features that allow you to convert those PDF, those spooled files into a PDF or text file. Maybe put them into an IFS folder of which then GoAnywhere can turn around and actually grab them out of it. You can be monitoring that folder and that can pick them up.

Patrick: Awesome. Next one, can you go over the differences between triggers and monitors?

Heath: Yeah. A little more in depth. I briefly touched them. I mean, they're very similar both around automation. But the trigger is used around your inbound processes, so files that are being dropped off to you. So connections into your database, using GoAnywhere from your users. So let's say you're waiting for a file from a trading partner.

When that file appears, as soon as it gets uploaded, key where there's uploaded. There's one other function that we're looking for, the event called upload successful. In this case, it says upload successful, then you can turn on and kick off some type of a workflow or a process, maybe just to move a file, send an email out or run a more complex process through a project.

And with the monitor is where you actually watch a specific folder. And these folders will be monitored based on some timing you set up: every 15 minutes, every 20 minutes. So it's not as quite as quick to react as a trigger. But again, you're monitoring a particular folder for particular files in it. And based on that file being dropped off or deleted or modified, you then turn around and kick off some type of a process to move that file to encrypted, etc.

Patrick: How can you stop end users from sending files from their PCs using FTP tools like let's say files? Any recommendations?

Heath: Yeah, that's a common issue and it can be a big problem. There are some tools out there that can be used. But organizations have a lot of issues with their end users doing those things and using those drop boxes, which are not as quite as secure a way of transferring files. But what you can do first, take away administrative controls that the end users can't load these applications onto their desktop like file Zillow.

Second, you could set up your firewall to only allow like FTP or better yet secure FTP connection from them into GoAnywhere. So you can disallow really any FTP connections from the user's desktop and so on through the firewall configurations; that way, the users will be forced then to use a product like GoAnywhere.

Patrick: Okay. I have one from the Q&A. We have many files to send. Can the list of files be defined in a DB file so that they are processed in a loop?

Heath: Yes, absolutely. Within the workflows, I'll get that variable coming in with the list of files and you can actually turn around and write that list of files to a file, to a spreadsheet, etc. And you can use your select statement to write it to a database table like you're suggesting there. So yeah, absolutely no problem.

Patrick: Okay. Last question, can GoAnywhere run in pase, P-A-S-E? Can I call open source programs in pase such as JavaScript?

Heath: I know we can reach out and call other application external applications, so I'm going to say yes, but I'm not positive on the pase there, but I do believe so.

Patrick: Okay. Awesome. Thanks again. Once again, I want to thank our presenter and the rest of you for taking time out of your busy day for an hour of education. Please take a moment to provide your feedback to [inaudible 01:00:11] by completing the evaluation form that will be sent out in an email shortly after the event.

Your feedback helps the education team plan future web events. We usually really value your input. In addition to the survey, the email contains the link to the cosmos community, where you can watch and replay and download the handout. That'll be all for today. Thank you guys for joining. Have a good rest of your day.

Heath: Thanks everyone. Appreciate your time. Bye bye.

See Full Transcript Close Full Transcript

Ready to See GoAnywhere in Action?

Schedule a live demo. Choose from our 15-, 30-, or 60-minute options to pick the level of detail that works best for you!

SCHEDULE MY DEMO