Although a minor update, please note 2.5.2-2 is now available for all StingRay 2.5 users to download here.  So if only a minor release, why should I bother updating I hear you say?!  Well, this release addresses a few small bugs inherent in 2.5, therefore if you have been experiencing any of the issues outlined in StingRay’s ChangeLog this update will address them.

We couldn’t just leave it at that though, that would be dull!  Instead, we have decided to include a little gem for all of our 2.5 users.  Take a look at these…

2.5.2-2 now enables all StingRay users to upload their company logo to StingRay’s external interface for all customer’s to see.  Adding that personal touch to your customer facing file transfer interface helps promote your brand and instill confidence in your users.

So if you are currently running StingRay 2.5 you haven’t yet taken advantage of what 2.5.2-2 has to offer, go to the Updates section on the Hermstedt StingRay website and download it now, free of charge.  If you experience any problems when running the update you can either download our guide to ‘Branding your StingRay’s external web interface’ or call the Pro2col support department on 0333 123 1260.

Bookmark It

As a vendor of a file transfer solution its really important that we know exactly what the market wants.  To help us to take the development of the Hermstedt StingRay file transfer appliance in the right direction we’ve set up an online survey to help us capture your thoughts.  If you’ve got a spare two minutes we’d be really grateful if you’d take the time to complete our seven question survey which you can get to by clicking here

Bookmark It

Managed File Transfer is fast becoming the latest buzz phrase for all those businesses needing a file transfer solution.  Managed File Transfer is not a new concept its been around for a number of years its just that companies now need file transfer to be an integrated process within the organisation instead of a standalone process with little to no management information.

The term Managed File Transfer basically suggests that the process of transferring files is audited, providing reporting, guaranteed delivery and automation.  Hermstedt’s StingRay Managed File Transfer Server has been around for seven years now and provides a great degree of management information including which user sent the files, when and what files they sent and to who.

StingRay screenshot of Managed File Transfer information

In addition to tracking and logging all of the managed file transfers that the StingRay undertakes it also stores all of the accounting logs on the server for exporting in a tab delimited format so that they may be used for accounting purposes.

Managed File Transfer doesn’t need to be expensive.  There are many products on the market which position themselves in this space many of them many times more expensive than the StingRay Managed File Transfer server.

Why should companies invest in Managed File Transfer?  Quite simply other file transfer solutions don’t offer the range of features required for today’s file transfer requirements.  Send and forget just isn’t an option these days businesses need to be able to rely on guaranteed delivery of data.  Managed File Transfer is the future of file transfer.

Bookmark It

What is an FTP server and why do I need a secure FTP server?

It’s worth giving a bit of background to FTP by answering these two valid questions to start off with.  An FTP server is essentially an area on a computer to which remote users have access to upload and download files from and to using an FTP client or other compatible FTP software.  Security is a concern if the data you want to send, host or download is confidential, personal, financial or could affect the outcome of your business in any way.

Setting up an FTP server and its limitations….

To set up an FTP server you require a computer, operating system and FTP server software.  Generally speaking FTP servers are quite basic in their make up, many operating systems already have them built in for example Microsoft Windows or Apple’s OSX.

The problems with standard FTP servers are not just down to the inadequacies of the server or delivery protocol itself but frequently how they’ve been installed.  The two main issues are:

Installation - this is usually error number one for many users and the most fatal flaw when installing an FTP server.  If you’re going to set up an FTP server install it in a Demilitarized Zone (DMZ) which is an area outside your network but accessible by your internal computers.  The reason for this - well if you go and set up an FTP server internally on your network…. inside your network then its likely you’ll suffer problems…read on.

Authentication - during FTP communications passwords are sent by the client to the server in plain text which basically means it can be read by other, less unscrupulous . So it’s worth considering using a secure FTP server like a StingRay or a secure FTP protocol either FTP over SSH or SSL

Scenario - OK - lets assume at this stage that you’ve set up an FTP server on a Windows PC for example running inside your network.  Your customers are uploading files using FTP to your server and everybody’s happy.  Right?  Wrong!  As noted previously on this blog FTP server username and passwords are stolen, bought and sold.  There are even video’s on Google Video on How To Hack A Windows Server! The thing is, when someone has access to your server which, probably wouldn’t take a determined person long, then as the server is inside your business they have access to everything…… your whole network is insecure!

Installing your FTP server in the DMZ is the first step this way the rest of your network is secured but then what about the data on your server?  Well that’s fair game if it’s sitting there and its still likely that it could be used to bridge the firewall to your network.  How?  Well the key thing here is your Operating System and the fact that files can be executed on your Mac or PC for example.  Once a file is on your server and it auto-runs or unknowingly you open it then BINGO they have control of your FTP Server - a Trojan Horse attack.

So what’s the answer…..?

We’ll clearly I’m going to mention StingRay at this point but these are the very valid reasons why StingRay is a fantastic FTP server:

Firstly, StingRay FTP Server is built on Linux.  Why’s this good?  Well Linux is by developers, for developers and with good reason there are limited numbers of malware applications that can attack your server.

Secondly, StingRay FTP Server doesn’t allow files to be executed or opened on the ftp server appliance.  The functionality has been removed from the operating system.

Thirdly, StingRay FTP Server has two Ethernet ports, one for your internal network and one for the Internet or DMZ.  Why is this important?  Well the routing between the two ports has been removed meaning that if someone were to gain access to the server then they wouldn’t be able to gain access to your network as well.

Fourthly, each StingRay FTP Server has a unique, encrypted root password meaning that if one StingRay user ever found out their root password (which they wouldn’t be able to) then they wouldn’t be able to hack any other system.

If you’re looking for a secure file transfer appliance then StingRay is a serious consideration.  There’s more on the Hermstedt Web Site on security if you’d like to know more, alternatively give us a call and we’ll give you details for an online server and you can check it out yourself.

Bookmark It

I read with interest yesterday an article by Meg Suggs about Managed File Transfer.  To paraphrase the article Meg suggests that “Managed File Transfer is replacing FTP servers” as the solution of choice.

It got me thinking about what it was about Managed File Transfer that businesses wanted or needed?  First off Managed File Transfer is defined by Wikipedia as:

“Managed File Transfer (MFT) refers to software and hardware technologies that enable “secure and reliable exchange of documents between organizations.” In broader terms, Managed File Transfer suites enable organizations to automate, manage and secure the exchange of large volumes of data between two or more entities.”

So why the shift to Managed File Transfer?  Well I think Wikipedia sums it up pretty clearly, its a way of providing a little more management, automation and security throughout the file transfer process than you’d achieve with a standard FTP server or email for that matter.

Interestingly Meg also referred to an article written early last year about the inadequacies of standard FTP servers and how “an illegal database containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses was found. The stolen information belonged to companies from around the world and the database allowed for anyone to purchase those credentials and use them to launch malicious attacks against the compromised systems”.

With information readily available on the Internet providing individuals with the opportunity to create havoc and bring down complete company IT infrastructure it begs the question, why do companies take the risk by implementing cheap file transfer solutions when the potential cost to their business is so huge?

In addition to the security considerations the business process should also be taken into account.  Long gone are the days when file transfer was a standalone function.  File Transfer should be fully intergrated with other processes within the business providing greater automation and efficiency.  As file transfer becomes more integrated its even more important that the information transmitted and stored is done so securely.

For those interested StingRay Managed File Transfer Server ticks all of the boxes and more information can be read here.

Bookmark It

Welcome to the StingRay web site blog.  I promise we’ll do our best not to make this your typical boring company blog.  I hope you’ll get in touch and give us some constructive feedback and direction on how you’d like us to improve the StingRay file transfer server.

In return we’ll be giving you tips and tricks on how to make better use of StingRay and let you know a bit about the team here.

Thanks for reading.

James

Bookmark It