Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

Secure File Transfer

The SSH Tectia client/server solution allows organizations to replace plaintext file transfer protocol (FTP) connections with secure file transfers in cross-platform environments. File transfers can be secured by applying the Secure File Transfer Protocol (SFTP) instead of FTP, or by using tunnels that encrypt the connection from the FTP client to the FTP server.

The third-generation high-performance Secure Shell protocol implementation, SSH G3, provides unparalleled SFTP throughput and scalability, eliminating processing bottlenecks and helping to meet critical deadlines.

SSH Tectia Server is capable of handling also the OpenSSH SCP legacy file transfer mechanism that OpenSSH uses instead of the standard SFTP protocol. The OpenSSH SCP can interoperate with the SSH Tectia Server running on any platform.

The SSH Tectia client/server solution offers three methods for FTP replacement as illustrated in Figure 2.2:

Options for replacing unsecured FTP file transfers

Figure 2.2. Options for replacing unsecured FTP file transfers

An unsecured FTP connection is shown in red. If this is used, user IDs, passwords and the actual transferred data are sent in plaintext, which makes them vulnerable to eavesdropping and unathrorized modifications.

SSH Tectia products use the following methods to make file transfers secure:

  1. Native SFTP

    The secure file transfer protocol (SFTP) transfers the files and the related control data in encrypted format. SFTP can be activated by using the sftpg3 and scpg3 tools, or the SSH Tectia file transfer GUI (on Windows) instead of the unsecured ftp tools.

    SSH Tectia Client or ConnectSecure provides the SFTP functionality and connects to any Secure Shell SFTP server. Both the original FTP client and FTP server can be eliminated.

  2. FTP-SFTP conversion

    Connections from the original FTP client are transparently captured by SSH Tectia ConnectSecure, converted to SFTP, and directed to a Secure Shell SFTP server. No changes to the original FTP client application are needed, and it can remain being used as before. The original FTP server, however, is eliminated.

    This feature is available with SSH Tectia ConnectSecure and SSH Tectia Server for IBM z/OS (client tools) on all supported platforms and requires a Secure Shell server as the counterpart.

    For more information, see FTP-SFTP Conversion.

  3. Transparent FTP tunneling

    Transparent FTP tunneling creates a secure tunnel between an FTP client and an FTP server. All material is sent in encrypted format and so secured from eavesdropping. This feature is available with SSH Tectia ConnectSecure and SSH Tectia Server for IBM z/OS (client tools).

    For more information, see Transparent FTP Tunneling.

The SSH Tectia client/server solution supports also non-transparent FTP tunneling on both SSH Tectia Client and ConnectSecure. Non-transparent FTP tunneling can be implemented as SOCKS tunnels defined in the SSH Tectia connection profiles, or as automatic tunnels defined in the Connection Broker configuration.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now