Download presentation
Presentation is loading. Please wait.
Published byLucy Douglas Modified over 9 years ago
1
I n t e g r i t y - S e r v i c e - E x c e l l e n c e Air Force Weather Agency FTP Replacement Briefing 08 Sep 06
2
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 2 FTP Replacement Description: Replace FTP for all traffic outside.mil domain Requirements Documents: - DoDI 8551.1, Ports, Protocols, and Services Management - DSAWG FTP Vulnerability Assessment, updated 13 Sep 05 - Air Force Weather Security Classification Guide, 1 May 2004 - AFI 33-202v1, Network and Computer Security - AFI 33-201, Transmission Security Briefing Objectives: Inform OFCM CEISC of encryption requirement and change to SFTP Presentation for CCB, 16 Aug 06
3
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 3 Background On 9 Nov 04, JTF-GNO stated File Transfer Protocol (FTP) ports 20 and 21 would cease transferring data between DoD enclaves (.mil) and non-DoD enclaves (.edu,.com,.gov,.org, etc.) effective 9 Nov 06 AFCA clearly stated that any replacement product used must be FIPS 140-2 certified AFWA has standing requirement to encrypt all data sent outside DoD channels The AFWA formed a working group in May 06 dedicated to finding an FTP replacement for the Strategic Center and our customers
4
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 4 Analysis The following criteria were considered in evaluating the open source version and commercial version (Tectia) of SFTP: FIPS 140-2 compliance Performance Ports and protocols compliance Ease of Integration Interoperability Cost Maintainability
5
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 5 Analysis (cont.) A standards-based solution makes interoperability highly likely between open source and all commercial products use the same standard Since SFTP appears to the user (at a command line or scripting level) to be an FTP clone, it would be simple to integrate as an FTP replacement Software cost was not quantified. Note: In addition to Tectia, there are many commercial SFTP products providing competition in the market for this standard solution. The working group only evaluated Tectia and free open source version.
6
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 6 Performance SFTP typically incurred about a 10-30% performance penalty, depending on the combination of SFTP versions in use Some clients with relatively inefficient native FTP performance (e.g. Solaris 8) experienced a performance increase using SFTP Conclusion: Based on performance, SFTP is a reasonable choice for encrypted secure file transfer
7
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 7 Risks Risk: Customers can’t comply with SFTP Description: Non-.mil customers unable to transition to SFTP will cease send/receipt of data from AFWA Mitigation: Assumption - Register all customers unable to meet deadline with AFNOSC and DSAWG. Registration must include a “get well” plan.
8
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 8 Risks NCEP Global ensemble data not available for development AGROMET pushed to NCEP DMZ may be discontinued FNMOC May not be able to easily implement SFTP (researching).COM,.EDU May not easily be able to implement open source or commercial product
9
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 9 DATMS-U No impacts expected as DATMS-U is considered part of the DoD network
10
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 10 Identified FTP Comms POCs reached are detailed in the Excel spreadsheet: Update FTP users contacted.xls Review and update of listed POCs by member agencies requested Issues to be identified after 09 Nov 06 SFTP testing period begins
11
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 11 Implementation Timeline SFTP available for limited use by AFWA 9 November Projected WARNORD issued by Air Staff no earlier than January 2007 WARNORD +90: FTP cut-off date Implementation schedule from WARNORD to cut-off date TBD
12
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 12 Recommendation Recommend CEISC member agencies review FTP communications to identify any additional data feeds between them and DoD and provide a POC to coordinate resolution NLT 30 Sep 06
13
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 13 SFTP Questions?
14
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 14 SFTP BACK-UP SLIDES
15
I n t e g r i t y - S e r v i c e - E x c e l l e n c e 15 Performance
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.