Platform Server Security
MFT supports the following modes of operation for incoming and outgoing Platform Server requests. This is for both file transfer requests and administrative requests such as audit collection, server status and node and profile updates.
-
Clear text mode. The password is encrypted using a proprietary encryption algorithm but the data is not encrypted.
-
AES 256 encryption. The password and data are encrypted using AES256. The asymmetric encryption key is generated through an algorithm on both the Client and server.
-
SSL (or TLS) mode. MFT Establishes an SSL connection with the Partner Server. An Asymmetric AES 256 encryption key is exchanged through the secure TLS connection. MFT uses this AES256 encryption key to encrypt and decrypt all data. MFT also adds a message digest and sequence number to each record to prevent man in the middle attacks.
-
Tunnel Mode. All data is sent over a negotiated TLS connection. Each transfer creates a new TLS connection.
Tunnel Mode is the most secure option and is strongly suggested when communicating to partners over the internet. Tunnel Mode requires MFT Internet Server V8.2 and MFT Platform Server V8.0 or higher.