wanted:
The ability to transfer data files between a variety of power/gas providers
and a state social service agency. This must be done on an automated basis
and the files contain confidential data. One file will be transferred to
the state agency on a daily basis and several files will go the power/gas
providers. It is envisioned that the power/gas providers will supply these
files to one centralized state location.
current status:
- one provider allows for dial-in access to the data for one of the state
agency local offices (they utilize the IBM advantis network and an
information exchange mailbox).
- another provider delivers reel tapes (they only have one of these tape
machines left and it is used for nothing other than the state agency).
- another wants to provide DAT tapes, but the state agency doesn't have a
DAT tape drive at the local office.
state network:
- checkpoint firewall-1 firewall with a DMZ utilized for web services and
file transfer via SSL.
- Bay network contivity VPN device with public address (this doesn't sit
behind the firewall).
- FTP connections initialized from within the state network are allowed (I
know how bad this is)
- incoming e-mail messages are limited to 1.0MB
providers:
- initial provider is an IBM mainframe shop that utilizes the IBM advantis
network to provide the file to an information exchange mailbox.
- second provider is also an IBM shop.
- future providers are not guaranteed to be IBM mainframe shops and as the
state opens power/gas provision to the marketplace the odds are very good
that a wide variety of computer centers will need to interface with the
state.
discarded solutions:
- utilize the IBM advantis network. the state currently does not have a
direct connection with this network and future providers also will not have
this connection
- utilize the DMZ file transfer via SSL. the current setup requires human
intervention. we do not want to require intervention on the part of either
providers or the state.
- PGP encrypt the data and use standard FTP. the initial providers are an
MVS only set of shops. I haven't located a PGP version for MVS.
- PGP encrypt the data and use e-mail. The data files may not fit within the
e-mail limitations of file size.
what I need:
Some suggestions as to how I can accomplish my task. I am currently
investigating other possibilities on my own, but the members of this list
must have dealt with this situation prior to now. Each of the discarded
solutions can be reconsidered as possibilities if needed (I can see having
the MVS shops ship the file to a workstation on their network, having it PGP
encrypted there, and returned to the IBM mainframe for FTP transfers).
Additionally, I need information on which direction each of the file
transfers should be initiated (I prefer that the state initiate all file
transfers from their side, thus they don't need to provide an open FTP
server daemon).
Any help would be appreciated.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Thomas H. White It is morning in Africa.
Systems & Database Programmer As the sun rises on the plain the
gazelle
NYS HSASC awakens knowing if it cannot outrun
the fastest
Bureau of Security Administration lion it will die.
[EMAIL PROTECTED] It is morning in Africa.
(518) 473-8268 The lion awakens, knowing if it can't
outrun
the slowest gazelle, the lion and
it's family
will die.
It is morning in Africa
and you had better be running.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
