ACRUXNET-GoAnywhere-10September
Download
Report
Transcript ACRUXNET-GoAnywhere-10September
we make Security & Compliance easier stuff
Trusted IT & Security Solutions & Services
www.acruxnet.net
[email protected]
Managed File Transfer
Securing Data at REST & TRANSIT
August 2014
Overview of acruxnet
ACRUX Co. WLL (acruxnet) is a Bahraini company founded in 2012
Provides Trusted IT & Security Solutions & Services in the GCC region
Mission
To proficiently assist our clients build and maintain information security as a system
that consists of people, data, process and technology that comply with the IT
security industry standards cost effectively.
Our Promise:
We commit to provide our clients with smart, trusted, affordable and reliable
solutions and services to build and maintain information security system and achieve
compliance with the well known security standards
Our Partners:
3
What we do
Our Solutions:
1. DeepNet - DualShield - Dual or Multi Factor Authentication
2. Trustwave – mainly DbProtect Database Security – other Solution solutions and services
3. GoAnyWhere - (MFT) Automated & Secured File Transfer to Secure DATA at REST & TRANSIT
4. NNT - Integrated SIEM, FIM & CCM ( alternative with more features to the expensive tripwire/IBM)
5. Airtight - Wireless Security & PCI-DSS Compliance Solution
6. BankCube Data Masking & Sanitization Solution
Our Services:
1.
2.
3.
4.
5.
6.
7.
8.
9.
Consultancy - PCI-DSS/IT/Security/Card Industry (acquiring & issuing )
Project Management – focus on IT & Banks Projects (emv, EFT, ATMs, PCI-DSS, Bank applications)
IT or Security Cost Review & Optimization
Security Assessment ( Gap Assessment, Vulnerability Scanning & Penetration Testing & QSA)
Risk Assessment (i.e. annual for the PCI-DSS Certification)
Solution Evaluation & Selection
Documentation - Policies/Procedures/PCI-DSS Documentation
Resource Lease
Security Code Review (SAST & DAST)
4
Overview of Linoma Software
Founded in 1994 - based in Nebraska USA
Private company with no debt or outside funding
Dedicated to Research and Development
Focused on Data Automation and Security
Responsive technical support; Toll-free, Chat, Email, Web
Regional Partner in the Middle East (ACRUXNET)
IBM Advanced Business Partner, Microsoft Silver Partner
Other Partnerships: Oracle, Sun, Novell, RedHat, Apple, VMware and PCI Security
Standards Council
5
Why GoAnywhere MFT Solution ?
GoAnywhere Managed File Transfer (MFT) solution provide bunch of services around data transfer
services that make data exchange internally and externally with your business partners secured at
transit & at rest, automated, controlled, monitored, audited in reliably smarter and easier way.
Conventional file transfer tools will probably fails you in some of the below :
Security: Addresses the CIA ( Confidentiality, Integrity & Availability) concerns
Automation of data transfer, storage, retention, disposal, job scheduling, triggers & status alerting
Monitor operation, system and user activities.
Simplicity of use ( no programming or scripting expertise require – intuitive GUI)
Logging , Auditing, Alerting and Reporting
Administration – Intuitive GUI & Advanced Role Based access Control
Less helpdesk overhead - Self-Service “Forgot Password” features – disable inactive users
Centralized Control – Integrates with your business, IT & Security process
Logging, Auditing & Controlling who/where/how/what/when something has been done.
Data Translation: from almost any source of data (files/db) to any destination
Availability – Clustering – alerting – ad-hoc secure file sharing via email
Keep latest & most secured technology (i.e. encryption algorithms & key management) at low cost
Keep data flows well structured, controlled and gain visibility to better manage your risks
Saves storage space by reducing duplicated files
Compliance with Security Standards NIST, PCI-DSS, HIPPA & Internal Bank InfoSec Policies
Cost Effective Licensing & TCO – Cost Saving Operationally through the automation & ease of use
6
GoAnywhere MFT Solution
7
Product Summary
GoAnywhere Director™ is a managed file transfer solution that
automates and secures the exchange of data with your customers,
trading partners and enterprise servers. GoAnywhere Director connects
to almost any server or data source using a wide variety of standard and
secure protocols.
GoAnywhere Services™ allows trading partners (e.g. customers, vendors,
remote employees) to securely connect to your system and exchange files
within a fully managed and audited solution. It includes the popular file
transfer server protocols of FTP, FTPS, SFTP, HTTPS, Secure Mail and AS2.
GoAnywhere Gateway™ is both a reverse and forward proxy that
provides an additional layer of security. It allows you to exchange data
with trading partners without having to open incoming ports into your
private network or store sensitive information in the DMZ.
8
Product Summary
GoAnywhere Director Diagram
GoAnywhere Director Benefit
Automates data movement throughout the Enterprise
Streamlines data transmissions with Trading Partners
Eliminates:
1. Custom programming and scripts
2. Manual processes
3. PC file transfer tools
4. VANs & Dial-Ups
Secures transmissions to comply with PCI DSS, HIPAA, HITECH, SOX and state privacy laws.
Decreases transmission times through compression
Supports concurrent large file transfers with auto-resume and integrity checks
Provides centralized point-of-control and administration
Includes detailed logging and message alerts
Implements industry standards
GoAnywhere Director Security
For compliance with PCI-DSS, HIPAA, FIPS 140-2, Sarbanes Oxley, GLBA and State Privacy Laws
Secure Protocols
• SFTP – FTP over SSH
• FTPS – FTP over SSL/TLS
• SCP – Secure Copy
• HTTPS – HTTP over SSL
• OpenPGP / GPG
• ZIP with password protection
• Encrypted email (SMIME)
• AS2
AES encryption (key lengths of 128, 192, 256) – NIST standard
Two Factor Authentication
Key Management tools for OpenPGP Keys, SSL X.509 certificates and SSH Keys
Role-based Administration
SSL protected console
GoAnywhere Director Setup
Installs to AIX, HP-UX, IBM System i, IBM System p, IBM System z,
Linux, Mac OS, Microsoft Windows, Sun Solaris and UNIX
Customer installable – Less than 30 minutes typically
Includes dozens of business processes (Tasks)
Project-based design allows “chaining” of multiple Tasks together
Automate Projects with built-in scheduler
Launch Projects from other platforms, applications and programming
languages
GoAnywhere Director Connectivity
File Systems
- Network Shares (SMB/CIFS)
- Local File System
FTP
- Standard FTP
- SFTP (FTP over SSH)
- FTPS (FTP over SSL)
- SCP (Secure Copy)
Web Sites
- HTTP
- HTTPS (HTTP over SSL)
- Web Services
- AS2
Email
- POP3
- IMAP
- SMTP
Database
- DB2
- Oracle
- Microsoft SQL Server
- Sybase
- MySQL
- PostgreSQL
- Informix
Enterprise Messaging
(JMS)
- Websphere MQ
- SonicMQ
- ActiveMQ
- SwiftMQ
Automated Transfers – Outgoing
Automated Transfer - Incoming
GoAnywhere Administrator
Browser based front-end for configuring GoAnwhere Projects
Intuitive screens and wizards - AJAX enabled
All definitions stored on server
Graphical dashboard
- Define Resources and Projects
- Schedule and execute Projects
- Monitor active Jobs
- View Job Logs
- Configure User Authority
- View statistics
GoAnywhere Resources Setup
Predefine Resources in GoAnywhere Administrator
Each Resource has a unique name
Only authorized administrators can maintain Resources
Stored in GoAnywhere central database
Use Resources from within Projects
GoAnywhere Project Tasks
Project defines the Business Processes to perform
Each Project contains one or more Modules
Each Module contains one or more Tasks
Project can contain variables that may be overridden at runtime
Define Projects through graphical wizards or XML
project name=“TestProject" mainModule=“Module B" version="1.0">
<variable name=“FileName" value=“employees.xls" />
<module name=“Module B">
<sql label=“Fetch from Database" resourceId="Production 400">
<query outputVariable="data">
<statement>select * from LNMXDEMO.EMP</statement>
</query>
</sql>
<writeExcel label=“Convert to Excel"
inputRowSetVariable="${data}"
outputFile=“${FileName}"
sheetName="Employees" includeHeadings="true">
<data trim="both"/>
</writeExcel>
</module>
</project>
GoAnywhere Project Designer
Define Projects through graphical interface
Organize Projects under folders and control access rights to the folders
Database
Connect to DB2, Oracle, SQL Server, Sybase, MySQL, PostgreSQL and Informix
Do not need to load additional software on database server - connects via JDBC 2.0 drivers
Run any SQL statement supported by the database (e.g. Select, Insert, Update, Delete,
Call, Create…)
Example uses of SQL in GoAnywhere:
- Import files (text, Excel, XML) into database tables
- Export records from a database table into a file (text, Excel, XML)
- Copy records between tables
- Call stored procedures on a database server
- Create and Alter tables
GoAnywhere FTP - Insecure
FTP command support
- Get files
- Put files
- Delete files
- Move files
- Make Directory
- Change Directory
- Rename Directory
- Execute Custom Commands
Connection retry attempts with file auto-resume
Auto-detect Binary and ASCII modes
Include or Exclude files based on
- Wildcards (i.e. “trans*.txt” or “*.xls”)
- Date/time range
- Size range
Auto suffix or prefix file names with
timestamps, values or variables
Configurable ports
Example of FTP Get:
GoAnywhere SFTP
SFTP = FTP over SSH
SSH 2.0 is latest standard
SFTP encrypts the entire connection including data,
users ids, passwords and commands
TERMS
SSH is an abbreviation for Secure Shell. SSH is both a
computer program and an associated network
protocol designed for encrypting communications
between two untrusted hosts over a network. It
utilizes Public keys to provide asymmetric cryptology.
Authenticate with a User id and
• Password
• Key
• Password and Key (Dual Factor)
Connection retry attempts with file auto-resume
Wildcard file filters, auto prefix/suffix file names, etc.
Configurable ports
GoAnywhere
SFTP Server
GoAnywhere FTPS
FTPS = FTP over SSL/TLS
TERMS
Encrypts entire connection including data, user
passwords and commands
SSL is an abbreviation for Secure Sockets Layer. SSL is
ids, a security protocol for encrypting communications
between two hosts over a network. SSL utilizes
certificates to establish trust between the two hosts.
Explicit and Implicit FTPS are both supported
TLS is the abbreviation for Transport Layer Security and
is the successor to SSL.
Supports dual-factor authentication using a
combination of certificates and user/passwords
Certificates can be self-signed or signed by a certificate authority (CA) like
Verisign
Connection retry attempts with file auto-resume
Wildcard file filters, auto prefix/suffix file names, etc.
Configurable port ranges
GoAnywhere
FTPS Server
e-mails
Send email
- Supports multiple To, CC and BCC addresses
- Specify SMTP server, subject, message, reply to
- Multiple attachments allowed
- Support for international characters
- SMIME support for encrypted emails
Retrieve email
- Filter incoming emails based on From, To, Subject and Message
- Store attachments for further processing
- Can retrieve email from POP-3 and IMAP servers
- SSL support
GoAnywhere HTTP
HTTP and HTTPS (SSL)
Supports Cookies and HTTP Redirects
Perform requests with Parameters
HTTP Get
- Download multiple files in one session
- Filter files based on last modified date/time
HTTP Post
- Upload multiple files in one session
GoAnywhere Translation
Read and Write popular data formats
- Database
- Excel
- Fixed-Width text
- Delimited text (CSV)
- XML
Can convert between formats. Examples:
- Database to CSV
- CSV to Excel
- XML to Database
GoAnywhere XML
Multiple sources (database, CSV, fixed-width, Excel)
Create multi-level XML documents
Header/Detail support
Custom XML tag names and attribute names
Format numbers and dates
Specify null substitute values
Data trim options
Indention / whitespace formatting
Schema or DTD validation
GoAnywhere XML Read
Parse complex multi-level XML documents
Schema or DTD validation
Header/Detail support
Data trim options
Supports multiple date and number formats
Skip invalid records
XML data can be inserted into database tables
XML data can be converted to other formats
(i.e. Excel or CSV)
GoAnywhere Excel Write
Supports Excel 95, 97, 2000(XP), 2003, 2007 and
2010 spreadsheets
Support for Excel Templates
Write to Multiple sheets
Custom titles, page headers, column
headings and page footers
Control fonts, font sizes, colors,
alignment, etc. (by sheet or column)
Format dates and numbers using
formatting options supported by Excel
Append or Replace
GoAnywhere Excel Read
Supports Excel 95, 97, 2000(XP), 2003,
2007 and 2010 spreadsheets
Indicate the sheet name to read
Specify the starting row number
Specify column types/sizes
Trim options
Format options for dates/numbers
Null substitute values
Import into database or convert
to another format (i.e. CSV or XML)
Fixed Width & Delimited
Read and write text documents
Fixed-width and Delimited text (CSV)
Supports multiple date and number formats
Record delimiters (CR, LF, CR/LF, LF/CR)
Text qualifiers
Null substitute values
Read
- Data can be inserted into a database table
- Data can be converted to other formats (i.e. Excel or XML)
Write
- Append or Replace
- Specify type of delimiter (commas, tabs, pipes, etc.)
- Include/exclude column headings
ZIP Compression & Encryption
Symmetric Form of Encryption – Password based
Can encrypt and compress multiple files at once (packaging)
Password protection: Standard, AES128, AES192 or AES256
Compresses typical data to 1/10th of original size
Compatible with PKZIP, WinZip and other ZIP tools
OpenPGP Encryption
Widely used for exchanging sensitive files over the internet.
Uses combination of Asymmetric-key and Symmetric-key
cryptology to provide high level of protection and speed
Encrypt with Public Key -- Decrypt with Private Key (Secret Key)
Encrypted files can be sent over standard FTP connections or Email
Provides compression to reduce file sizes
TERMS
OpenPGP standard is a non-proprietary and
industry-accepted protocol which defines the
standard format for encrypted messages,
signatures and keys. This standard is managed
by the IETF (Internet Engineering Task Force).
Key Pair is a combination of a Private key and
its corresponding Public key. Key Pairs are
used within Asymmetric Cryptology systems,
such as OpenPGP, SSH and SSL.
Private Key is the portion of a Key Pair which
is used by the owner to decrypt information
and to encode digital signatures. The Private
key, typically protected by a password, should
be kept secret by the owner and NOT shared
with trading partners. Also known as a Secret
Key.
“A transfer can be defined in just five steps”
Public Key is the portion of the Key Pair which
is used to encrypt information bound for its
owner and to verify signatures made by its
owner. The owner’s Public key should be
shared with its trading partners.
OpenPGP Screen Examples
OpenPGP Key Management
GoAnywhere integrated OpenPGP key management
Create, Change, Delete, Import and Export Keys
OpenPGP Signatures
A Digital Signature is used to authenticate the Sender
Sign with Private Key
Verify with Public Key
TERMS
Digital Signature is an electronic
signature which is encoded into a
document using the sender’s Private
key. This signature can be
authenticated by the recipient using
the sender’s Public key. An
authenticated signature will ensure
the original content of the document
has not been altered by an
unauthorized party.
Other Tasks
Copy, Move, Rename and Delete Files
Create Directories
Timestamp
Create and delete workspaces
Call native programs and scripts on Windows, Linux, etc.
Call IBM i (iSeries) programs and commands
GoAnywhere Error Handling
Define what should be done when a task errors out
- Abort
(default)
- Continue
- Set a value for a variable
- Call a specific module
Error handling can be defined on a project, a module or a task
Executing Projects
Execute immediately or in Batch
Place in GoAnywhere Scheduler
Use existing Scheduler
Execute from OS command line
Execute from within your applications
GoAnywhere Scheduler
Flexible scheduling:
- One Time
- Minutely
- Hourly
- Daily
- Weekly
- Monthly
Set login user and password, queue priorities, etc.
Email notification (when fails and when successful)
RUNPROJECT Command
Run projects in GoAnywhere using the RUNPROJECT command and APIs
RUNPROJECT available for IBM i (iSeries), Windows, Linux and UNIX
Requests sent to GoAnywhere over HTTP/S requests
Override Variables
Run interactive or batch
Specify Job Queue priority
Trap for errors
The RUNPROJECT command and
APIs are provided at no additional
charge in GoAnywhere.
44
RUNPROJECT Example
Monitor for message ids
Any errors are placed in job log
Retrieve any errors with RCVMSG command
Project Execution Flow
Every execution of a Project is considered a “Job”
Each Job is assigned its own Job Number and Job Log
Starts in a Job Queue
Can override Job Queue priority and Execution priority
Multi-threading (to allow the concurrent execution of multiple projects)
Monitor active Jobs (hold, release, cancel)
Logging
Global Log
Job Log per execution of Project
Log Level can be defined on a project, module or a task
Log Level controls what should be logged:
- SILENT
- INFO
- VERBOSE
- DEBUG
Search Completed Jobs
- Date/time range
- User
- Project Name
- Job Number
- Status
Example of Job Log
1/21/08
1/21/08
1/21/08
1/21/08
9:38:07AM
9:38:07AM
9:38:07AM
9:38:07AM
INFO
INFO
INFO
INFO
Start Date and Time: 1/21/08 9:38:07 AM
Job Number: 1200325835858
Project Name: /Demo/DB to Excel to Zip and FTP
Submitted By: administrator
1/21/08
1/21/08
1/21/08
1/21/08
9:38:07AM
9:38:07AM
9:38:08AM
9:38:08AM
INFO
INFO
INFO
INFO
Executing task 'Retrieve Records‘
Executing statement select * from LIBRARY.EMP
Query execution produced a rowset
Finished task 'Retrieve Records‘
1/21/08 9:38:08AM
1/21/08 9:38:09AM
1/21/08 9:38:09AM
INFO
INFO
INFO
Executing task 'Create Excel File‘
8 record(s) were written
Finished task 'Create Excel File'
1/21/08
1/21/08
1/21/08
1/21/08
9:38:09AM
9:38:09AM
9:38:09AM
9:38:09AM
INFO
INFO
INFO
INFO
Executing task 'Create ZIP File‘
Compressing file '/files/employees.xls‘
Number of files compressed: 1
Finished task 'Create ZIP File‘
1/21/08
1/21/08
1/21/08
1/21/08
1/21/08
1/21/08
1/21/08
1/21/08
1/21/08
9:38:09AM
9:38:09AM
9:38:10AM
9:38:10AM
9:38:10AM
9:38:12AM
9:38:12AM
9:38:12AM
9:38:12AM
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
INFO
Executing task 'FTP the ZIP File‘
Connecting to '192.168.1.2' at port '21'
Executing sub-task 'put‘
Setting the data type to AUTO
Uploading ‘/files/employees.zip’
1 file(s) were uploaded successfully
Finished sub-task 'put‘
Closed the FTP connection
Finished task 'FTP the ZIP File'
1/21/08 9:38:12AM
1/21/08 9:38:12AM
1/21/08 9:38:12AM
INFO
INFO
INFO
Finished module 'main‘
Finished project 'DB to Excel to Zip and FTP‘
End Date and Time: 1/21/08 9:38:12 AM
GoAnywhere Security
Authorized users must have valid user id and password
Passwords can be authenticated against GoAnywhere database or System
i
Users can be organized into User Groups
Roles can be assigned to Users and User Groups
- Product Administrator
- Security Officer
- Resource Manager
- Project Designer
- Job Manager
- User
Authorize Resources
Authorize Project Folders
GoAnywhere Advanced
Thread-safe - Controls whether or not a project can be executed simultaneously
Workspaces - Each execution of a project (or a job) can have its own
workspace for storing temporary files
Import Projects and Resources
Promote Projects and Resources to other installations
GoAnywhere Services - Summary
GoAnywhere Product Diagram
GoAnywhere Services Overview
Allows your trading partners and employees to securely
connect to your organization and easily retrieve or upload files.
Supports open transfer protocols of FTP, SFTP, FTPS,
HTTPS and AS/2
Can secure transmissions with SSL/TLS or SSH encryption
Provides a pure web client for simple file transfers
Allows ad-hoc file transfers through Secure Mail
Includes event triggers based on user-defined conditions
Generates detailed audit logs and alert messages
Provides trading partner account wizards and permission controls
Intuitive browser-based interface for administration and monitoring
No programming or special skills needed
Installs to Windows, Linux, IBM i (iSeries), IBM System p, HP-UX, Sun Solaris and UNIX
Trading Partner Management
Unlimited number of trading partners can be configured
Grant individual permissions or adopt permissions from groups
Restrict access based on the type of service (FTP, SFTP, FTPS, HTTP/s, AS2)
Restrict access to certain functions (e.g. upload, download, delete, rename, etc.)
Automatically send email with user id and password
GoAnywhere Web Client
Allows your trading partners simple access to your system for exchanging files
Authenticate using user-ids/passwords/certificates with granular permission controls
Full audit trails and event triggers
Choose between basic and enhanced (applet) interfaces
Rebrand with your company logo
GoAnywhere Audit Logs
Audit logs stored for every transaction (login, upload, download, rename, etc.) for all services
Search using a wide variety of filter criteria
View on-line or export to CSV
Integration with GoAnywhere Director
GoAnywhere Director can send/retrieve
files
to/from GoAnywhere Services
GoAnywhere Services can call Projects
in GoAnywhere Director based on triggers
Triggers based on file upload, download,
rename, etc.
Pass parameters, such as user and file
name
Can run multiple triggers per event
SECURE MAIL
GoAnywhere Secure Mail
Files transferred over a secure HTTPS connection
Your system keeps possession of the files until the recipient retrieves them (not
hosted)
Your Employees
Step 1 – Email Link
Step 2 – Get Files
through browser
Files Kept on
Your System
No file size limits (unlike traditional email)
GoAnywhere Secure Mail
Sender:
1. Enters the message
2. Attaches the files
3. Clicks Send
GoAnywhere Ssecure Mail
Recipient gets an email with a
link
GoAnywhere Secure Mail
Recipient provides the
password
GoAnywhere Secure Mail
Recipient downloads the file attachments
securely
Full Audit Trails…
every step is recorded
GoAnywhere Gateway Introduction
No incoming ports are opened into the private (internal) network
No sensitive files are stored in the DMZ
User credentials and permissions are maintained/stored in the private network
Services configurations are maintained/stored in the private network
Supports FTP/s, SFTP, SCP and HTTP/s file transfer protocols
No special hardware components; software-only solution
Installs to Windows, Linux, AIX, UNIX and Solaris operating systems
How it works ?
GoAnywhere Installation
Linux (32-bit and 64-bit):
- Distributions
- Disk space
- Memory
Red Hat, SUSE, Ubuntu, CentOS (not inclusive)
150 MB per product (not including user data)
256 MB minimum per product (1 GB preferred)
Windows (32-bit and 64-bit):
- Operating System
- Disk space
- Memory
Windows 2000, 2003, 2008 R2, XP, Vista, 7
150 MB per product (not including user data)
256 MB minimum per product (1 GB preferred)
IBM i (iSeries):
- Operating System
- Disk space requirements
- Memory requirements
V5R3 or higher
100 MB per product (not including user data)
256 MB minimum per product (512 MB preferred)
- JRE
1.5 or later (1.6 preferred)
UNIX / AIX / Solaris / HP-UX:
- Disk space requirements 100 MB per product (not including user data)
- Memory requirements
256 MB minimum per product (1 GB preferred)
- JRE
1.5 or later (1.6 preferred)
Appendix
69
Encryption – Hashing - Compression
GoAnywhere Director is compliant with the Open PGP standard.
The Open PGP standard is a non-proprietary and industry-accepted protocol which defines the
standard format for encrypted messages, signatures and keys. This standard is managed by the IETF
(Internet Engineering Task Force).
Asymmetric Encryption Algorithms
Hash Algorithms
Diffie-Hellman
DSA
RSA
The key sizes supported are 512, 1024,
2048 and 4096 bits.
MD2
MD5
RIPEMD-160
SHA1 (default)
SHA-256
SHA-384
SHA-512
Ciphers (Symmetric Encryption Algorithms)
AES-128
AES-192
AES-256 (default)
Blowfish
CAST5
DES
IDEA
Triple DES (DES ede)
Twofish
Compression Algorithms
ZIP
ZLIB
70
Encrypted Folders
Encrypted Folders protect files at rest (on disk) using AES-256 encryption. When the
Encrypted Folders feature is enabled, GoAnywhere will automatically encrypt the data as it is
written (streamed) to files within the designated folders. This is important for compliance
with security standards (e.g. PCI DSS, HIPAA, etc) which require that sensitive data is never
stored "in the clear" on disk at any time.
When a Project accesses the files from an encrypted folder, the files will be automatically
decrypted on the fly. Encrypted folders can also be accessed by authorized users (admin
cannot decrypt it) through the GoAnywhere File Manager screen.
Encrypted Folder Wizard Screen
71
FIPS 140-2 Compliance
Security Requirements for Cryptographic Modules are formalized in the Federal
Information Processing Standard (FIPS publication 140-2), developed by the US
National Institute of Standards and Technology (NIST) and Canadian Communication
Security Establishment (CSE).
GoAnywhere Director provides a FIPS 140-2 Compliance Mode and when enabled, it
only permits the use of FIPS 140-2 compliant ciphers (e.g. AES, Triple DES) for
encryption processes.
72
PGP Encryption
73
BBB accredited Business
Reason for Rating
BBB rating is based on 16 factors. Get the details about the factors considered.
Factors that raised Linoma Software's rating include:
1. Length of time business has been operating.
2. No complaints filed with BBB.
3. BBB has sufficient background information on this business.
See more at: http://www.bbb.org/nebraska/business-reviews/computerssoftware-and-services/linoma-software-in-ashland-ne-104006361#reasonrating
Complaint Type
Total Closed Complaints
Advertising / Sales Issues
0
Billing / Collection Issues
0
Problems with Product / Service
0
Delivery Issues
0
Guarantee / Warranty Issues
0
Total Closed Complaints
0
74