Make Your Data Transmission Secure

Understanding AS2 Security Protocols for Sending Data

Many companies have been thrust into the world of AS2 in much the same way they were compelled to implement EDI a few years ago: a mandate is received from a trading partner directing them to implement an AS2 solution by a given deadline.

Since EDI INT AS2 is a secure Internet data transmission standard process that eliminates the need for and cost of transmitting data through a Value Added Network (VAN) it is a worthwhile investment. Several mass merchants such as Wal-Mart, and Home Depot, the Department of Defense, electronics giants such as Intel, and the HIPAA standards in healthcare are now requiring data transmission using AS2. It is likely most FTP exchanges between companies will move to AS2 as well as since AS2 offers better data security. Widespread adoption of AS2 processing has already eliminated or reduced the costly middleman (the VAN) for thousands of businesses and that trend is continuing.

DCS provides remote support for your AS2 utility. We can help you resolve knotty problems such as ports, certificates, and dynamic I.P. addresses while ensuring firewall integrity is certain. As a plus, we review with you the solutions to boost your self-reliance and skill-sets. The next step is to email DCS for a FREE Assessment. We will be glad discuss your needs and goals.

Understanding AS2

AS2 refers to the security protocols for sending data securely via the Internet (using HTTPS). Various software packages are available to handle the encryption, communication, and receipt verification required by this standard protocol. The Drummond Group (www.drummondgroup.com) assures interoperability among the various software packages through certification of AS2 packages. Stable solutions are now available.

The AS2 specification solely describes the secure transmittal of EDI in batch mode or any other data over the Internet using HTTPS. It is a specification on securing and transporting data, not on validating or processing the data. The transported data is then dispatched to the appropriate processor based upon its content-type. Therefore, an EDI translator will still be needed to process the “raw EDI” data. Rather than sending/receiving data via a VAN (Value Added Network), the data would be sent/received via the Internet in accordance with AS2 security features and imported/exported into the user’s application system.

Considering the Cost Savings

While meeting the requirements of a key trading partner may be the initial motivation behind an AS2 implementation, companies should consider the cost savings as well. The more trading partner relationships, and therefore traffic, that a company can move to AS2, the greater the VAN savings will be, and the faster the payback on the AS2 solution. With the costs of transmitting additional data reduced to nothing, it pays to see if exchanging larger data files (unsuited to traditional EDI applications) makes sense. Manufacturing schedules and point of sale data can be securely transmitted in seconds for no additional cost – a far cry from what was possible at 9600 baud with a VAN!

Benefits of using AS2

As mentioned, a long term benefit in using AS2 is to significantly reduce and in some cases eliminate the traditional communication costs associated with VANs. A secondary benefit is in the decreased “turn-around” time for business transactions. Traditional EDI is “batch” processed in that messages are grouped together and sent/received at intervals throughout the day.

Configuration Services To Eliminate Security Risk

Setting and testing the first few trading partners should be done carefully to eliminate a security risk. For example, the firewall administrator needs to approve and open the chosen port. Then, contact with the customer to exchange certificates must be timed properly so that orders are not lost.

After AS2 has been in operation for several weeks, the process can be automated to eliminate daily checking. This includes setting error messages for expired certificates and training the firewall administrator to avoid accidental closures and I.P. address changes.

Purchasing AS2 Software

Prospective buyers should aggressively negotiate the purchase of AS2 software. Specifically, the per-block of 5-10 trading partners scheme is impractical since EDI is not purchased by the Trading Partner.

Calculating the cost for a medium sized company with 10 trading partners yields a startling total cost. Some even regard a test mailbox as a separate trading partner. DCS recommends renegotiating as growth is encountered. Again, negotiate aggressively!

DCS recommends several products, depending on your specific needs:

Alligacom’s Net-Transfer™ for the cost conscious buyer.
Cleo’s VersaLex™ product fits well for companies selling to Wal-Mart or the auto industry.
Sterling B2B Integrator™or Connect: Direct™ for the users of Gentran.
GXS’ Biz Manager™ or BizConnect™ for BizLink/BizManager™ and Trusted Link™ users (Acquired IPNet), AS2 Engine™ for users of ASN Plus™ or Application Integrator™.
Click Commerce TDAccess™ and TDNgine™ has multiple AS2 products with a wide range of capabilities. They are used often in the Banking industry and in conjunction with 1SYNC (UCCNET).
nuBridge’s Exchange™ leads with AS2 for the IBM System i™ (Acquired Trail Blazer)
Covast’s AS2 Adapter™ for users of Microsoft BizTalk™
Axway’s Synchrony Gateway Adapter™ (Acquired Cyclone, Atos Origin, and Tumbleweed)

Companies anticipating AS3 have begun secure FTP over their VPNs with select Trading Partners. If you are considering a pilot program, we can help you configure your FTP server and firewall. For more information see our page on FTP/Firewall Tuning in Anticipation of AS3 page.

DCS are Experts with AS2 Products

DCS’ experience with AS2 products tells us they perform well. The Drummond Group certification program helped to ensure this. However the certification program does not test ease of installation or technical support. Connections to the EDI system can be tricky to install and experienced assistance can curb the time and headaches of installation.