Introduction to MFT Services
This topic introduces Managed File Transfer (MFT) services and explains how an InterSystems IRIS® production can communicate with these services, so that the production can send and receive files securely.
Overview of MFT Services
Managed File Transfer (MFT) services are third-party services that support secure transmission of files. These services generally include the following features:
-
Use of encrypted channels for the actual data transmission.
-
Scalability and high availability.
-
Ability to control and monitor information about senders and recipients. Only authenticated and authorized users or applications can send and receive files, and all transmissions are fully logged for auditing purposes.
-
Ability to easily integrate with other applications, so that files can be sent directly between applications.
-
Server backup. End users do not have to manage backups.
InterSystems IRIS and MFT Services
InterSystems IRIS provides support for using MFT services directly from a production, so that the production can receive files from and send files to an MFT service. Specifically, InterSystems IRIS supports the following MFT services:
-
Dropbox – http://www.dropbox.comOpens in a new tab
-
Accellion kiteworks – http://www.kiteworks.comOpens in a new tab
Integration with an MFT service causes the production message log to keep an audit trail of file transmissions, so that there is never any question about the sender, recipient, or contents. This ability is useful when the production needs to route or process sensitive files.
The InterSystems IRIS support for MFT is particularly useful for secure communication between a large organization (using an InterSystems IRIS production) and small facilities that may have less technical staff.
Support for MFT in InterSystems IRIS
Formally, the support for MFT in InterSystems IRIS consists of the following items:
-
Business hosts for sending files to and receiving files from the supported MFT services:
-
The MFT business service class, EnsLib.MFT.Service.PassthroughOpens in a new tab, for receiving files from an MFT service
-
The MFT business operation class, EnsLib.MFT.Adapter.OutboundOpens in a new tab, for sending files to an MFT service
-
-
A web interface for configuring a secure, authorized connection to an MFT service. The InterSystems IRIS Management Portal provides a way to create and save reusable connections to MFT services, for use by productions in that InterSystems IRIS server.
-
An API for managing resources within an account at an MFT service. This API includes a complete set of methods for managing users, files, and directories within the account.
The following subsections describe how the business hosts classes work.
Overall Behavior of the MFT Business Service Class
The MFT business service class, EnsLib.MFT.Service.PassthroughOpens in a new tab, provides runtime settings that you use to specify items including the following:
-
Connection information that enables the business service to make an authorized connection to a specific account at an MFT service
-
Location of the directory where the service should look for files
-
A regular expression that identifies the filename to look for
-
A polling interval, which controls how frequently the service checks for new input
-
The name of one or more target business hosts within the production
The MFT business service periodically checks the given directory, and then iterates through the matching files it finds. For each file, the business service creates a message (an instance of Ens.MFT.StreamContainerOpens in a new tab) that contains the file contents and then sends that message to the configured target elsewhere in the production.
The following figure shows the overall flow:
Overall Behavior of the MFT Business Service Operation
The MFT business operation class, EnsLib.MFT.Adapter.OutboundOpens in a new tab, provides runtime settings that you use to specify items including the following:
-
Connection information that enables the business service to make an authorized connection to a specific account at an MFT service
-
Directory within that account where the operation should place files
-
A filename specification that describes the format of generated filenames
When an MFT business operation receives a message (an instance of Ens.StreamContainerOpens in a new tab or any subclass of that class), it creates a file and writes that to the specified directory within the MFT account. The following shows a sketch of the process: