AS1 Gateway Service

AS1 isa specification for secure data exchange between businesses usingthe Internet. AS1 uses SMIME public key cryptography and SMTP as atransport mechanism. (SMIME defines a means to make email messagesmore secure by adding both digital signatures and encryption.)

TheAS1 gateway service allows you to exchange data with business partnerswho use different technologies. All AS1 accounts are SMTP accountswith extended information for security and notification information.

AS2 Gateway Services

AS2 usesSMIME public key cryptography (X.509 certificates) and HTTP or HTTPSas a transport mechanism. Encryption compression and digital signaturesare options. If a message is not encrypted it should be sent overHTTPS.

The AS2 gateway services enable you to exchange criticalbusiness data securely over the Internet with HTTP/HTTPS as the transport.This data exchange can be conducted between an AS2-capable companyand a non-AS2-capable company. Sterling B2B CollaborationNetwork providestwo different AS2 gateway services:

• Standard AS2 Gateway Service?The standard service enables customerswho use AS2 to exchange data with business partners who are not AS2-enabled.
• IBM? SterlingManaged AS2 Gateway Service?Themanaged service enables customers who are not AS2-enabled to exchangedata with business partners who use AS2.

Sterling Connect:Direct GatewayService

The Sterling Connect:Direct? gatewayservices enable you to use Sterling Connect:Direct toaccess Sterling B2B CollaborationNetwork andsend data to or receive data from your business partners. Your businesspartners do not need to use Connect:Direct.

Sterling Connect:Direct OS/390? Service supports unencryptedor encrypted data sent by Sterling Connect:Direct or Sterling Connect:Direct Secure Plus. Sterling Connect:Direct Secure Plus usesSecure Socket Layer (SSL) technology with X.509 V3 certificates. Ifyou are using Sterling Connect:Direct Secure Plusyou must also use the following to receive product support:

• Sterling Connect:Direct 4.2or higher
• Sterling Connect:Direct Secure Plus Option2.0 or higher
• Digital certificates
• SSL encryption

The Sterling Connect:Direct Gatewaydoes not support the Station-to-Station (STS) encryption method offeredby Sterling Connect:Direct Secure Plus Option.To use the Sterling Connect:Direct Gatewayyou must use SSL encryption. The Sterling Connect:Direct Gatewayfor OS/400? does not supportthe use of SSL encryption or Sterling Connect:Direct Secure Plus Option.

FTP Gateway Services

FileTransfer Protocol (FTP) is a communications protocol associatedwith TCP/IP used to transmit large files over the internet. The FTPgateway service allows you to use your own FTP client to exchangedata with your business partners who may use other protocols.

TheFTP Gateway Services include the following types of encryption forenhanced security:

• Pretty Good Privacy over FTP (PGP overFTP)

  PGP uses public-key cryptography and includes a system thatconnects the key to a user's identity. The message recipient musthave previously generated a linked-key pair which includes a publickey and a private key.

  The sender uses the recipient's publickey to encrypt a session key which is then used to encrypt the textof the message. The message recipient decrypts the message using thesession key which was included in the message in encrypted form andis decrypted using the recipient's private key.

  A similar strategyis used to detect whether a message has been altered since it wascompleted and whether it was sent by the company claiming to be thesender. PGP adds to the message a signature that is created usinga digital summary of the message and the sender's private key.

• SecureFTP with SSL (FTP/S)

  SSL is Secure Sockets Layer a protocol formanaging the security of message transmissions with the use of publicand private keys.

• SecureFTP with SSH (SFTP)

  SSH is Secure Shell a protocol for managingthe security of message transmissions by encrypting both commandsand data.

For more information see What are the differences between the Sterling B2B Collaboration Network secure FTP options?.

HTTP Gateway Service

HypertextTransfer Protocol (HTTP) is a communications protocol associatedwith TCP/IP and used to transmit data securely over the internet.

TheHTTP gateway service acts as a secure interface between Internet-enabledand traditional business partners. HTTPS is the recommended protocolfor data transfer with the HTTP gateway service. HTTPS is an internetprotocol that uses Secure Sockets Layer (SSL) as a sublayer to encryptdata and ensure its safe transmission. A server-level certificateis required for inbound and outbound messages. If security is a concernHTTPS should be used.

MQ Gateway Service

The MQ gatewayservice supports application integration by enabling the transferof data across multiple platforms using queues that send and receivedata as messages. This message-based approach offers a secure efficientand guaranteed means of transferring data.

Customs Gateways

Customs gatewaysprovide a means to securely send and receive your import/export documents.The Customs gateway service transports the documents to the appropriatecustoms service. Both the U.S. Customs Service and Canadian CustomsService are supported.

You can send customs documents to Sterling B2B CollaborationNetwork usingany supported transport method. The Customs gateway processes thedocument so it conforms to U.S. Customs system requirements. SimilarlyU.S. Customs sends documents to you through Sterling B2B CollaborationNetworkwhich handles any changes necessary to return it to your system.

X.400

X.400 isa protocol that runs over TCP/IP and is an ISO and ITU standard foraddressing and transporting email messages. X.400 is commonly usedin Europe and Canada instead of SMTP.

Interconnect Service (Public and Private)

Interconnect isthe process of connecting Sterling B2B CollaborationNetwork toa VAN for sending and receiving data. This service enables you tosend your data to other public and private networks that your businesspartners use. After receiving your data the other networks deliverit to your business partners. You can also receive data from othernetworks so your business partners can send data to you.