ActiveTransfer Server 10.15 | webMethods ActiveTransfer Documentation | Administering ActiveTransfer Server | Managing Listeners | Features in Listeners
 
Features in Listeners
This topic provides information about specific features you can use to configure listeners in ActiveTransfer:
Access
You can configure access settings for a listener that uses FTP protocol for ActiveTransfer Server or an ActiveTransfer Gateway instance. The ActiveTransfer Server or an ActiveTransfer Gateway instance can work in the following FTP modes:
*In passive FTP mode, the client initiates a connection to the server specified from the range of port numbers for such a data connection. This is the default mode. This mode is used when it is not possible to create an outgoing connection to a client machine. For example, when a firewall imposes restrictions on connections.
*In active FTP mode, the server creates an outgoing connection through the specified listener to the client machine for data transfer as specified in the FTP commands issued by the client.
Note:
Ensure that you provide access for the listener in your firewall settings. Otherwise, connections between the client machine and ActiveTransfer Server might be blocked.
Encryption
You can configure encryption methods for ActiveTransfer Server or ActiveTransfer Gateway listeners that use FTP protocol.
ActiveTransfer supports Transport Layer Security (TLSv1) and Secure Sockets Layer (SSLv3) cryptographic protocols that provide internet communication security. FTP protocol uses two types of client security methods:
*Explicit: Connections between an FTPS-aware server and the clients remain secure even if the clients are not FTPS-aware.
*Implicit: SSL authentication is used for all clients that connect with the FTPS server for each session. This method is not compatible with clients that are not FTPS-aware.
SSH Server Host Keys
ActiveTransfer supports both RSA and DSA encryptions.
Note:
When you create a default SFTP listener in ActiveTransfer Server or ActiveTransfer Gateway instance, the default RSA and DSA keys are used for login. The default RSA and DSA keys are adequate for demo or testing purposes. However, in production environments, we recommend that you replace these default keys with your own RSA and DSA keys.
SSH Supported Ciphers
Ciphers are algorithms that are used to encrypt or decrypt data. In ActiveTransfer, you can configure the ciphers supported for SSH. The aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, and arcfour256 ciphers require strong Java security policy certificates. You need to set the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JDK/JRE in order to use these ciphers. Java comes with a default maximum key strength of 128 bytes.
SSH Connection Settings
You can configure the following SSH connection settings:
*Default character encoding that controls how ASCII characters are encoded when sent to a client.
*Use of asynchronous threading to enable tasks to run in parallel. Asynchronous threading is useful to transfer a file to multiple external locations concurrently instead of sequentially.
*Number of seconds to wait before disconnecting an idle connection.
*Handshake options to use when establishing a secure connection with a partner.