• No results found

Global Client Access Managed Communications Solutions. JPMorgan - Global Client Access. Managed Internet Solutions (EC Gateway)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Global Client Access Managed Communications Solutions. JPMorgan - Global Client Access. Managed Internet Solutions (EC Gateway)"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

JPMorgan - Global Client Access

Managed Internet Solutions

(EC Gateway)

(2)

Overview

JPMorgan offers a variety of electronic communications services that are reliable and user-friendly. As a

comprehensive data communication service, our offerings allow for fail-over capabilities as well as 24 hours a day, seven days a week support. The service leverages industry standard message formats, open network

communications and advanced security techniques to help meet your business needs.

Our Global Client Access team is staffed worldwide by help desk, technical and business support employees to provide answers to your questions, professional service and monitor file delivery service.

The following document provides an outline of available connectivity and security services through the Global Client Access Team. This document is subject to change based on new services and technologies added or discontinued. We offer the following types of communication and security services to help meet the needs of our global client base.

Managed Internet (EC Gateway) –

SFTP FTPS AS2 HTTPS Sungard eTX Service Snapshot -

We engage transmission implementation personnel to provide application setup and transmission testing. We offer a 24 hours, seven days a week help desk that actively monitors data transmissions. This service automatically provides notification of transmission failures.

Advanced Technology -

We invest and operate the latest security and transportation technologies providing a world class service that is both flexible and functional.

Security -

(3)

JPMC Managed Communications Solutions (EC Gateway)

EC Gateway Overview

EC Gateway is an electronic communications service that offers a variety of reliable and user-friendly integration options for linking to JPMorgan services. As a comprehensive data communication service, EC Gateway offers fail-over capabilities and support 24 hours a day, seven days a week. The service leverages industry-standard message formats, open network communications and advanced security techniques to satisfy your requirements.

We employ public key infrastructure (PKI) security for all EC Gateway connection options to the bank. PKI digital certificates provide authentication, confidentiality, non-repudiation and data integrity. A combination of public and private keys keeps data secret.

JPMorgan Service CLS Third Party Service

Client JPMorgan

Inbound flow

Client to JPMorgan Chase service Outbound flow

JPMorgan service to Client Customer

Directory on Router

Firewall Firewall

Link encrypted with SSL

EC Gateway Server Security software/ Communications Gateway Client Gateway Security Software Transport Protocol Firewall Internet

Because security is paramount, when using JPMorganChase’s EC Gateway, all access is authenticated and encrypted using digital certificates. Depending on the particular transfer protocol being used, clients may add an additional security layer by encrypting the data being communicated to the underlying JPMorgan service.

The following is a typical secure data flow:

ƒ Using pre-established transport protocol, the client puts the designated service file, created out of the back-office application according to an agreed format specification, into a secure incoming directory specifically created for that client.

(4)

EC Gateway Solutions – All solutions support both Push and Pull methods.

AS2

Description: Your organization must meet the following requirements in order to successfully communicate with JPMorgan exchanging data using AS2:

¾ Must be running a Drummond Group® Certified AS2 platform

¾ Access to High-speed (preferred) or dial-up Internet connection ¾ TCP/IP network interface

¾ The ability to accept a SSL key

¾ AS2 platform must handle SSL server side validation

¾ Your firm must communicate using standard port 443 sending to JPMC Roadmap for establishing JPMorgan connectivity with AS2:

¾ You provide an SSL key

¾ JPMorgan will provide the appropriate DNS information for routing

¾ Firewall rules in place to communicate with AS2 partners - A trading partner may require inbound and outbound firewall modifications to account for all trading partner IP addresses and port numbers Public keys must be provided to JPMorgan.

FTP / SSL

Description: FTP/SSL requires the exchange of SSL certificates with JPMC in concert with the RFC 2228 standard. JPMorgan supports FTP encrypted with a secure socket layer (SSL) session.

Requirements include:

9 TCP/IP network interface

9 FTP software supporting the RFC 2228 standard for FTP over an SSL session (SSL Key) 9 The use of PGP or the use of the existing SSL key (SSL to be discussed) for sensitive data Public keys must be provided to JPMorgan.

Secure FTP (SSH)

(5)

JPMorgan HTTPS Client-Side Software

Description: We provide a HTTPS JavaTM-based software technology that is used to send/receive files.

Requirements: If your company uses your own HTTPS, you must perform “client-side verification”, meaning the software used to connect must be able to verify itself by presenting a certificate.

Java version 1.3.x. will be required on the target/sending environment. Requirements include:

9 TCP/IP network interface 9 SSL Key

9 The use of PGP (if highly sensitive data)

Other: You will need to store your company’s private certificate in an unencrypted, no password required state. In addition, you will need to convert your public certificate to a .der file and send to JPMorgan.

Public keys must be provided to JPMorgan.

Sungard eTX –

Communications Protocol: TCP/IP – FTP

Connectivity: Public Internet connection. Sungard Treasury workstation connected to eTX. Security: SSL, PGP

(6)

Security and Data Overview

JPMorgan supports the transfer of Highly Sensitive* and Sensitive* data as defined by our IT Control Policy. The service is designed to be bi-directional and managed end-to-end.

Examples of data types by security level:

Sensitive Data -

Requires - Transport Security (SSL, IP SEC)

Example – Client information, Reporting Information, User name / Passwords

Highly Sensitive Data requires -

Requires - Transport Security (SSL, IP SEC), Message Integrity, Originator Authentication and Consequential evidence of Authentication (signing – PGP, 509.v3)

(7)

Partner Key Management

Global Client Access has created a Partner Key Management Process (PKM) that allows for the bank to accept PGP, SSL and other key types from the client. This PKM process is designed to accommodate client keys while preserving the required IT Control standards.

The following procedures will be used for digital-signature public key management using a certificate;

¾ Your company will identify at least three individuals authorized on their behalf to request JPMorgan to add, update or delete keys. Any requests from a third party agent should be forwarded to an authorized

representative of your company.

¾ You must send a letter on company letterhead identifying the authorized individuals with their names, complete mailing addresses, original signatures, phone numbers and e-mail addresses. This information will be mailed to JPMorgan. A template will be provided for your convenience.

Certificates must have a validity period of one to two years. No signature shall be accepted after certificate expiration. No certificate shall be accepted unless it adheres to the following cryptographic specification:

Message digest: SHA-1

Asymmetric algorithm: RSA, DSS, Psypher Asymmetric algorithm key length: 1024 bits or more

References

Download now ( PDF - 7 Page - 266.40 KB )

Related documents

Reactive power compensation - Critical Length of Cable Circuit

• Responsibility for the construction, maintenance & refurbishment of the extra high voltage cable network in the Sydney CBD and inner suburbs (comprising 500 kilometres

SABMiller plc. Annual Report Building locally, winning globally

Financial assets and financial liabilities are initially recorded at fair value (plus any directly attributable transaction costs, except in the case of those classified at fair

Power, Transport, Aviation and Water : the Political Economy of Infrastructure in the UK

The tortuous debate about aviation capacity in the South East of England which spans across more than four decades, and is yet to produce an effective way of tackling congestion

Surgical Technologist Licensing Requirements, Health Care & Wellness Regulation

4 (3) "Surgical technologist" means ((a person, regardless of title, 5 who is supervised in the surgical setting under the delegation of 6 authority of a health

THE COCONUT GROVE LIBRARY 2875 MC FARLANE ROAD

Miami-Dade Public Library System Date of Construction: 1963 Location: 2875 McFarlane Road Miami, Florida Present Owner: The City of Miami.. c/o Asset Management 444 SW 2 nd

Website. King County Council District # WA State Legislative District # Date Incorporated. Federal Tax ID. WA State UBI#

This section addresses the Feasibility of your proposed project. Tell us what background you, your sub-contractors, and others on your project team have in preservation,

PROJECT MANAGEMENT METHODOLOGY OF OBJECT- ORIENTED SOFTWARE DEVELOPMENT

When we were developing methodology we firstly created simple software development life cycle for object oriented software development and then we integrated

PERANBIN PRESS The Newsletter of Peranbin Primary College We are four campuses working together:

The 2021 school year will look different to any other year as all schools want to ensure that students are well supported to adjust to their new learning environments..