• No results found

Online Banking for Business Secure FTP with SSL (Secure Socket Layer) USER GUIDE

N/A
N/A
Protected

Academic year: 2021

Share "Online Banking for Business Secure FTP with SSL (Secure Socket Layer) USER GUIDE"

Copied!
13
0
0

Loading.... (view fulltext now)

Full text

(1)

Online Banking for Business

Secure FTP with SSL (Secure Socket Layer)

(2)

Contents

Secure FTP Setup

... 1

Introduction

...

1

Secure FTP Setup Diagram

...

1

Before You Set Up S/FTP

...

2

Setting Up S/FTP

...

2

Sending Files

... 3

Address construction

...

3

To Send a File

...

3

Receipt file

...

4

Receiving Files and Reports

... 5

Outbound (from BMO) Mail Slots

...

5

Listing received files

...

5

Receiving files

...

6

Appendix A – Client Questionnaire

... 8

Appendix B - Definitions

... 10

File encoding

...

10

Other definitions

...

10

Appendix C – Certified Secure FTP software

... 11

(3)

Secure FTP Setup

I N T R O D U C T I O N

This guide explains how to configure a secure FTP connection to BM O Bank of Montreal (BMO) to allow secured communication over the Internet. The FTP transmission service provides a high speed and reliable method of transmitting files between your PC/Server and BMO.

Note: The Secure FTP service uses standard File Transfer Protocol services. It simply adds a secured (SSL) tunnel through the Internet for the FTP commands sent from third party software to the FTP Service.

This Service is provided in conjunction with GXS.

S E C U R E F T P S E T U P D I A G R A M

A Secure FTP (S/FTP) setup is illustrated in the diagram shown below.

(4)

B E F O R E Y O U S E T U P S / F T P

The following items are required before you begin the setup:

• Obtain Secure FTP client software. This service recommends that a pre-approved Secure FTP client be used to access the service. See Appendix C for a list of GXS certified Secure FTP software products.

To use the FTP transmission service, you will need to have received the following from the BMO: 1. This user guide.

2. A Secure FTP questionnaire (Appendix A) - to be completed and returned to BMO. 3. A mailbox ID (same as FTP user ID) and password.

4. Your trading relationships (also know as mail slots).

5. Your BMO Implementation Specialist (IS) will provide you with your user number (mailbox id) and password as well as your trading relationships (mail slots). Please review the Send and Receive sections of this document.

S E T T I N G U P S / F T P

Follow the instructions below to begin setting up Secure FTP.

Note: if you have a firewall on your system, you will need to have the following ports open:

Data port range – 6366-6416 FTP ports 20 and 21

Install and setup your Secure FTP client software. Use default values in the setup with the following exceptions:

• Server address is sftp.am.gxsics.com • Enter your mailbox id and password.

• Enter the applicable FTP commands for a session.

• Log on to Interchange Services using your user number and password. If you encounter problems with your Interchange Services user number, contact your IS. Work with your IS to test the setup and begin exchanging documents.

(5)

Sending Files

A D D R E S S C O N S T R U C T I O N

• You can send files to us from your mailbox. In order to send files you must

establish/confirm your mail slots with your IS. Depending on the number of services you have with us, you may have more than one inbound mail slot. The construction of the Send address for you is mailbox-SEND. Your mailbox is the same as the FTP user ID.

• BMO Receive addresses have been constructed using the application, document type and file encoding. This constructs your inbound mail slot to BMO. Your inbound mail slot consists of the following:

• Application name – provided by the IS;

• Application document type – provided by the IS;

• File encoding – provided by you when implementation was requested.

Example: When you are sending an Electronic Transfer File (EFT) file to BMO, your inbound trading relationship will look as follows: DEFT-DEFT80-A – where DEFT is the application name, DEFT80 is the document type, and A is encoding. The above mail slot means that you can send 80 bytes DEFT files in ASCII format. Please work with your IS to get details of all of your inbound mail slot. Refer to Appendix B for available file encodings.

T O S E N D A F I L E

In order to send files, FTP commands must be entered in your secure FTP software.

1. You must first change to the /send directory on the server. This is performed as follows: cd /send

2. You must also include two commands that instruct the FTP Service on how to process the file(s) being sent. Both use the “QUOTE SITE” command. There is no order preference between these two commands, either one can come before the other. The only requirement is that they come before the actual sending of the file(s).

The first command causes the service to treat the file as binary. This is required in order to instruct the service to forward the file to BMO without additional processing. The syntax is as follows:

QUOTE SITE standard=none

The second command defines the sending and receiving addresses for the PUT command. The required syntax is:

QUOTE SITE parm=sa=sender_address;ra=receiver_address

Refer to the Address Construction section for details on address construction.

(6)

The sender_address is your userid(or Mailbox ID)-SEND. The receiver_address is your inbound mail slot. (See Address Construction for details). For Example, you can use the following command:

QUOTE SITE parm=sa=AAA12345-SEND;ra=DEFT-DEFT80-A

The above means that you are sending an 80 byte EFT file from your mailbox ID AAA12345.

3. The final step to send a file is to use the PUT command.

In the example below, a file named “testfile.dat” located in C:\temp directory will be used. This file will also be sent in binary mode. The command to send this file would appear as:

PUT C:\temp\testfile.dat

As a result there will be four commands

cd /send binary

QUOTE SITE standard=none

QUOTE SITE parm=sa=AAA22755-SEND;ra=DEFT-DEFT80-A PUT C:\temp\testfile.dat byparm

In the example above, a file named “testfile.dat” located in C:\temp directory will be sent. This file will also be sent in binary mode.

If you are experiencing problems with the above QUOTE SITE commands, such as, “Bad command or it is not implemented here”, use the following user ID syntax on the FTP login prompt:

ADW12345@iftp.am.gxsics.com , instead of just ADW12345 - where ADW12345

is your mailbox ID provided by IS.

R E C E I P T F I L E

Important: The following Receive address is provided in order for you to confirm whether the

file was transmitted. The address has the following format: mailbox-RECEIPT

This address is used to receive a receipt, providing you with information on whether or not a Sent transaction was delivered successfully. These files are text-based and contain a single line without record terminators and should be readable on either Unix or Windows platforms. The receipt message indicates that BMO has received your file successfully and will convey it to the appropriate product (e.g., EFT).

Note: to verify that your file has been successfully processed by the appropriate product, please check any output reports or files generated.

(7)

Receiving Files and Reports

Any product files or reports that you expect to receive from any BMO service such as EFT, can be delivered electronically to you via the FTP transmission service.

O U T B O U N D ( F R O M B M O ) M A I L S L O T S

BMO will send your reports and files to your mailbox. Depending on the number of services you have with us, you may have more than one outbound mail slot (also known as trading

relationship). Your outbound mail slot consists of the following: • Mailbox ID – provided by the IS

• Application name – provided by the IS

• Application document type – provided by the IS

• File encoding – provided by you when implementation was requested.

BMO will send your files / reports to one of the outbound mail slots. For example, if you are set up to receive EFT reports or files your mail slot will look as follows:

AAA12345-DEFT-WINTESTE20RPT-A – where AAA12345 is your mailbox ID, EFT is the application name, WINTESTE20RPT is the document type, and A is

encoding.

The above mail slot will be receiving reports from the EFT system in ASCII format. Refer to

Appendix B for available file encodings.

Please work with your IS to get details of all of your outbound mail slots (or trading relationships).

L I S T I N G R E C E I V E D F I L E S

The following section will describe commands that can be used to obtain a listing of messages in your inbox that corresponds to what you have received from BMO.

1. You must first change to the /receive (inbox) area in ICS. The command used to perform this change is:

cd /receive

2. The FTP transmission service provides a way to filter the listing based on your outbound mail slot. Using the filter feature, you can obtain a listing of your inbox, and only display files received by a specific mail slot. The following command is used to define this filter:

QUOTE SITE parm=ad=filter_address

The filter_address is replaced by any one of your mail slots. For example, to see what Receipt messages have been received, the following filter is set:

QUOTE SITE parm=ad=AAA12345-RECEIPT

(8)

To see only EFT reports:

QUOTE SITE parm=ad=AAA12345-DEFT-WINTESTE20RPT-A

3. Once this command has been accepted by the service, you can then request a list of files based on this filter by using the command:

dir byparm

This tells the server to use the filter (parm) to generate a directory listing.

4. Therefore to list a file for a specific mail slot you will need to perform the following commands:

cd /receive

QUOTE SITE parm=ad=AAA12345-RECEIPT (or any other mail slot) dir byparm

The matched files will be listed e.g.

Detail: "Sender ILOG IC Control# Sent (GMT) Mfile" Detail: "BMOCOM-SEND 08031488350 03AUG05|14:53 M8300744" Detail: "BMOCOM-SEND 08031488767 03AUG05|14:53 M8300745" Detail: "BMOCOM-SEND 08031489150 03AUG05|14:53 M8300746"

The content is normally displayed showing the sender, date and time, and what is termed the Mfile. The Mfile is named uniquely by the service and does not reflect the file name given by BMO. Your mail slots allow you to identify relevant files and reports.

If you are experiencing problems with the above QUOTE SITE commands, such as, “Bad command or it is not implemented here”, use the following user ID syntax on the FTP login prompt:

ADW01234@iftp.am.gxsics.com , (instead of just ADW01234) - where ADW01234 is

your mailbox ID provided by IS.

R E C E I V I N G F I L E S

The process of receiving content/files uses the same QUOTE SITE parm command as described in the Listing Received Files section. However, in order to actually receive the messages instead of just listing them, the GET command must be used. The GET command shown below will download all messages/files based on the QUOTE SITE filter set. The messages/files will be stored in separate files based on the Mfile name. The command used is:

GET byparm

If no files are found, nothing will be downloaded.

You may also wish to download files received by a specific mail slot and store them in a unique folder. This can be accomplished by appending the folder (destination) to the GET command used above.

Since files will be downloaded to different locations based on the three addresses shown above, the following commands will be needed:

cd / receive

QUOTE SITE parm=ad=AAA12345-DEFT-WINTESTE20FLE-A GET byparm “D:\Program Files\Inbox\WINTESTE20FILES”

(9)

If you are experiencing problems with the above QUOTE SITE commands, such as “Bad command or it is not implemented here”, use the following user ID syntax on the FTP login prompt:

ADW01234@iftp.am.gxsics.com , instead of just ADW01234 - where ADW01234

is your mailbox ID provided by IS.

(10)

Appendix A – Secure FTP SSL

Client Questionnaire

S E C T I O N I : BA S I C I N F O R M A T I O N A B O U T Y O U R C O M P A N Y

Company Name:

Company Business Contact Name: Company Business Contact Phone: Company Business Contact Fax: Company Business Contact Email:

Company Address:

City:

Zip/Postal Code:

Country

Online Banking for Business

Customer ID (if known)

Other Customer Contacts

Technical Contact Name: Technical Contact Phone:

Technical Contact Fax:

Technical Contact Email: Desired Production Date:

DD/MMM/YYYY

Please list services to which you want to enable file exchange (e.g. EDI, BAI, DEFT, etc.)

SE C T I O N I I : G X S M A I L B O X I N F O R M A T I O N:

1. Do you have an existing mailbox on the GXS Interchange Service platform and would you like to use it?

YES, enter mailbox ID

NO, proceed to the next question

(11)

2. Would you like the same files/reports delivered and shared with multiple mailboxes (i.e. users), e.g., multiple divisions within your company that require separate access? Additional fees apply.

--- If NO, proceed to Section III.

3. Please provide your GXS mailbox Ids (if they exist) for multiple mailbox delivery. If no mailboxes are currently set up, indicate the number of required mailboxes.

- Use this field to fill in other mailbox Ids (if you answered Yes in question 1).

4. Would you like all files and reports delivered (shared) to multiple mailboxes or only to specific ones (e.g., specific EFT reports, EDI files, etc)?

---If only Specific product option selected, fill in the following:

Enter product(s)

SE C T I O N I I I SE C U R E F T P ( S S L ) I N F O R M A T I O N

Please provide the Secure FTP (SSL) software you want to use with this service.

Software Version

Important: Refer to Appendix C in the Secure FTP SSL User Guide to review the list of certified software for this service.

Indicate file encoding (See Appendix B in the User Guide for encoding description)

Inbound file to BMO

A (ASCII) E (EBCDIC)

Outbound files from BMO

W (WINDOWS) - CR (Carriage Return) and Line Feed (LF). This means that the record terminators within the application files on the windows platform are CRLF.

A (ASCII) - The default delimiter on Unix platform is Line Feed (LF). This means that the record terminators within the application files on the Unix platform are LF

E (EBCDIC) - Mainframe format

Indicate if you require PGP and / or file compression (WinZip)?

NOTE: These are optional features and they

are not required to exchange files with the Bank

PGP file encryption WinZip file compression (not recommended for files less than 20 Mb).

Additional Notes:

(12)

Appendix B - Definitions

F I L E E N C O D I N G

BMO supports several file encoding types. These are:

W: Windows (ASCII machine) – This encoding can be used in Outbound transmission from BMO ONLY.

The default delimiter on the Windows platform is CR (Carriage Return) and Line Feed (LF). This means that the record terminators within the application files on the windows platform are CRLF.

A: Unix (ASCII machine).

The default delimiter on Unix platform is Line Feed (LF). This means that the record terminators within the application files on the Unix platform are LF.

E: Mainframe (EBCDIC machine).

There is no specific character as the record delimiter on mainframes (Unisys or IBM). The encoding of the data is EBCDIC. While sending and receiving files from the mainframes, no data conversion needs to be performed.

O T H E R D E F I N I T I O N S

• Mailbox – This is your user ID on the Secure FTP service.

• Mail slots (or trading relationships) – Mail slots belong to a mailbox and are used to receive various Cash Management files and reports. BMO sends your files and reports to an appropriate mail slot. By using mail slots, you can easily identify the application to which your files and reports belong.

(13)

Appendix C – Certified Secure

FTP software

Secure FTP connectivity helps to provide secure, authenticated and encrypted communications that enable clients to exchange files with BMO. Secure FTP connectivity allows various business documents to be exchanged by means of File Transfer Protocol (FTP, specification RFC 959) over the Internet using Secure Sockets Layer (SSL)/Transport Layer Security (TLS).

To date, the following Secure FTP software products have been certified by GXS* for connectivity to this service:

• Cleo Lexicom 2.1

• New Bridges ZMOD FTP Client V3R1 PTF Level PFT3100034 • QualEDI for Windows, 32-bit version

• Ascential DataStage TX, Release 7.5

• Future 3 – Advanced Communication Module Plus (ACM Plus) • eBridge FTPS Communicator for GXS version 5.3

• Inovis BizConnect Software, version 3.0.2.361

• Seeburger Business Integration Server (BIS) Version 5.5.1

Please note: software certification to access this service is performed by GXS.

* This list does not imply any endorsement or warranty by Bank of Montreal.

References

Related documents

Both SSL and SSH enhance the security and reliability of file transfer by using encryption to protect against unauthorized viewing and modification of high risk data during

the self-signed certificate or pre-installed certificate onto Windows Vista ® , Windows ® 7 and Windows Server ® 2008 for users with administrator rights uu page 12 or Installing

• The second step is to indicate the receiving application or inbound mail slot where you need to send a file.. In the previous example we used DEFT-DEFT80-A: as a

1961 Cordless drill.. planers, band saws — are only part of the machine tool revolution that transformed home workshops. Portable power tools are, of course, far more common. Many

Glorious is the life of the wise one, who is free from expectation, free from attachment for children, wife and others, free from desire for the objects of the senses and free from

shtrohet pyetja si mund te ekzistojnë dy elemente krahas dhe çfarë është raporti mes tyre. V BAZAT TE CILAT E PËRJASHTOJNË VEPRËN PENALE Nëse kundërligjshmëria

(Refer to “Generate a Self- Signed Host Certificate with the Web browser interface” on page 7-13.) You may be using a reserved TCP port. Enable SSL on the Switch and Anticipate

The External IT contact is the person(s) on the external client side who will possess the necessary IT skills to assist the MoH SFTP Service Consultant in setting up the SFTP