Host Identity Verification for Secure File Transfer
Data in transit faces a number of threats over public networks, so a number of protections are needed to ensure the security and integrity of your data. In addition to data encryption, VanDyke Software's secure file transfer client, SecureFX®, uses host identity verification to safeguard your file transfer operations.
Some hacks entail an attacker establishing independent connections with a local system and host server. In a man-in-the-middle attack, all messages sent between the two are intercepted; data may be relayed or an altered message may be substituted, but the victims of the hack are not aware that they are not communicating with each other directly.
Man-in-the-middle attacks may be mitigated by host identity verification—a means by which a server "proves" its identity to a client and a client may verify that the remote system is "known".
Host Identity Verification with SSH
The SSH protocol uses host keys for server identity verification. Host keys operate similarly to public and private keys used to authenticate logon credentials, but host keys are used to verify the host to the local/client machine. Rather than a new key being generated at the initiation of each new session, a host key is persistent. (It is important to note that to provide protection from man-in-the-middle attacks, proper validation must take place. Clicking "Accept and Save" without actually verifying the fingerprint of the host key with the server's administrator when connecting to a remote server for the first time does not properly validate the host. See our white paper for more information.)
Host Identity Verification with FTP over SSL
The FTPS protocol uses X.509 certificates for server identity verification. An existing PKI (Public Key Infrastructure) needs to be in place for such validation to be successful.
SecureFX provides layers of security for your data in transit. The use of host keys supported by SSH servers and secure file transfer protocols effectively prevents man-in-the-middle attacks. Download SecureFX for a free 30-day evaluation. To get started:
Please contact us for assistance in finding the right solution for your organization.