High-End Security and High-Availability

Security and compliance are primary concerns for every business.  But months of implementation and consulting services may not fit your timeline or your budget.  Cornerstone is an enterprise-class Managed File Transfer solution that can provide High Availability, integrate with existing authentication systems, and achieve security and compliance standards.

Highest Security

  • PGP encrypts at-rest data without leaving data temporarily unsecured.
  • Thwarts hackers by closing inbound firewall ports and automating events.
  • Supports two-factor authentication using eTokens and WebDrive client.

Enterprise Performance

  • Load-balancing support and scalable, multi-server clustering and fail-over.
  • Increases file transfer speeds with top-line data compression.
  • Event Management System and automation to distribute work volume.

Regulatory Compliance

  • Complies with FIPS 140-2
  • HIPAA compliant storage and transfer
  • Sarbanes-Oxley

Cornerstone’s rapid onboarding speeds you back to business, employing a software-only solution within your existing architecture. Cornerstone’s pricing is competitive enough that it is often purchased without an RFP.  And the implementation process is easily done by your existing staff, or with minimal consulting services.

Secure Your Transfers, Your Network and Your Data

Secure file transfer only solves a piece of your data security and compliance requirements.  There are other considerations that, if overlooked, can result in costly compliance violations or data security breaches.

Securing the files on your server

When files are stored on your server, there is still a need to assure that they are protected from unauthorized access.  Cornerstone’s Real-time PGP encrypts the files on your servers with the highest industry-standard encryption.  This process avoids interim steps that the unencrypted data to the disk.  Cornerstone encrypts that data on the fly so that it is never exposed, and does not require additional steps to sanitize deleted data.

Securing Access to your Network

Preventing unauthorized access to your network, without increasing complexity for you users and IT department, is easily accomplished with Cornerstone.  Using a combination of perimeter security and two-factor authentication, risks of network breach are greatly reduced.

Perimeter Security with DMZedge.  To keep unauthorized users out of your network, the optional DMZedge server, used in with CornerstoneMFT, enables you to close inbound ports on your firewall, opening a dynamic outbound connection to service user requests.

Two-factor Authentication e-tokens.  Text passwords can be easily broken, and users frequently write them down or share them.  CornerstoneMFT, used in conjunction with WebDrive, adds a second layer of authentication security – one that is not easily compromised.

Securing File Transfers

When files are uploaded or downloaded from your server, you need the assurance that they are safe from unauthorized access.  This is especially important if you store financial or healthcare data.  Cornerstone secures your files transfers using your choice of secure protocols.  You can use SFTP or run FTP or WebDAV through an SSL encrypted connection.

Cornerstone can require all connections to the server to be secure, refusing any unsecure connections.

Supported Protocols

SFTP (SSH File Transfer Protocol)  [Enterprise Edition Only]

  • Supports SSH file transfer protocol versions 3 through 6.
  • Transfers all information over an encrypted channel.
  • Provides full SFTP support based on SSH-2 protocol.
  • Adheres to the IETF’s Internet Draft draft-ietf-secsh-filexfer-09.txt

FTPS (FTP with SSL/TLS) 

  • Supports SSL v3.0 and TLS v1.0 (SSL v3.1).
  • Transfers all information over an encrypted channel.
  • Uses Explicit FTPS (AUTH SSL/TLS) or Implicit FTPS to secure file transfers.

HTTP and HTTP/S

  • Cornerstone includes an intuitive web interface, files can be transferred using HTTP
  • HTTP over SSL is supported for secure, browser-based transfers

WebDAV and WebDAV/S

  • Cornerstone offers WebDAV to facilitate collaboration
  • When used with WebDrive client, Automatic or manual file locking is supported
  • WebDAV over SSL is available for secure transfers

AS2

  • Cornerstone supports AS2 protocol
  • Ensures the secure interchange of information between trading partners
  • Support for MDN, Message Disposition Notification, allowing the original sender to know that the message was received
  • Filename preservation

 

 

 

Case Studies

Children’s National Medical Center

As a healthcare provider, privacy and security are always a high priority. In addition, the legacy FTP server that Children’s National had been running needed more management functions and increased flexibility. A more powerful, flexible and secure solution was identified as the strategic direction for the hospital. The solution needed to provide scheduled transfers, advanced logging and compliance with FIPS and HIPAA.

Learn how this world-renowned children’s hospital uses Cornerstone for compliant storage and transfers.

Datalogix

Datalogix receives thousands of gigabytes of data each month from member companies. Member companies transmit sales transaction data through file transfers that can range from several hundred megabytes to several thousand gigabytes.

The need for a secure file transfer platform was identified as one of the key requirements for Datalogix, but the solution also had to be easy to manage and configure. In addition to security, automation capabilities and the mechanisms to manipulate in-bound files were required. The solution also had to integrate well with the internal workforce, allowing an easy integration with existing user authentication systems.

Learn more about how this leading marketing information firm uses Cornerstone for high throughput and automation.

Bancolombia

Cornerstone secures banking data and provides high availability for this South American Bank

 

DMZedge Server

overview

The DMZedge Server enables you to close inbound ports on your firewall, reducing the risk of network intrusion and enabling the highest level of security for both data storage and transfers. When combined with the Cornerstone MFT Server, the DMZedge Server uses a two-way connection originating from the Secure MFT that is inside of the firewall on your corporate LAN. The DMZedge works as a communication proxy, replacing unsecure inbound connections from the Internet to your internal network.

How DMZedge Works

The DMZedge Server works as a proxy between users on the Internet and your secure corporate LAN. DMZedge Server resides in the Demilitarized Zone (DMZ) – outside of your corporate firewall. The Cornerstone MFT Server that resides on your network initiates a session with the DMZedge through a secure outbound connection. All incoming client requests and data are forwarded to the back-end server through a connection that has already been established between the MFT Server and the DMZedge Server. The MFT servers reside securely behind your corporate firewall, although ease of access for your end users is as simple as if the servers were in your DMZ. Data storage and authentication take place on the back-end server, and no inbound ports are opened through your firewall.

Cornerstone Users Say

The design of the Cornerstone MFT solution provided us with greater security
which assists us in meeting our regulatory requirements.
Frederick Curry
Director of Information Security
Children’s National Medical Center

Get Started

Evaluate Cornerstone in your own environment, with your own files and authentication services. Your Pilot implementation can easily be converted to a live production system.

System Requirements

Operating System

Cornerstone MFT is supported on both the 32- and 64-bit editions of Windows.

  • Windows Server 2003
  • Windows Server 2008
  • Windows Server 2012

Disk Space

  • Minimum 100MB free disk space for product and caching space
  • Minimum 100MB free disk space for each server configuration

Processor

  • 2GHz Pentium class or better

Memory

  • Recommended 8GB RAM
  • Minimum 4GB RAM

Resolution

  • Minimum SVGA (800×600) for Administration program