Sdts Guide V2 0 473e12

SDTS Guide ITS Global May 2014

Glossary 1

Introduction

4

1.1

Audience

4

1.2

Conventions Used in this Document

4

2

Best practices

5

2.1

Transferring very large files

5

2.2

Splitting files

5

3

Accessing SDTS

6

4

Using the SDTS Web Interface

7

4.1

Logging In

7

4.2

Forgotten

8

4.3

Transferring Files

10

4.4

Stopping and Resuming a Transfer

12

4.5

Changing a

12

4.6

File Options

12

4.7

Deleting a File

13

5

Logging Out

14

5.1

Manual Log Out

14

5.2

Automatic Log Out

14

6

Automated file transfers

15

7

Using SecureFX to transfer files

16

7.1

First Logon

16

7.2

Resume up- or s

24

7.3

Delete files

24

7.4

Transferring multiple files at once

24

1

7.5 7.5.1 7.5.2 7.5.3 7.5.4 7.5.5

SecureFX behaviour option Drag & Drop from other windows Transferring different file-types Session disconnect Closing SecureFX

26 26 27 28 29 30

2

Document review and approval Revision history Version

Author

Date

Revision

1.0

Remko Feenstra

November 13, 2013

Draft

2.0

Daniel Valcq

November 19, 2013

Draft

3.0

Remko Feenstra

November 27, 2013

Draft

4.0

Remko Feenstra

March 24, 2014

Draft

This document has been reviewed by Reviewer

Date Reviewed

1.

Daniel Valcq

November 21, 2013

2.

Jason Jennings

November 22, 2013

3. 4. This document has been approved by

1.

Name

Date Approved

Jason Jennings

November 22,2013

2. 3. 4. 5.

3

1

Introduction

The Secure Data Transfer Service (SDTS) is a requirement from the business (Audit, Tax and ITS Global) to securely exchange large amounts of data between clients, vendors, etc., and KPMG, and vice versa. The service described in this document s different levels of authentication and authorization, and is capable of handling significant file sizes (in gigabytes). This application is browser-driven and is located in each of the three global datacentres. The SDTS services offered are: Shared Folder: A shared folder is a folder used between multiple s for file transfer. Automated or manual transfers: SDTS is capable of performing automated transfer and routing of files. Files can be fetched from one remote server (pull) and transferred to another remote server (push). Transfer can take place according to a schedule or on event driven basis. The focus of this document is on shared folders, as this is the most commonly used service.

1.1

Audience

s of the SDTS service who own an for file transfer. This document provides step by step instructions on how to use the SDTS service, using the web interface and SecureFX.

1.2

Conventions Used in this Document

Table 1 lists the conventions used throughout this document. Table 1: Typeface Conventions Convention

Description

Click OK to continue.

All button text is bolded.

When referring to menu items, the word ‘Select’ is used as Select View, Toolbars and Standard from the menu bar. the command, with the menu items bolded and separated by a comma. Click OK to continue. When referring to window buttons, the word ‘Click’ is used.

4

2

Best practices

This application is only a file-transfer service and not a file-storage facility. The SDTS Web interface only s file sizes up to approximately 1-2 Gbyte. If you need to transfer files larger then 1-2 Gbyte or encounter transfer issues of files larger then 1 Gbyte you should use an SFTP client such as SecureFX. Please refer to chapter 7 Using SecureFX to transfer files. The SecureFX client is commercial software and would need to be purchased. There are many free alternatives such as FileZilla. It is not possible for this document to cover the required configuration for all the various SFTP software packages available. It is strongly recommended you refer to the vendors documentation to assist with the configuration. Please be aware that there may be proxy servers that are in between you and the SDTS server which may have time-out settings configured that will prevent the transfer of large files. The time-out on the SDTS server web-server will transfer of files up to 1-2 Gbyte (depending on the actual transfer speed).

2.1

Transferring very large files

If you need to transfer huge files (over 5 Gbyte) you may want to consider splitting the file into smaller parts. Using concurrent transfers may improve your transfer time significantly (depending on the available bandwidth and latency). When using the web-interface you should split large files in parts of 1 Gbyte or smaller and transfer the files using multiple concurrent sessions (not more the 4 concurrent sessions). You can open multiple browser windows to do so. When using an SFTP client (like SecureFTP) you should split the file into 4-6 chunks. You can then transfer the chunks concurrently (see the SecureFX manual in this document). Using more than 4 concurrent sessions will in general not improve transfer speeds (depending on latency and available bandwidth).

2.2

Splitting files

You can split files using various tools. KPMG’s standard is Winzip. You can use the Winzip command line add-on to split (and encrypt) a file in smaller parts. The Winzip command line add-on is not installed by default, you can it at: http://www.winzip.com/prodpagecl.htm

5

3

Accessing SDTS

This document contains information on accessing SDTS, using the web based client and the SecureFX client. The web based client offers a friendly way to manage your documents. When more functionality is required, please use a SecureFTP client.

6

4

Using the SDTS Web Interface

Standard access to the Secure Data Transfer Service (SDTS) application is via a web browser window. Files can be transferred from any browser that can connect to the Internet.

4.1

Logging In

To to the application: 1

Open a web browser window and navigate to the Secure Data Transfer Service application appropriate to your region; https://sdts.amr.kpmg.com/ (Americas region) https://sdts.aspac.kpmg.com/ (Asia Pacific region) https://sdts.ema.kpmg.com/ (Europe and Middle East region)

2

The page is displayed:

3

Enter a valid name and . If this is the first time the name and are being used, a further page is displayed, requesting the be changed before proceeding further. If you have forgotten your , please refer to section 4.2 If this is the first time you are accessing the SDTS environment, you will need to accept certificate trusts the first time they into the SDTS.

4 5

7

6

Click continue

7

Once successfully logged in, the Welcome page is displayed, showing the Home directory to which you are subscribed to see.

4.2 1

Forgotten

If you have forgotten your sowrd, click on the “Forgotten Your ?” link. This will provide the option to put in an email address so that a new temporary can be sent to you via email.

8

2

Please click on reset . You will receive an email with a link in it as highlighted below

3

Please click on this link which will redirect you to a web page indicating that an email with the your new (temporary) will be sent shortly as seen below.

4

The web page can now be closed. It can take a few minutes for the email to arrive.

9

5

Once the email is received, please take note of the temporary and click on the link to start the process. You will be taken to the page where you must change the temporary , to make a new permanent . Please be aware of the strength requirements for the new .

6

Once the has been successfully changed, you are requested to re-authenticate by logging back in again, using the new .

4.3

Transferring Files

To a file to the shared folder on SDTS: 1

Click on the Browse button, a dialog box appears allowing the to browse for the files they wish to .

10

2

The file can then be ed by clicking on the Open button seen at the bottom of the dialog box.

Note: Files should be ed to the shared folder only, not the Home directory. The Home directory is only available via your thus cannot be shared with other s. Only shared folders are shared with other nominated SDTS s. 3

Click File

On your screen you can see now that your file has been ed. You can see the name, size,date and time.

11

Note: The time is dependent upon various factors, including the size of the file and the available network bandwidth. SDTS has an optional feature where an e-mail notification is sent to a specified e-mail address once a file has been successfully ed; a notification can also be sent if the transfer fails.

4.4

Stopping a Transfer

Due to certain circumstances, it may be necessary to temporarily stop a file transfer. SDTS allows file transfers to be stopped as required. Go to the tab and this will stop the transfer.

4.5

Changing a

To change the of your while is currently logged in, click My on the Welcome page. A new tab will be opened allowing you to change your . To abort the changing of the , close the tab.

4.6

File Options

Before you can use the file options, actual files (and not folders) must be available; i.e. files must have been previously ed to the server. 1

When logged in, the My Files tab will be present, this tab displays the files which were previously ed.

2

To a file, click the box (you can choose more then one file) before the filename and click on the

button

12

3

A new window will open allowing you to browse to the location where the file is to be saved. If you wish to open the file from SDTS, it can be double clicked.

Transfer Mode: You can change the transfer mode between binary or ascii in the start screen located on the top right. It is possible to also change the in this screen. Binary transfers are the most common.

4.7

Deleting a File

A file can be deleted by simply clicking on the box before the file and pressing the delete button

13

5

Logging Out

There are two ways in which a can exit the application: Manual or Automatic.

5.1

Manual Log Out

To manually log out of the application: Click and you are redirected to the page again.

5.2

Automatic Log Out

For security purposes, the SDTS application has a timeout period. If a session is idle for a predetermined period, the session is automatically logged out.

14

6

Automated file transfers

When you use automated file transfers you need to SecureFX (see next chapter). Because there is no use for email the webpage is different, for this we use Jelly Ball.

This shows the option to browse locally for the file, just click file to transfer the file to the server. You can delete files by using the delete button. ing ed files is done by the button.

15

7

Using SecureFX to transfer files

The Van Dyke SecureFX client is the de-facto standard within KPMG to securely transfer files. SecureFX is a fast and reliable option to transfer files larger than 1 Gb. This chapter will explain the usage of SecureFX to transfer files. This manual does not discuss installation of SecureFX, it assumes you have SecureFX already installed. Note: Please be aware that SecureFX will not function through proxy-servers, you need a direct Internet connection in order to connect to an SDTS server. All servers in the Global Data Centre can connect directly to a SDTS server, please the Global Helpdesk for the correct internal DNS names.

7.1

First Logon

When opening SecureFX you will be presented the following window:

To create a session click on New session You will be presented with a new dialog box

16

Select SFTP as the protocol and click Next.

Type the SDTS site you want to connect to (sdts.ema.kpmg.com, sdts.amr.kpmg.com or sdts.aspac.kpmg.com), port 22 is the default port number. If you are working from servers within one of the Global data centres you should the Global Helpdesk for the correct DNS name to use. Click Next.

17

Enter your name given by the (this is your IID or email address). Optionally you can enter your , for security reasons this is not recommended. Click Next.

Fill in the initial directory, or enter “/”, click next.

18

Fill in a session name and a description (whatever you prefer) and click Finish.

The session will be displayed in the Connect window. To connect select the session and click on Connect.

19

If this is the first time you connect to the SDTS server you will be prompted to accept the host key, please click Accept & Save. The following popup is displayed, click OK:

If you have not filled in your name or you will be presented with a logon box, please enter your name and and click OK.

20

The directory-structure on the SDTS server will be displayed, in order to simplify drag & drop you can tile the windows (horizontally or vertically) as shown in the next figure.

Click Window, Tile Horizontally.

21

To transfer files you can drag & drop them from one window to another, the transfer status window will be shown. Note: Per session you can only transfer one file at a time all though you can select the window again you cannot drag & drop another file from and to the SDTS server window until the transfer is completed. If you do so you will be prompted with various error messages. Please see section about transferring multiple files at once.

If the file exists on your local machine you will be prompted and you have the option to rename it or overwrite it before it is ed.

22

Click No if you do not want to cancel the , Rename if you want to rename, Yes if you want to overwrite the file.

If the files exists on the remote SDTS server you will be prompted and you will have the option to overwrite (Yes) or cancel (No) the .

23

7.2

Resume up- or s

SecureFX has the option to resume broken or canceled s, please ensure that the file you resume is the exact same file and not another version with the same name. No checks are performed to guarantee this.

If the file is already partly ed or ed you will the option to resume the up- or . Click on Resume to do so.

7.3

Delete files

Delete files by selecting them and hit the Delete key or click on the X button

Click OK to delete the selected files, or Cancel to abort

7.4

Transferring multiple files at once

In order to transfer multiple files concurrently (to reduce transfer time, improve performance over high latency links) you need to open as many sessions to the same server as you want to transfer files concurrently. The SDTS server will allow to connect more then one session per . It is advised to use no more then 4 concurrent sessions at a given time as more then 4 sessions in general will not improve file transfer times. In the example below we have opened 2 sessions. You can now drag & Drop one file from or to each session from or to the local window.

24

You will see 2 transfer status windows:

25

Please note that each separate window to the same server will display different information as the windows are not automatically refreshed.

In order ro update the windows you need to select the windows one by one and click the refresh button

7.5

SecureFX behaviour

This chapter will discuss some of the non-standard behaviour of SecureFX.

7.5.1

option

The option will not the file to the directory in the local window if you have entered a directory under Global options/Session options. in that case the directory will be used.

26

7.5.2

Drag & Drop from other windows

SecureFX only s Drag & Drop from an Explorer window to SecureFX. You cannot drag & drop files from SecureFX to an Explorer window.

27

You can only Drag & Drop one way.

7.5.3

Transferring different file-types

SecureFX will recognise certain file-types and transfer them in either ASCII or Binary mode. If you do not know you should use Binary mode. There could however be exceptions. How SecureFX handles a specific file type is configured in the Global options under the Options menu:

28

Options are:

•

ASCII

•

Binary

•

Prompt for type (Unknown: ask )

SecureFX will display the following prompt if it does not know the file type:

Select Binary and click OK if you do not know. When opening a remote file you can also be prompted:

Open it will the file and open it in (in this case) Powerpoint. Save it to disk will save the file locally

7.5.4

Session disconnect

Due to timeout or manual session disconnect you may loose your connection to the SDTS server. If the connection window in SecureFX is still open it will try and reconnect. You may be prompted with the following:

If you Drag & Drop files the Transfer status may indicate that it is Establishing a connection to the SDTS server (bottom line):

29

7.5.5

Closing SecureFX

When closing SecureFX you may be prompted if you want to close the open sessions, please be aware you will get one prompt per open session:

If you have 2 sessions open to the SDTS EMA server you will be see this prompt twice

30

us Jason Jennings Connectivity Services T +61 3 9288 5909 E [email protected]

www.kpmg.com

© 2013 KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are d with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. The KPMG name, logo and “cutting through complexity” are ed trademarks or trademarks of KPMG International Cooperative (“KPMG International”).