Last time, we talked about the benefits of AS2 and why you might need it for your business. In order to transact through AS2, you'll need an AS2 server. In this article, we will go into more detail about what an AS2 server is and why it might be a good choice for your organization.
An AS2 server is basically a piece of software that allows you to exchange files or electronic business documents with a trading partner via the AS2 protocol. In its most basic form, an AS2 server has two main functions:
The ability to receive AS2 messages/EDI documents and the ability to send AS2 messages/EDI documents.
The illustration above shows you what receiving AS2 Messages or EDI Files looks like.
The illustration above shows you what sending AS2 Messages or EDI Files looks like.
AS2 Server Supported Features of the AS2 Protocol:
An AS2 server should be able to support the basic features of the AS2 protocol, including:
HTTP/HTTPS - AS2 messages are always sent over HTTP or HTTPS (secured by SSL/TLS). This is the same protocol used by websites and one of the main reasons why AS2 is more cost-effective than VANs.
Recommended read: Taking Advantage of SSL/TLS Security When Running AS2 On HTTPS
Data-In-Motion Encryption - Although optional, encryption preserves the confidentiality of sensitive data in AS2 messages as they are transmitted across the Web. Properly encrypted AS2 messages can make it impossible for an attacker to acquire sensitive information even if they are able to intercept the messages during transmission.
Recommended read: Tips for Setting Up an AS2 Encryption
Digital Signatures - Although also optional, digital signatures enable businesses to enforce security functions like host authentication, data integrity, and non-repudiation. When you apply digital signatures, you'll be able to:
- Ascertain that the trading partner who sent you a message or file is in fact the entity it claims to be (authentication);
- Determine whether the message received by the recipient is in fact the message sent by the sender and not altered along the way (data integrity); and
- Prevent a sender from disowning a transmission sent in the past (non-repudiation).
Recommended reads on digital signatures:
AS2 Message Tutorial on Applying Digital Signatures
Applying Digital Signatures on AS2 MDNs
Message Disposition Notification (MDN) - Like encryption and digital signatures, MDNs are optional. However, just like the other two, MDNs add to the security of AS2. It's highly recommended to enable these features for your AS2 transfers to be truly fit for business transactions. MDNs are important because they act as electronic receipts.
Recommended read: What is an AS2 MDN?
X.509 Digital Certificates - Before carrying out any AS2 transaction, trading partners will want to share their X.509 digital certificates with one another. These certificates will have to be loaded onto the AS2 server, which will then use it to authenticate the certificate's owner when it requests a connection.
Recommended read: Setting Up Client Certificate Authentication On An AS2 Server
Just basic characteristics of an AS2 server
These are just the basic features of an AS2 server. Almost all AS2 servers in the market will be able to provide you with these capabilities. But if you want something that will give you a good return on your investment, there are other qualities you need to look out for as well. In our next post, we'll talk about the qualities that should characterize an AS2 server that would fit your business needs.
Because it is important to remember, just because a provider has all of the basic features, doesn't mean it's the right fit for your business. There are many other considerations to take in effect such as security, compliance, support, supported operating systems, etc.
Next post: What are the benefits of an AS2 Server?
Try a free AS2 Server
To acquire an AS2 server, you might want to give a free fully-functional AS2 server a test run first. JSCAPE MFT Server is a managed file transfer server that supports AS2 and several popular file transfer protocols like FTPS, SFTP, and OFTP. In addition, JSCAPE has a cloud offering called MFTaaS that allows you to have us manage all of the complicated infrastructure for your transfers.
It comes with a powerful auto-enabling module that makes it easy to set up automated EDI transactions and a host of security features that augment the built-in security functions of AS2. More importantly, JSCAPE's AS2 Server is Drummond Certified. This means it has passed rigorous testing for reliability and interoperability with other certified AS2 solutions.
JSCAPE MFT Server's Starter Edition is a FREE download allowing you to test AS2 data exchanges to see if it fits your organization well.
Download JSCAPE MFT Server Trial