Last time, we talked about the benefits of AS2 and why you might need it for your business. In order to transact through AS2, you'll need an AS2 server. Here's what it is.
An AS2 server is basically a piece of software that allows you to exchange files or electronic business documents with a trading partner via the AS2 protocol. In its most basic form, an AS2 server has two main functions:
The ability to receive AS2 messages/EDI documents and
the ability to send AS2 messages/EDI documents.
In addition, an AS2 server should be able to support the basic features of the AS2 protocol, including:
HTTP/HTTPS - AS2 messages are always sent over HTTP or HTTPS (secured by SSL/TLS). This is the same protocol used by websites and one of the main reasons why AS2 is more cost-effective than VANs.
Recommended read: Taking Advantage of SSL/TLS Security When Running AS2 On HTTPS
data-in-motion encryption - Although optional, encryption preserves the confidentiality of sensitive data in AS2 messages as they are transmitted across the Web. Properly encrypted AS2 messages can make it impossible for an attacker to acquire sensitive information even if they are able to intercept the messages during transmission.
Recommended read: Tips for Setting Up an AS2 Encryption
digital signatures - Although also optional, digital signatures enable businesses to enforce security functions like host authentication, data integrity, and non-repudiation. When you apply digital signatures, you'll be able to:
- ascertain that the trading partner who sent you a message or file is in fact the entity it claims to be (authentication);
- determine whether the message received by the recipient is in fact the message sent by the sender and not altered along the way (data integrity); and
- prevent a sender from disowning a transmission sent in the past (non-repudiation).
Message Disposition Notification (MDN) - Like encryption and digital signatures, MDNs are optional. However, just like the other two, MDNs add to the security of AS2. In fact, it's highly recommended to enable these features in order for your AS2 transfers to be truly fit for business transactions. MDNs are important because they act as electronic receipts.
Recommended read: What is an AS2 MDN?
X.509 digital certificates - Before carrying out any AS2 transaction, trading partners will want to share their X.509 digital certificates with one another. These certificates will have to be loaded onto the AS2 server, which will then use it to authenticate the certificate's owner when it requests a connection.
Recommended read: Setting Up Client Certificate Authentication On An AS2 Server
Just basic characteristics of an AS2 server
These are just the basic qualities of an AS2 server. Any AS2 server in the market will be able to provide you with these capabilities. But if you want something that will give you a good return on your investment, there are other qualities you need to look out for as well. In our next post, we'll talk about the qualities that should characterize an AS2 server that would fit your business needs, so stay tuned for that.
Try an AS2 server for free
If you're looking to acquire an AS2 server, you might want to give a free fully-functional AS2 server a test run first. Check out JSCAPE MFT Server. JSCAPE MFT Server is a managed file transfer server that supports AS2 as well as several popular file transfer protocols like FTPS, SFTP, and OFTP.
It comes with a powerful auto-enabling module that makes it easy to set up automated EDI transactions as well as a host of security features that augment the built-in security functions of AS2. More importantly JSCAPE's AS2 Server is Drummond Certified. Meaning, it has passed rigorous testing for reliability and interoperability with other certified AS2 solutions.
JSCAPE MFT Server's Starter Edition is a FREE download that allows you to test AS2 data exchanges to see if it's a good fit for your organization. You can try it out now by clicking the download link below.