VitalSigns for FTP

The architecture of VitalSigns for FTP comprises several key components designed to provide secure and auditable FTP file transfers on z/OS. The core components include the FTP Monitor, Security Interface, Audit Logger, and Configuration Manager. The FTP Monitor is responsible for intercepting and analyzing FTP traffic.

It monitors all FTP sessions, capturing relevant data such as user IDs, file transfer commands, and data transfer rates. The Security Interface integrates with existing security systems like RACF, CA ACF2, and CA Top Secret. This component handles authentication and authorization, ensuring that only authorized users can access FTP resources.

The Audit Logger captures all FTP activities, including user logins, file transfers, and security-related events. The logs are stored in a secure format and can be used for security analysis, compliance reporting, and troubleshooting. The Configuration Manager provides a command-line interface (CLI) for configuring the product.

Administrators can use the CLI to configure security settings, manage user access, and monitor FTP activity. Communication between components occurs through internal APIs and system calls. The FTP Monitor interacts with the Security Interface to validate user credentials and permissions.

The Audit Logger receives data from the FTP Monitor and Security Interface to record all FTP transactions. The product uses standard FTP protocols for file transfers and FTPS (FTP over SSL/TLS) for secure communication. The configuration files store settings for security integration, logging, and monitoring parameters.

The product does not use a database for storing data; instead, it relies on the z/OS system for file storage and security integration.