ARP SFTP Server Logo     Secure SFTP & FTPS Server for the IBM i 

ARP-SFTP Server is a powerful and scalable high volume secure SFTP and FTPS server solution for the IBM i.   Unlike the servers available in the IBM i operating system, ARP-SFTP Secure Server runs natively and does not require the use of your PASE environment and most importantly, it doesn't require giving out valid IBM i logins in order to transfer files if you are using it for B2B file exchanges.   ARP-SFTP Server is comprised of two components:  (1) a native SSH server that is built upon OpenSSH and (2) a native FTPS server.  Both provide many security features lacking in IBM's SSH and FTP servers. 

Both the secure SFTP and FTPS servers let you create real and virtual file systems for both real (IBMi profiles) and virtual remote users.  You have total control of what an SFTP or FTPS client is doing when they connect and transfer files.  Furthermore, the ARP-SFTP Server allows you to register what users are allowed to connect via SFTP or FTPS and you can allow them access to either the QSYS side (DB2 files, save files, etc) or the IFS side of the IBM unlike the IBM SSH server which only allows binary transfers to/from IFS.  You can easily set up authentication in the ARP-SFTP Server to require password based or key based authentication or even BOTH.   Finally the ARP-SFTP Server solution supports MFA to ensure that any connection using real IBM i logins is required to authenticate themselves using MFA.  This is also important for companies who need MFA for cyber insurance.  Basically ARP-SFTP Server provides what IBM i users expect and need in secure SFTP servers. 

With ARP-SFTP Server you have the ability to build controlled environments for file exchanges.   You can build user virtual directories, configure if users manage directories within their virtual environment and attach user lists to specific server instances to be in complete control of how you exchange files with partners.  You can also ARP-SFTP Server has an abundance of API triggers that can be invoked before/after logins, commands, file exchanges and sessions.   Unmatched in security features ARP-SFTP Server provides whitelisting of partner IP addresses as well as hacker shutdown features like auto blacklist of IP addresses where the server has detected suspicous activity.  Other quality trademarks of ARP-SFTP Server that you see in all Arpeggio products include logging of security events to QAUDJRN, thorough logging and tracking by server, users and sessions and integration with other Arpeggio products.   If you are looking for automated password management, ARP-SFTP server integrates with ARP-AUTH to allow users to reset passwords on their own.   If you are implementing  ARP-SFTP Server as part of a security project, it provides extra QAUDJRN messaging that can be detected by SIFT-IT and forwarded to SIEM consoles for event correlation and detection. 

See for yourself and download a trial of ARP-SFTP Server.

ARP-SFTP Server Features

ARP-SFTP Server Features

Advance Security Settings

ARP-SFTP Server supports SFTP or FTPS (implicit and explicit TLS). Customize security settings including ports, IP whitelisting, max login attempts with auto blacklisting, set algorithms and cipher requirements, max session instances and configure secure logging rules.

User Lists

Create real users that have access to QSYS or IFS directories or virtual users that only have access to virtual environments. You can even group users into a user list for separating their server access rules and activity.

Real or Virtual File Systems

Create rules for users to access real files systems (DB2, IFS, etc) or virtual files systems that enable clients to transfer files and manage their sandbox while a separate controlled activity occurs on the backend.

Advanced Features

ARP-SFTP Server is a high volume light footprint server where you can configure the number of active server instances and backlog rules, allow it to auto adjust based on server request activity, trigger processes during sessions, set limits on transfer sizes, limit types of files being sent and more.

Comprehensive Secure Logging

All security events such as viewing server configurations, creating access rules to virtual and real directories and touching authentication keys are logged to QAUDJRN. Session logging is customizable to track files sent/received along with their local name and remote file name. You can even drill down to see session server logs, user list logs or individual user logs to track and resolve issues.

Firewall Navigation

ARP-SFTP Server provides firewall navigation features for FTPS server instances. NAT configurations, data port ranging, whitelisting and binding to specific network interfaces ensures FTPS traffic passes safely through your firewall and/or your partners' firewalls.

Key Management

ARP-SFTP Server has its own key manager. You can create, import, revoke and archive keys without using DCM. Supported key types include RSA1, RSA2 and DSA. It's also possible to convert then import PUTTY keys.

Secure Access Controls

You can specify user access rules for keys, user lists, virtual directories and server configurations.

Compliance with mandates

ARP-SFTP is compliant with security standards such as PCI, HIPAA (& HiTech law), DFARS, Dodd-Frank, GDPR and more

Trusted Authentication

Password based, key based or both and MFA can be configured by user.

Support for many file types

DB2, IFS, Save Files and more

Cyber Insurance Compliance

ARP-SFTP integrates with ARP-AUTH to fully address all requirements for implementing MFA on your IBM i to obtain cyber insurance policies. Almost all cyber insurance policies require implementing access to systems using real logins for SFTP and FTPS with MFA and ARP-SFTP Server fully addresses it with ARP-AUTH integration.

Alerts and Notifications

Send emails and text messages when errors occur with server, users are blacklisted, send joblogs on failed server restarts, or any type of custom notification using all of the available ARP-SFTP Server exit point programs.

Data integration

Support for any types of transfer (binary, ascii), specify CCSID to use, formatting to/from CSV and more.

Popular Purchases with ARP-SFTP Server

ARP-AUTH

Secure access to your IBM i using MFA for telnet logins, SFTP and FTPS server and Navigator for i.

Learn more

ARP-SFTP

Powerful and intelligent scripting of SFTP and FTPS transfers running natively on the IBM i.

Learn more

SIFT-IT

Real-time monitoring of security events in QAUDJRN, Apache, SSH, etc with integration to SIEMs and syslog servers.

Learn more