GoAnywhere Services has a comprehensive user management system with extensive settings that you can specify for your employees, customers and trading partner accounts. For each user, you can indicate how their account should be authenticated, what access they have to your system, their authorized folders, time limitations and many other security parameters. Below is an example screenshot of one of the user management screens:
GoAnywhere Services allows you to create user accounts using a variety of methods:
- Active Directory (AD) and LDAP integration allows you to automatically create and manage (synchronize) user accounts from an existing domain.
- A browser-based interface allows administrators to quickly create and edit user accounts using intuitive templates and wizards.
- An import wizard is available for creating user accounts from a CSV file, which is useful when migrating from another product.
- Users can self-register their own account with an optional approval process.
- APIs and commands are included for creating user accounts from your applications or the command line.
Users can be authenticated using a variety of methods with GoAnywhere Services. As one option, the user and password can be validated against the database provided in GoAnywhere Services. The passwords can be automatically generated for accounts using strong PCI-level policies. Additionally, GoAnywhere Services can authenticate accounts against an existing user management system including Active Directory (AD), LDAP, IBM Tivoli, Apache DS, Oracle Directory Services and IBM i.
Users can authenticate to the SFTP server using an SSH key and/or a password. SSL certificate authentication is supported for direct access to the HTTPS Web Client or FTPS server. GoAnywhere Services provides extensive key management features needed to create, import, export and manage SSH keys and SSL certificates.
Services and Groups
Administrators can define which services (SFTP, HTTPS, FTPS, FTP, and AS2) that each user account can access. The FTP, FTPS and SFTP servers are ideal for users that need to perform scheduled batch transfers of files, whereas the HTTPS service is good for collaboration and adhoc file transfers through the browser. Administrators can give their users the ability to send Secure Mail, invite other users and view their own audit activity.
A flexible folder and file management system is included in GoAnywhere Services. Administrators can control exactly what folders and permissions the user has access to, which can be defined at the user and group level. Users can have their own private folders or can share folders with other users.
Granular permissions can be specified to indicate if the user can upload files, download files, rename, delete files, etc. The permissions can be specified on their home directory and be overridden at each subfolder if needed. Virtual folders allow you to assign user friendly names (aliases) for the physical folders.
Additionally, disk quotas can be specified to limit the amount of disk space allowed for each user or folder.
When a user connects, GoAnywhere Services can verify that the IP address they are coming from is a trusted location. This additional security check would be performed after the user already has passed the system-level IP Filters.
When temporary access is required, user accounts can be configured to automatically expire on a certain date. GoAnywhere Services can also disable their account automatically when there is no activity for a certain number of days.
For extra security, users can be limited to a specific time of day or certain days of the week. For example, a user can be allowed to only login from 8am through 5pm on Monday-Friday.
GoAnywhere Services can be installed onto Windows, Linux, IBM i, AIX (pSeries), UNIX, HP-UX, Mac OS and Solaris platforms. IBM i is also referred to as System i, iSeries, as400, as/400 and i5.