- Easy to integrate
- Unlimited number of transactions and partners
- Key and certificate management
- Partner management
- Digital signature and message encryption
- Secure transport (TLS), optional TLS client authentication
- TLS v1.0, TLS v1.1, TLS v1.2; Perfect Forward Secrecy
- Option to disable weak ciphers per inbound TLS port
- System task to auto clear old log entries
- Data transfer compression
- Full OFTP2 routing support
- Certificate exchange
- Configuration backup/restore
- Integrated notification system
- Logging/protocol information
- Client-server architecture (commercial version only)
- API to control the server (commercial version only)
- Multlanguage support: Localized to german and english
- Plugins available to extend the functionality: mendelson converter plugin, PostgreSQL DB plugin (commercial version only)
The system comes with an easy integration to existing systems, using a partner based file system interface. An integrated scheduler picks up data from directories. You could define as many directory to poll per partner as you like to. Each poll directory could be assigned with OFTP2 specific values like virtual filename or internal record format. The commercial version allows to send files directly to the server via commandline.
After every send process or data transmission a user defined postprocessing (e.g. execution of a command or script, move data to directory) could be executed.
On the system side there exists a plugin to support integration to PostgreSQL compatible databases. Integrating the mendelson OFTP2 into Docker or Kuberetes is also no problem as the system is written in pure Java.
The commercial version (and the open source version, too) is not limited in the number of partners or transactions you are using - there will be no additional license costs if your business is expanding. The partners could be connected direct or as gateway partner or - if the system acts itself as gateway - as substations.
You want to try before you buy? Checkout the open source version - it is a full functional OFTP2 system, too.
The mendelson OFTP2 system supports all required encryption algorithm - you have full access to the available security of the OFTP2 protocol:
- Triple DES (3DES)
The following hash algorithms are supported:
- SHA-2 (SHA-256, SHA-512)
The key and certificate manager is part of the commercial version only. It allows the management of your private keys and partners certificates. All operations that are required regarding keys and certificates are supported:
- Import your partners certificates
- Export public keys/certificates from your private keys
- Backup your private keys
- Display detailled key/certificate information
- Generate private keys, generate certificate sign requests, patch keys with CAs answers to sign requests
Using the integrated partner management you could setup your partners in an easy way. Define the security level, connection features and all partners key data here.
The mendelson OFTP2 server allows to define substations to partner stations. These substations are not connected directly, instead the data is send to the direct partner with a routing request. It is also possible to define virtual local stations to send data with an other SFID code. That means that every mendelson OFTP2 system could be a OFTP2 gateway itself, act as a substation or connect to other stations/partners that are reachable via gateway only.
On the protocol level the routing describes different values in the SSID/SFID.
Even if the certificate exchange is not part of the OFTP2s RFC it is part of the OFTP2 implementation recommandation. The mendelson OFTP2 solution allows to exchange your certificates with your partners if their system implements this feature, too.
The whole configuration including the partner settings, system settings, all poll threads and certificate assignments could be stored in a human-readable format (xml).
Beneath restoring the whole configuration the system allows to restore single entries into a running system, e.g. import selected partners from this configuration. The commercial version allows to start an instance of the mendelson OFTP2 server from such a backup file, this allows to use several profiles.
The mendelson OFTP2 will send you mail notification on several events - these could be chosen. The content of these mails could be modified by the user using simple templates. All notification templates are included in english and german.
You could set up detailed logging levels in the user interface - up from a simple overview of what is transfered down to the protocol level and deep into the byte level of the OFTP2 protocol. I you are familiar with the OFTP2 protocol it will help you also to display all related OFTP2 protocol fields of the settings in the configuration user interface. Beneath this you have always an overview in a table of what has been transfered between which partners.
Using the commercial version of the mendelson OFTP2 server it's possible to start the server as an instance without user interface. On linux systems there is no X required to run the server. You could define users, these could log in from any other machine to the server, even from systems with other operation systems using the OFTP2 user interface.
The commercial version of the mendelson OFTP2 server contains an API that allows to control the server. Using this API it is possible to modify and set up the configuration of the server, to monitor the transmissions, set up new transmissions with user defined events, manage the partners and certificates. The API could be access either via Java or via command line, there are several commands already included that could be accessed from the command line. The API is capable to control the server from a remote system, in this case it works via a client-server connection. Use case for such an API is for example building a web service around the mendelson OFTP2 server, controlling the server on systems without graphical user interface, building your own client to integrate it better into your own system, ...
There runs a number of poll threads for every partner that polls special directories per partner and sends matching files to the configured partners.
The transmission data is stored in an underlaying database system, this is installed out of the box, too. The OFTP2 client could run on a different machine (commercial version only) to connect to the server instance.
Optional components for the mendelson OFTP2 (plugin concept)The basic functionality of the mendelson OFTP2 can be extended by some functions and architectures by a plugin concept.
We currently offer the following plugins:
- Plugin mendelson converter
- Plugin PostgreSQL database
- Plugin HA (High availability) architecture
Plugin mendelson converter
Via this additional plugin it is possible to convert your data before sending it to a partner or after you have received it from your partner into or from any known EDI format, also all inhouse formats. The conversions could be created using the mendelson converter IDE.
Plugin PostgreSQL database
This plugin allows you to replace the internal supplied HSQLDB database with an external database system (PostgreSQL), which of course can also run on another system. Part of this plugin is also a wizard for data migration of your previous dataset.
This plugin has been tested with several versions of PostgreSQL (12.1, 12.4, 13.0, 13.1, Cockroach DB) and runs also fine with the PostgreSQL databases of cloud providers (e.g. AWS PostgreSQL).
Plugin HA (High availability) architecture
This plugin allows you to combine several mendelson OFTP2 systems in a redundant cluster and thus obtain both fail-safety and scaling of performance. Prerequisite for each node of the HA network is a plugin PostgreSQL and a plugin HA. You can build the architecture with load balancer and external database server either in-house or also realize it via cloud providers.
In the HA architecture, you can stop individual nodes, add new ones as needed, and also perform updates to individual nodes without affecting the overall system.
The HA plugin thus offers you the possibility to flexibly adapt the mendelson OFTP2 system to your needs. An OFTP2 transmission is generally divided into three parts: The preprocessing (where the data is encrypted and signed), the transmission and the postprocessing (where the data is decrypted and the signature is verified).
If several mendelson OFTP2 nodes are working together in an HA network, the nodes can each perform one of these tasks in parallel. For example, if there are 3 nodes in the HA cluster, one node can do the pre-processing of new data and another node can do the post-processing of a transaction, while a third node takes care of the transmission.