mendelson OFTP2

System events
Port setup
Certificate manager (dark mode)
Transaction overview
Partner management
Transaction details (dark mode)

Overview

Easy to integrate
Unlimited number of transactions and partners
Key and certificate management
Partner management
Digital signature and message encryption
Secure transport (TLS), optional TLS client authentication
TLS v1.0, TLS v1.1, TLS v1.2; Perfect Forward Secrecy
Option to disable weak ciphers per inbound TLS port
System task to auto clear old log entries
Data transfer compression
Full OFTP2 routing support
Certificate exchange
Configuration backup/restore
Integrated notification system via mail (with optional OAuth2)
Logging/protocol information
Client-server architecture (commercial version only)
XML API to control the server (commercial version only)
Multilanguage support: Localized to german and english
Plugins available to extend the functionality:
- mendelson converter plugin (commercial version only)
- PostgreSQL DB plugin (commercial version only)
- HA plugin (commercial version only)
- REST API plugin (commercial version only)

Easy to integrate

The system comes with an easy integration to existing systems, using a partner based file system interface. An integrated scheduler picks up data from directories. You could define as many directory to poll per partner as you like to. Each poll directory could be assigned with OFTP2 specific values like virtual filename or internal record format. The commercial version allows to send files directly to the server via commandline.
After every send process or data transmission a user defined postprocessing (e.g. execution of a command or script, move data to directory) could be executed.
On the system side there exists a plugin to support integration to PostgreSQL compatible databases. Integrating the mendelson OFTP2 into Docker or Kuberetes is also no problem as the system is written in pure Java.

Unlimited number of transactions and partners

The commercial version (and the open source version, too) is not limited in the number of partners or transactions you are using - there will be no additional license costs if your business is expanding. The partners could be connected direct or as gateway partner or - if the system acts itself as gateway - as substations.
You want to try before you buy? Checkout the open source version - it is a full functional OFTP2 system, too.

Digital signature and message encryption

The mendelson OFTP2 system supports all required encryption algorithm - you have full access to the available security of the OFTP2 protocol:

Triple DES (3DES)
AES-256

The following hash algorithms are supported:

SHA-1
SHA-2 (SHA-256, SHA-512)

Key and certificate management

The key and certificate manager allows the management of your private keys and partners certificates. All operations that are required regarding keys and certificates are supported:

Import your partners certificates
Export public keys/certificates from your private keys
Backup your private keys
Display detailled key/certificate information
Generate private keys, generate certificate sign requests, patch keys with CAs answers to sign requests

Partner management

Using the integrated partner management you could setup your partners in an easy way. Define the security level, connection features and all partners key data here.

Full OFTP2 routing support

The mendelson OFTP2 server allows to define substations to partner stations. These substations are not connected directly, instead the data is send to the direct partner with a routing request. It is also possible to define virtual local stations to send data with an other SFID code. That means that every mendelson OFTP2 system could be a OFTP2 gateway itself, act as a substation or connect to other stations/partners that are reachable via gateway only.
On the protocol level the routing describes different values in the SSID/SFID.

Certificate exchange

Even if the certificate exchange is not part of the OFTP2s RFC it is part of the OFTP2 implementation recommandation. The mendelson OFTP2 solution allows to exchange your certificates with your partners if their system implements this feature, too.

Configuration backup/restore

The whole configuration including the partner settings, system settings, all poll threads and certificate assignments could be stored in a human-readable format (xml).
Beneath restoring the whole configuration the system allows to restore single entries into a running system, e.g. import selected partners from this configuration. The commercial version allows to start an instance of the mendelson OFTP2 server from such a backup file, this allows to use several profiles.

Integrated notification system

The mendelson OFTP2 will send you mail notification on several events - these could be chosen. The content of these mails could be modified by the user using simple templates. All notification templates are included in english and german - it's possible to modify them for your needs. The mail notification can be enhanced with OAuth2 authorization using an optional plugin.

Logging/protocol information

You could set up detailed logging levels in the user interface - up from a simple overview of what is transfered down to the protocol level and deep into the byte level of the OFTP2 protocol. I you are familiar with the OFTP2 protocol it will help you also to display all related OFTP2 protocol fields of the settings in the configuration user interface. Beneath this you have always an overview in a table of what has been transfered between which partners.

Client-server architecture

Using the commercial version of the mendelson OFTP2 server it's possible to start the server as an instance without user interface. On linux systems there is no X required to run the server. You could define users, these could log in from any other machine to the server, even from systems with other operation systems using the OFTP2 user interface.

API to control the server

The commercial version of the mendelson OFTP2 server contains a XML API that allows to control the server. Using this API it is possible to modify and set up the configuration of the server, to monitor the transmissions, set up new transmissions with user defined events, manage the partners and certificates. The API could be access either via Java or via command line, there are several commands already included that could be accessed from the command line. The XML API is capable to control the server from a remote system, in this case it works via a client-server connection. Use case for such an API is for example building a web service around the mendelson OFTP2 server, controlling the server on systems without graphical user interface, building your own client to integrate it better into your own system, ...
If the XML API is not what you are looking for - we also offer a REST API as optional plugin to integrate the mendelson OFTP2 into your web based projects.

Architecture

There runs a number of poll threads for every partner that polls special directories per partner and sends matching files to the configured partners.
The transmission data is stored in an underlaying database system, this is installed out of the box, too. The OFTP2 client could run on a different machine (commercial version only) to connect to the server instance.

Optional components for the mendelson OFTP2 (plugin concept)

The basic functionality of the mendelson OFTP2 can be extended by some functions and architectures by a plugin concept.
We currently offer the following plugins:

Plugin mendelson converter
Plugin PostgreSQL database
Plugin HA (High availability) architecture
Plugin REST API
Plugin OAUTH2

Plugin mendelson converter

Via this additional plugin it is possible to convert your data before sending it to a partner or after you have received it from your partner into or from any known EDI format, also all inhouse formats. The conversions could be created using the mendelson converter IDE.

Plugin PostgreSQL database

This plugin allows you to replace the internal supplied HSQLDB database with an external database system (PostgreSQL), which of course can also run on another system. Part of this plugin is also a wizard for data migration of your previous dataset.
This plugin has been tested with several versions of PostgreSQL (12.1, 12.4, 13.0, 13.1, ..) and runs also fine with the PostgreSQL databases of cloud providers (e.g. AWS PostgreSQL).

Plugin HA (High availability) architecture

This plugin allows you to combine several mendelson OFTP2 systems in a redundant cluster and thus obtain both fail-safety and scaling of performance. Prerequisite for each node of the HA network is a plugin PostgreSQL and a plugin HA. You can build the architecture with load balancer and external database server either in-house or also realize it via cloud providers.
In the HA architecture, you can stop individual nodes, add new ones as needed, and also perform updates to individual nodes without affecting the overall system.
The HA plugin thus offers you the possibility to flexibly adapt the mendelson OFTP2 system to your needs. An OFTP2 transmission is generally divided into three parts: The preprocessing (where the data is encrypted and signed), the transmission and the postprocessing (where the data is decrypted and the signature is verified).
If several mendelson OFTP2 nodes are working together in an HA network, the nodes can each perform one of these tasks in parallel. For example, if there are 3 nodes in the HA cluster, one node can do the pre-processing of new data and another node can do the post-processing of a transaction, while a third node takes care of the transmission.

Plugin REST API

This plugin allows the access to the mendelson OFTP2 via a REST API. If you want to integrate the system into your own web based environment, this is the right plugin for you.

Plugin OAUTH2

This plugin adds OAUTH2 authentication posibilities to the mail notification process via SMTP.