Frequently Asked Questions Sections Overview ...... 2 FAQ: General Questions ...... 2 FAQ: Account Maintenance ...... 5 FAQ: User Interface ...... 7 FAQ: Notifications ...... 9 FAQ: Security ...... 10 FAQ: Infrastructure ...... 11 FAQ: File Handling ...... 14 FAQ: Support ...... 15 Glossary of Terms ...... 16
D&B SafeTransPort: Frequently Asked Questions Published June 2015 1 of 17
Overview
It’s important that our customers, data suppliers and partners feel their content is secure when they’re exchanging it with us. To do this, D&B has invested in a modern file transfer system with the most stringent security requirements. The new system, D&B SafeTransPort (DNB STP or STP), replaces our previous system, Bulk Data Exchange (BDE), while using the same URL (https://ftp.dnb.com).
FAQ: General Questions
What is D&B SafeTransPort? What are some of the features of SafeTransPort? D&B SafeTransPort… Complies with the most stringent security Is D&B’s managed file transfer solution for requirements for user authentication, customers, data suppliers and operating data security and Payment Card Industry partners (PCI) Data tokenization…to ensure your Serves as a “one stop shop” for sending and data is safe and secure. receiving files to D&B via FTP protocols Supports multiple FTP file transfer modes Leverages the latest available technology to give you options that work with your and robust infrastructure to ensure a high- systems and processes. performing, secure platform Improved transfer rates, especially during Provides new features designed to improve peak transfer volume times our customers’ experience Offers customizable file transfer notifications…to give you as much or as What is this tool used for? little detail about each transfer as you This tool is used to bring in customers’ data wish to see. and to deliver batch product data files to System monitoring and troubleshooting customers. Our data suppliers and partners tools to proactively detect and solve also use the system to send and receive files. problems Continues to use the ftp.dnb.com Why is D&B SafeTransPort a better tool? URL…so there is no change required for With a more modern look and feel, D&B those who previously used D&B’s legacy SafeTransPort provides the security, reliability, Bulk Data Exchange file transfer system. scalability and traceability required to meet the Provides an easy to use interface for growing global file transfer demands of our manually-initiated file transfers, password business. The new features will improve our maintenance and a gateway to system customers’ experience and complies with the support…one place for all your D&B file most stringent security requirement for user transfer needs. authentication, data security and Payment Card Industry (PCI) data tokenization.
D&B SafeTransPort: Frequently Asked Questions Published June 2015 2 of 17
What types of file transfers are supported? My current BDE password doesn’t meet the new Ad hoc human-to-human STP password requirements. Will I be forced to Human-to-system change it before using the new system? System-to system No, to minimize the impact of this transition, existing BDE passwords will be accepted by What is the Host Name? the new STP system. Your password can be Use ftp.dnb.com to connect to D&B changed at your convenience any time prior SafeTransPort. to its expiration, at which point you will be required to change it to continue transferring What is the IP Address? files. To ensure that your connection and file transfer performance is optimal, please use I use BDE regularly; will there be D&B the domain name ftp.dnb.com instead of an IP SafeTransPort training? Address. A recorded tutorial for the D&B SafeTransPort user interface is accessible via What is the URL? the D&B SafeTransPort log-on page. You can access the D&B SafeTransPort System using a browser. The URL (SSL How can I get a D&B SafeTransPort account? Connection) is https://ftp.dnb.com. D&B team members can request D&B SafeTransPort accounts on their customers’ Which web browsers are supported? behalf or for their own use. Complete the Apple Safari 5.x, 6.x request form for the type of account you Google Chrome 22.x want on D&B SafeTransPort Account Microsoft Internet Explorer 8, 9 Request which is available on D&B Net. (Compatibility View is not supported) What’s the difference between a Profile ID, an Mozilla Firefox 4.x to 13.x Account ID, and a Customer ID?
Which Java Versions are supported? The Profile ID is a unique number associated with a particular profile while Java 1.5, 1.6 (also known as Java 6) the Account ID is the user name Java 1.7 (also known as Java 7) associated to a particular profile. The
Customer ID is another name for I have a Bulk Data Exchange (BDE) account, what Account ID. do I need to do to get a D&B SafeTransPort An Account ID may have one or more account? profiles associated to it but a Profile ID All active BDE accounts will be automatically can only have one Account ID associated migrated over to D&B SafeTransPort, to it. including Account IDs and passwords – so
you don’t need to do anything!
D&B SafeTransPort: Frequently Asked Questions Published June 2015 3 of 17
What is Inbound? What is Encryption? Inbound denotes the mode of transmission It is the process of transforming a data file whereby the file is sent to D&B for into a series of binary patterns that hide the processing or delivery. actual content from unauthorized access, protecting its confidentiality, integrity and What is Puts? authenticity. Puts is an Inbound method of transmission whereby the customer connects to the D&B What is Compression? SafeTransPort Server to send a file to D&B It is a technique that provides for the for processing or delivery. transmission or storage, without noticeable information loss, of fewer data bits than were What is Pull? originally used when the data was created. Pull is an Inbound method of transmission whereby D&B connects to the customer’s What is File translation? FTP Server to retrieve a file to be sent to It allows the customer to select the file D&B for processing or delivery. format like ASCII, EBCDIC etc. D&B SafeTransPort will perform the file translation What is Outbound? to customer’s desired format. Outbound denotes the mode of transmission What is File naming convention? whereby the file is sent to the customer for It is a specified file name pattern used by the processing or delivery. system to identify a particular file for proper processing. What is Gets? Gets is an Outbound method of transmission What are Status files or Tickler files? whereby the customer connects to the D&B These contain transaction details like date, SafeTransPort Server to retrieve a file which time, file size, the directory where the file was delivered by D&B. resides etc. Notification emails will be sent in every phase of the file transaction, like on the What is Push? reception of inbound file, delivery of the Push is an Outbound method of transmission outbound file etc. whereby D&B connects to the customer’s FTP Server to post a file for delivery by D&B.
D&B SafeTransPort: Frequently Asked Questions Published June 2015 4 of 17
FAQ: Account Maintenance
How can I get a User ID? 3. Provide your Current Password and your Creation of new Accounts may be initiated desired New Password. Confirm the through your D&B representative. new password then click on Save to store your changes. Can I share my User ID? D&B SafeTransPort supports multiple unique User IDs for each Account—each person or system accessing an account must have their How do I reset my Password? own User ID. Passwords can be reset at any time via the “Forgot Your Password?” link on the logon Can I add an authorized User ID onto my account? page. Requests to add new User IDs to an existing account may be made via the Support link at What is the criterion for a strong Password? the top of the user interface logon page. Passwords must meet the following minimum How do I activate my User ID? requirements: New users will receive an email with an Minimum length: ten (10) characters activation link to establish their password and Must have at least one of each of the activate access to their account. following: o Upper case alpha character (A-Z) How do I change my Password? o Lower case alpha character (a-z) Passwords can be changed after successfully o numeric character (0-9) logging into your account using the Web o Special character ($, !, -, #, etc.) Interface (https://ftp.dnb.com). Your access will be locked after four failed login attempts 1. Locate the “Preferences” menu at the top May not reuse any of your twelve right corner of your screen and click on previous passwords it. Does my Password expire? 90 day expiration (for logons via the user interface or automated connections) 2. On the Preference Page, find the “Change Password” Section. Annual expiration (for automated connections only) Non-expiring (on exception basis for automated connections only)
D&B SafeTransPort: Frequently Asked Questions Published June 2015 5 of 17
What are the different Business Groups associated What are the different Lines-of-Business associated to an account? to an account? An Account ID may be associated to one of An Account ID may be associated to a Line of these Business Groups: Business: Administrator RMS – Risk Management Solutions Customer Operations S&MS –Sales & Marketing Solutions Customer Operations - DNBi SMS – Supply Management Solutions Data Source Management Other Delivery N/A – Not Applicable PCI Other What are the different Regions associated to an Single Customer account? Technology Trade A profile may be associated to a particular region where their primary D&B Support Team resides: Asia Pacific & Latin America (APLAN) Australia & New Zealand (ANZ) Benelux (B) Canada (C) Emerging Markets (EM) - includes Central & Eastern Europe, Mediterranean Europe & Atlantic Ireland (I) North America (US) United Kingdom (UK) US Government (US Gov) N/A – Not Applicable
D&B SafeTransPort: Frequently Asked Questions Published June 2015 6 of 17
FAQ: User Interface
How do I access the User Interface for D&B No, you cannot delete files from the “puts” SafeTransPort? folder. It is automatically deleted by the A Web-based user interface is available system based on the settings on the account for all D&B SafeTransPort System Users profile. which includes access to file delivery folders, and user-configurable settings. Which folder do I use to pick-up files from D&B? To use this interface, you will need an Use the “gets” folder to retrieve files made internet connection, a web browser, and available for you by D&B. a valid User ID. The direct URL is https://ftp.dnb.com How can I download files from the “gets” folder? For more information regarding the use Identify the file that you’d like to retrieve of this interface, please click here for the and click on the “Download” button user guide. accordingly. You can also right-click on the file that Which web browsers are supported? you’d like to retrieve and click on the Apple Safari 5.x, 6.x “Download” button accordingly. Google Chrome 22.x Microsoft Internet Explorer 8, 9 Can I delete files from “gets” folder? (Compatibility View is not supported) No, you cannot delete files from the “gets” Mozilla Firefox 4.x to 13.x folder. It is automatically deleted by the system after a specified period of time based Which Java Versions are supported? on the settings on the account profile.
Java 1.5, 1.6 (also known as Java 6) How long will my file stay in the “gets” folder? Java 1.7 (also known as Java 7) Your file stays in the “gets” directory for a
set number of days which you or the account Which folder do I use to send files to D&B? requestor had specified during the set-up. Use the “puts” folder to send files to D&B. it This can be up to 15 days. After such time, will be routed accordingly. the file is automatically deleted by the system.
How can I submit files into the “puts” folder?
Once you’re in the “puts” folder, you can: Click on the “Upload” button and navigate to the file that you’d like to submit. You can also right-click anywhere on the page and click on the “Upload” button and navigate to the file that you’d like to submit. Can I delete files from “puts” folder? D&B SafeTransPort: Frequently Asked Questions Published June 2015 7 of 17
Can I display my files differently in the folders? Can I sort my files in the folders? Yes, you can switch between the icon You can sort your files in ascending or view or detailed view. descending order using the following Click into the desired folder (e.g. “gets”) options: and click on the “View” button found at o By Name the right-most part of your screen, as o By Kind indicated by the following icon: o By Size o Icon View: By Date Click into the desired folder (e.g. “gets”) and click on the “View” button found at the right-most part of your screen, as indicated by the Detailed View: following icon:
D&B SafeTransPort: Frequently Asked Questions Published June 2015 8 of 17
FAQ: Notifications
How will I know about important messages What kind of Event Notifications will I receive concerning this system? when I receive or retrieve a file from D&B? System alerts, outage status, and important Below is a list of email notifications that you messages are posted on the log-on page. may opt to receive: Urgent items are also sent out to impacted Outbound File Accepted account owners who are on the System Outbound File Ready (for Gets) Notification list. Outbound File End Delivery (for Push) Outbound File Processing Problems How can I get on the System Notification List? Summary Email – End of Day Typically, the account’s primary owner is Summary Email – End of Transaction already on this list. If you are not sure if you are on the list or would like to be added, What kind of information do the Event please open a Support Request. Notifications contain?
What kind of notifications will I receive when I Each event notification will have the following get a new account? details: Below is a list of email notifications that you Customer ID will receive with a new account: Profile ID New Account Activation Tracking ID New Account Password Configuration File name
What kind of Event Notifications will I receive Stating Time when I send a file to D&B? Ending Time Below is a list of email notifications that you Byte Count may opt to receive: Record Count Inbound File Receipt File Download Instructions Inbound File Accepted o Using Command Line Inbound File Decompressed o Using a Browser Inbound File Dispatched Who sends the Event Notifications emails? Inbound File Processing Problems These messages are sent by D&B (including Pull Errors) SafeTransPort automatically. Inbound File found infected (and The alias is “Dun and Bradstreet Quarantined) SafeTransPort Notifications” Summary Email – End of Day The Email address is Summary Email – End of Transaction “[email protected]” The Subject Line is prefixed with “D&B SafeTransPort -- Customer :” Do not reply or send messages to this email address.
D&B SafeTransPort: Frequently Asked Questions Published June 2015 9 of 17
FAQ: Security
Who has access to my data? Is the repository encrypted? Access is restricted only to the pertinent The repository is fully encrypted to ensure business units responsible for receiving, that no content can be viewed even in the processing, handling, and delivering your event of a security breach. data. The appropriate security levels are Is the system compliant with industry standards granted accordingly to protect each of security? division. The D&B SafeTransPort System employs Authenticated partner access including strong audit trails and is compliant to secure passwords, two-factor industry and government mandates which authentication, login expiration (lock-out, include the following standards: time-out) is also used. PCI - Payment Card Industry (MasterCard data security standard) How secure is my data? HSM - Hardware Support Modules We have employed the following strategies (HSM), which ensures PCI compliance to ensure your data is secure within our SOX - Sarbanes-Oxley Act of 2002 environment: (public company accounting reform) Transparent enforcement of security SEPA - Single Euro Payments Area policy across all file movement activities, (banking) including document and repository GLBA - Gramm-Leach-Bliley Act of 1999 encryption (Financial Modernization Act of 1999) Secured connections for transmission of OWASP - Open Web Application critical business data across the Internet Security Project Secure data streaming across the DMZ Data is secured in transit, never stored I need more information regarding security, within the DMZ, and stored encrypted where can I get that? while at rest on the server, regardless of The D&B STP Customer Security Guide is the underlying transport network. available for D&B Representatives through Data integrity checks the D&B STP Resource Page on the DNBNet. Customers can avail of this Do you support file-level encryption? information through their D&B We support the latest standard of PGP- Representative. encryption (2048-bit) and highly recommend the use of longer keys (4096-bit).
D&B SafeTransPort: Frequently Asked Questions Published June 2015 10 of 17
FAQ: Infrastructure
What is the Host Name? The system uses event-driven workflows. Use ftp.dnb.com to connect to D&B This includes manual events such as a human- SafeTransPort. based action; and automated events driven by a scheduler or trigger files. What is the IP Address? We do not allow direct IP connections. How is the data transmitted? Please use the domain name ftp.dnb.com. Files are transmitted over the internet using secure file transfer protocols such as: What is the URL? HTTPS (Password or SSL Certificate - You can access the D&B SafeTransPort minimum 2048-bit) System using a browser. The URL (SSL SFTP (Password or SSH Key) Connection) is https://ftp.dnb.com. Which ports are used? Is the system able to integrate with open and/or The following ports are used for each type of standard-based software? connection: Supports both open and standards-based HTTPS (Password or SSL Certificate), software. Port 443 Support of SFTP Servers, File Servers, SFTP (Password or SSH Key), Port 22 Directory Servers, and ESB / SOA, Multi- Also supported: HTTP (Port 80), FTP LDAP support and LDAP mapping (Port 21) Seamless integration with MFT systems such as: Which industry standards and protocols do you o Axway SecureTransport™ support? o IBM Sterling Commerce Currently support: Connect:Direct™ (NDM) IPv6 UDT Am I able to send one file and have it distributed FIPS 140-2 to multiple processing systems? SSL/TLS Employs rules-based file processing and routing, including multi-destination routing. File system abstraction layer with the use of the REST-based Web Services API framework and other integration capabilities
How is the file transfer triggered or initiated?
D&B SafeTransPort: Frequently Asked Questions Published June 2015 11 of 17
Can I use my own client or third-party software? Which HTTPS Clients are supported? Interoperable with third-party clients The following HTTP Client versions are utilizing Web Browsers, Standard FTP currently supported (not limited to this list): Clients, Standard SSH Clients, Unix Axway SecureTransport Browser Clients, ActiveX for IE. Clients 5.2.1 Includes support for software such as (not Axway SecureTransport Web Access limited to this list): Plus 5.2.1 (requires JRE 1.6 or later) o Axway SecureTransport™ Axway Secure Client 5.8, 6.0, 6.1 o Ipswitch WS_FTP™ cURL 7.19 to 7.22 o CoreFTP™ o CuteFTP™ Which SSH Clients are supported? o FileZilla™ Any client that complies with RFCs 4251– o Informatica SFTP software 4254 is supported. More specifically, the o IBM Sterling Connect:Direct (NDM) following SSH Client versions are currently supported (not limited to this list): Which Web Browser Clients are supported? Axway Secure Client 5.8, 6.0, 6.1 The following Web Browser Client versions cURL 7.19 to 7.22 are currently supported (not limited to this list): FileZilla Client 3.5.x Apple Safari 5.x, 6.x on OS X only PSCP 0.60 Google Chrome 33.x or later PSFTP 0.60 Microsoft Internet Explorer 8, 9, 10, Tectia Client 6.1, 6.2 11 (Compatibility View is not supported) VanDyke SecureFX 6.6.1 to 6.7 Mozilla Firefox 24.x or later WinSCP 4.2.9 to 4.3.5
Which FTP Clients are supported? Do you perform regularly scheduled The following FTP Client versions are maintenance? currently supported (not limited to this list): We regularly update the D&B SafeTransPort Axway Secure Client 5.8, 6.0, 6.1 System to maintain performance and ensure cURL 7.19 to 7.22 your security and privacy. CuteFTP Professional 8.3.2 to 9.0.5 FileZilla Client 3.5.x When do you perform the scheduled IglooFTP PRO 3.9 maintenance? Ipswitch WS_FTP 12.2, 12.3 Regular maintenance occurs every week LFTP 3.7 to 4.3.2 starting on Saturday, 11:00 PM Eastern SmartFTP Client 3.0, 4.0 through Sunday 09:00 AM Eastern
Is the system available during the scheduled maintenance? Limited functionality may be experienced during the maintenance window.
D&B SafeTransPort: Frequently Asked Questions Published June 2015 12 of 17
What kind of scalability can I expect from the What happens in the event of service interruption? system? Scalable 64-bit architecture to support The system is monitored 24/7 and have increasing data volumes and no limits on enhanced tracking and automated- document size. resolution of non-processed files, stuck Large Enterprise Clustering ensuring files, zero-byte files, etc. service availability, providing elasticity and Service interruptions, etc. will be caught can scale up based on volume needs, and automatically by the system and will with unlimited concurrent connections. proactively notify support teams and affected end-users (customers, vendors, What kind of capacity can I expect from the partners) via email and web. system? Root Cause Analysis is performed and Able to support a volume of 200 TB with any fix or patch that’s required will be individual file size limits of 120 GB. implemented accordingly.
What kind of reliability can I expect from the Are you able to handle high volumes of data? system? The system is capable of using File Stable platform where time-out errors Transfer Acceleration which enables the are eliminated and/or handled correctly transfer of high volumes of data over by the MFT System. high-speed networks to ensure files are Guaranteed delivery, checkpoint/restart, delivered on-time and within SLAs resubmit, and near real-time document established by D&B. This utilizes exchange, not just batch or once daily. protocols such as UDT to accelerate the transfer of files between multiple servers.
D&B SafeTransPort: Frequently Asked Questions Published June 2015 13 of 17
FAQ: File Handling
Which encoding formats are supported? Are special characters in the source or Support for and ability to convert (to and destination folder supported? from) the following file encoding formats (not The system is able to support folder limited to this list; includes backward (directory) names with special characters, compatibility): including spaces. ASCII EBCDIC Which compression formats are supported? UTF-8 The system supports the latest versions of UTF-16 the following file compression formats (not UTF-16BE limited to this list; includes backward UTF-16LE compatibility): ISO 8859 WinZip PKZip Are double-byte files supported? RAR We have expanded our system to support GZIP the double-byte character-set. UNIX Tar UNIX Compress Which file formats are supported? Support for the latest versions of the Which file-encryption formats are supported? following file formats (not limited to this list; The system supports the latest versions includes backward compatibility): of the following file encryption formats Fixed-fielded (not limited to this list; includes backward Delimited compatibility): RTF WinZip with Password DBF PKZip with Password SAS7BDAT PGP/GPG (with DH, RSA or RSA4 keys PDF and AES, CAST, TripleDES or Twofish XML encryption algorithms) MS Office File Formats (including): MS Excel, MS Access, MS Word How long do you keep the files? PUTS Folder: the file expires after 24 Are special characters in the filename supported? hours. The system is able to support filenames with GETS Folder: expiration can be set special characters, including spaces. between 1 to 15 days; it can also be set to immediately expire upon successful retrieval.
D&B SafeTransPort: Frequently Asked Questions Published June 2015 14 of 17
FAQ: Support
Where can I get support? If you have questions about D&B How is my support request handled? SafeTransPort or need further support, Once your request is submitted a Support please open a Support Request. Request Case is generated. It is then routed accordingly based on the category that you How do I submit a Support Request? have selected. An email notification will be Please click here for the user guide. sent to you regarding your Case for your reference. What kind of requests can I submit? Most requests can be categorized under the When can I expect a response? following: Your request is typically assigned and Configuration Change – for assistance addressed within 24 business hours. A with your account settings response may be received within that same File Delivery – for assistance with the timeframe. Final resolution depends on the delivery of your file complexity of your request or concern. Notification Change – for assistance with email notification changes Who provides support to D&B SafeTransPort User ID (Current) – for assistance Customers? with your existing User ID The D&B SafeTransPort Support Team User ID (New) – for assistance with consists of: new or additional User ID’s SafeTransPort Customer Support Other – for assistance with your (formerly known as CRAF) account outside of the previously SafeTransPort Technology Support noted categories; may include General (formerly known as BDE CAMS) Questions
D&B SafeTransPort: Frequently Asked Questions Published June 2015 15 of 17
Glossary of Terms
ACRONYM DEFINITION AES Advanced Encryption Standard AME Asian Match Environment API Application Programming Interface AR Accounts Receivable ASCII American Standard Code for Information Interchange BDE(S) Bulk Data Exchange; Bulk Data Exchange System CAST Carlisle Adams and Stafford Tavares Clustering The technique of linking many computers together to act like a single computer D&B Dun and Bradstreet DBF Database File; DBase and FoxPro DH Diffie Helman DMZ Demilitarized Zone EBCDIC Extended Binary Coded Decimal Interchange Code ESB Enterprise Service Bus FIPS Federal Information Processing Standard GB Gigabyte GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GPG GNU Privacy Guard GSRL Global Standard Record Layout GZIP GNU Zip HSM Hardware Support Modules HTTP Hypertext Transfer Protocol (world wide web protocol) HTTPS Hyper Text Transfer Protocol over SSL IE Internet Explorer IETF International Engineering and Technology Fair (India) IPv6 Internet Protocol Version 6 ISO International Organization for Standardization KPI Key Performance Indicator LDAP Lightweight Data Access Protocol MB Megabyte MFT Managed File Transfer NDM Network Data Manager Non-repudiation Provides proof of the integrity and origin of data. OWASP Open Web Application Security Project PCI Payment Card Industry (MasterCard data security standard) PDF Portable Document Format (Adobe Acrobat) PGP Pretty Good Privacy PKZip Phil Katz Zip
D&B SafeTransPort: Frequently Asked Questions Published June 2015 16 of 17
ACRONYM DEFINITION RAR Roshal Archive REST Representational State Transfer (alternative to SOAP) RSA Ron Rivest, Adi Shamir and Leonard Adleman RTF Rich Text Format SAS Statistical Analysis System (software) SAS7BDAT SAS Database File SEPA Single Euro Payments Area (banking) SFTP Secured File Transfer Protocol (similar to SSH, but for files) SLA Service Level Agreement SMS Short Message Service (Text Messaging) SNMP Simple Network Management Protocol SOA Service-Oriented Architecture SOX Sarbanes-Oxley Act of 2002 (public company accounting reform) SSH Secure Socket Shell SSL Secure Socket Layer SSL/TLS Secure Socket Layer/Transport Layer Security TB Terabyte TripleDES Triple Data Encryption Standard Twofish related to Blowfish encryption UDT Uniform Data Transfer UNIX Compress UNIX Shell Compression Program UNIX Tar UNIX Shell Archive Program Unicode Transformation Format (16 bit Unicode to 7/8 bit character UTF conversion) VAN Virtual Area Network VPN Virtual Private Network WinZip File archiver and compressor for Windows and OS X XML Extensible Markup Language pTCP Parallel Transmission Control Protocol
D&B SafeTransPort: Frequently Asked Questions Published June 2015 17 of 17