The traditional FTP protocol sends commands and data without any form of security over the network. This FTP data could be intercepted by an attacker, which could then be viewed and altered before sending it onto the receiver.

If you are sending sensitive data over a network, you can use Secure File Transfer Protocol (SFTP) for securing data. The PowerCenter Integration Service creates an SSH2 transport layer that enables a secure connection and access to the files on an SFTP server.

SFTP creates an encrypted channel between two computer systems and protects against the following attacks:

IP spoofing. A remote host sends out packets that pretend to come from another trusted host.
IP source routing. A host can pretend that an IP packet comes from another trusted host.
DNS spoofing. An attacker forges name server records.
Interception of clear text passwords and other data by intermediate hosts.
Manipulation of data by attackers in control of intermediate hosts.

SFTP uses a combination of asymmetric (public key) cryptology and symmetric cryptology to provide strong encryption and optimal performance. Most commercial servers and many open source servers support SFTP. SFTP is also an effective protocol to use for transmitting large files as it compresses the data stream before encryption.

To use SFTP file sources and targets in a session, perform the following tasks:

Create an FTP workflow connection and configure the FTP connection object for SFTP.
Select and configure an SFTP connection object in the session properties.
Configure source file properties.
Configure target file properties.