Managed AS2, or AS2 as a Service, is a service that we offer to organisations that want to connect via AS2 and would rather outsource this than handle internally. The advantage of outsourcing is that you don’t have to worry about constantly keeping a private area or open firewall ports. With managed AS2 we take care of both the sending and the receiving, to and from your trading partners.
Your trading partners send their messages through our platform through the AS2 protocol. From our platform the messages are automatically verified and sent to an FTP server where you can retrieve them.
In this form of managed AS2, your messages are stored on an FTP server where they are immediately sent to the correct trading partner through the AS2 protocol.
* FTP account per Trading Partner included in the price.
** Message Delivery Notifications (MDNs) are free of charge and are not counted as a message
What is AS2?
Application Statement 2 (AS2) is a modern and popular method of exchanging files in a secure and reliable way, using an ordinary internet connection. AS2 is often used in EDI applications for the transport of, for example, Edifact or XML messages, but actually it can be used for almost all types of files.
AS2 is a point-to-point protocol for data communication. This means that the computer sending data makes direct contact with the host computer over the http protocol. AS2 software offers the possibility of encrypting the payload and verifying the messages. In addition, the software offers the ability to automatically send and receive a notification of receipt.
How does AS2 work?
In its most simple form, AS2 data transfer is nothing more than a http request with the data as attachment and, when necessary, certain AS2 meta-data in the http headers, such as AS2 ‘trading partner’ names for sender and receiver, or a ‘message id’ that distinguishes the AS2 message from other AS2 messages. For the response, in the simplest scenario, a http response code on the same connection on which the http request came will suffice.
In practice, different combinations of features S/MIME offers are commonly used, in order to protect or to verify the authenticity of the ‘partners’. So the data is often sent encrypted and a digital signature used by the receiver to verify the identity of the sender.
In order to use this (encryption or verification of data signature) ‘trading partners’ will exchange public certificates in advance. For the response, the sender of the AS2 message will usually request a so-called ‘Message Delivery Notification (MDN)’. This message contains information about the handling of the message by the AS2 transport (for example, the encryption for the message, but not any application processing behind the transport). This MDN can also contain a signature so the receiver of the MDN can verify the identity of the sender of the MDN.