FAOPGP CLS Introduction

Usability Features


You will come across many great usability features in FAOPGP CLS that makes this product easy for you to use.  These include :

1.      Simple to use GUI

You do not have to specify complex command line parameters by entering them at the DOS prompt.  (Of course you can set up script files by hand or program if you prefer.)  But CLS’s GUI provides a really simple way of creating all your command line parameters and scripts and is error free. Just choose who you want to encrypt files for etc., when you want it to occur, if you want the files emailed or FTP’d and whether auditing should take place.  CLS does the rest for you.

2.      Email support  

Encrypted files are automatically emailed using SMTP.  The secured files are attached to the email message and the recipient email address(es) already filled in (details are automatically taken from the recipient public keys you have already securely stored).  Subject text and message text can also be specified as one of the command line parameters and this is automatically inserted into the body of the email for you.  Encrypted files can also be emailed to additional email addresses that you specify.

3.      FTP support

You can tell CLS to retrieve files from an FTP server and then upload files to an FTP server.  For example you may want CLS to retrieve encrypted files, decrypt them locally and move to another FTP server, or encrypt files locally and then FTP them to a server.  This delivers a simple and very effective method of encrypting information and then moving it to another site for automatic collection and distribution.  Examples of this are transmission of secure EDI messages, exchange of medical data between providers and medical data transcription.  The FTP features can also be used without the need to encrypt or decrypt files and files can be renamed after an FTP download.

4.      Scheduling

The script scheduler feature lets you schedule scripts so that they can be run unattended at a later date / time or when the system is idle. You can schedule a task to run daily, weekly, or monthly, change the schedule for a task, and also customize how a task runs at a scheduled time.  You can set tasks to run once only or multiple times, and they can be given varying start and end dates and times.

5.      Auditing

CLS lets you log all actions to an audit trail and/or display them on the screen.  A date and time record of when script actions start and end are recorded, along with what actions occurred and the results of those actions.  An audit trail can be started for each script or every script can be audited to the same log file.  The log file can be stored locally and emailed to an administrator.  An administrator can also be altered to any errors during processing by having log files sent by email only if errors during processing occurs. The log file is stored in .html format.

6.      Secure Archives

To simplify transport and management of large number of files we support an archive function that is consistent with the .zip format.  Using this you are able to package files, folders and sub-folders in the traditional zip structure but with full strength security protecting them.  This can be a very attractive alternative to handling large and complex file structures.

7.      Group Encryption  

CLS lets you allocate users into groups to simplify the selection of multiple users (this is handy when you send files to the same list of users).  By allocating users into groups you can just select a group name in the GUI for encryption instead of selecting lots of individual user names.

8.      No confusing encryption algorithms or key lengths to select

We make encryption as simple as possible by adopting the best or current strongest protection by default. ArticSoft use the US Government approved (FIPS 197) algorithm AES - at it's strongest implementation - 256 bit - if it's good enough to secure Federal Government information then it's good enough for commercial or personal use. The 2048-4096 bit key used by ArticSoft products ensures the random session key for the AES 256 bit algorithm is protected securely.

For compatibility with older OpenPGP products that do not support the AES algorithm (e.g. PGP v5.x and v6.x). CLS uses TDES 192 bit (as required in RFC 2440).  All of this complexity is shielded from the user, who just selects compatibility with older products.

9.      Automatic key recognition  

CLS comes with it’s own list of recognized Trusted Authorities (Root Certificate Authorities).  When X.509 keys are imported, CLS automatically verifies and validates imported certificates without you having to import a root key.  Certificate chains are also automatically validated.  You cannot import keys that do not verify properly, so other people cannot send you spoof keys.

10.     Key Manager

CLS’s key manager lets you generate keys in X.509 (RSA) and PGP formats (DH/DSS) so there is no need to purchase keys from a certificate authority.  The key manager lets you import, export and delete keys and you can backup and restore the keystore and change it’s password.  Users can also be assigned into groups.

11.     Additional Features

1)      Files are automatically encrypted using a default key (if one is set) so that someone in your organization can also decrypt them. This is a failsafe mechanism when
         sending files to others and you have chosen to securely delete the original (plain text) file.

2)      Last Logon date and time displayed on the Logon box so when running manually you will know if anyone has tried to access CLS whilst you were away from the
         server / computer.

3)      Dialog boxes that remember where you last imported keys from and exported keys to.

4)     Virus, worm and blended threat resistant.  CLS works outside the conventional e-mail system.  As a result, these types of attacks simply have no effect on CLS.
        Viruses and worms cannot infiltrate CLS and cannot embed themselves in encrypted files because they would cause decryption to fail.  Attacks on e-mail lists
        cannot work with CLS because the information is held encrypted and cannot be used by other systems because they are unable to access it.  CLS also carries
        out signature verification when decrypting files, so it prevents spam attacks because the attacker is not able to provide keys that you recognize.