MOVEit DMZ Multi-Tenancy Module

File transfer servers that provide multi tenancy allow you set up FTP/S, SFTP and/or HTTP/S services for each organization hosted by the file transfer application. The organization each user interacts with is typically determined by the domain name the user connects to (e.g., “ftps.handd.co.uk” or “ftps.moveitdmz.co.uk”). This can be called “domain‐based multi tenancy”.

Alternatively, the organization each user interacts with may be determined by the username or other authentication credentials provided by the user (e.g., everyone connects to “ftps.handd.co.uk” but “fred” goes into the “HANDD” organization while “betty” goes into the “MOVEit DMZ” organization). This can be called “username‐based multi tenancy”.

How Does MOVEit DMZ Support Multi‐Tenancy?

MOVEit DMZ supports both domain‐based and username‐based multi‐tenancy. To support domain‐based multi‐tenancy, MOVEit DMZ allows system administrators to set up additional listening ports with their own server certificates and provides a switch to allow multiple reuses of the same username on the MOVEit DMZ system.

In domain‐based multi‐tenancy mode, MOVEit DMZ usernames are only unique within a particular organization. This means that a user named “fred” can exist in both the “HANDD” and “MOVEit DMZ” organizations on the same MOVEit DMZ system. However, it also means that if HANDD’s “fred” tries to sign on to the “ftps.moveitdmz.co.uk” interface, HANDD’s “fred” will not be allowed to sign on.

To support username‐based multi‐tenancy, MOVEit DMZ allows system administrators to reuse a single FTP/S, SFTP and HTTP/S interface for all organizations and provides a switch to ensure that individual usernames are unique across an entire MOVEit DMZ system.

In username‐based multi‐tenancy mode, MOVEit DMZ, a single username can only be associated with a single organization. This means that a user named “fred” can exist in the “foo” and but not the “bar” organization. However, it also means that if foo’s “fred” tries to sign on to the “ftps.bar.com” interface, foo’s “fred” will be permitted to sign on.

Both multi‐tenancy modes require a MOVEit DMZ license that permits “additional organizations”.

Why Else Would I Want “Additional Organizations”?

Use groups when you want to

Use folder permissions and address books to define interactions between people and systems
Delegate some administrative control over a subset of the organization to a subset of users
Collect related users who need to interact with each other

License additional orgranizations when you want to

Support multi‐tenancy
Delegate full administrative control to an entire organization
Encapsulate many interactions into manageable domains
Separate unrelated user bases or provide new and unrelated roles to existing users

MOVEit DMZ Multi-Tenancy Module

How Does MOVEit DMZ Support Multi‐Tenancy?

Why Else Would I Want “Additional Organizations”?

Use groups when you want to

License additional orgranizations when you want to

GLOBAL Headquarters

London City Office

Asia Regional Office

GLOBAL Headquarters		London City Office		Asia Regional Office
26 Horseshoe Park, Horseshoe Road Pangbourne, Reading RG8 7JW, UK tel. +44 (0)845 6434063 email. info@handd.co.uk		Longcroft House Business Centre 2/8 Victoria Avenue London, EC2M 4NS, UK		Level 15.01, 1 First Avenue, Bandar Utama Damansara 47800 Petaling Jaya, Selangor, Malaysia tel. +60 37651 7853 email. info@handd.co.uk