Stonebranch Product
Universal Data Mover Gateway
B2B Managed File Transfer
Managing the flow of business-critical data between you and your external business partners, vendors, and suppliers doesn't have to be challenging or time-consuming. Automate, secure, and simplify your managed B2B file transfer processes.
Secure Every B2B MFT Workflow. Orchestrate Every Business Outcome
Universal Data Mover Gateway (UDMG), part of Universal Automation Center, is an enterprise-grade B2B managed file transfer (MFT) solution. The solution is designed to securely move data between your internal network and external partners.
- Unify B2B MFT with automation workflows to orchestrate what happens once data is received or sent
- Move data and files in real-time based on system events
- Trust that file transfers are highly secure and adhere to industry and compliance protocols
- Gain complete auditability and traceability of all file transfers inside and outside your network
The Secure Way to Automate your B2B Managed File Transfers
B2B file transfers are mission-critical, so there's no time for downtime. With the Universal Data Mover Gateway (UDMG), you'll know and trust that data is highly secure as you share files with business partners, vendors, and suppliers.
Enterprise-Grade Security Features for B2B Managed File Transfer
- Secure proxy architecture — no data stored or inbound ports in DMZ
- Modern protocols, encryption, certs, and key protection - including HSM support
- Federated authentication & SSO (LDAP, SAML, OIDC/OAuth2)
- Flexible RBAC controls, MFA/2FA, and strong password policies
- Robust IP filtering and network access controls
- Domain namespace isolation for multi-tenant deployments
Unify Managed File Transfer and IT Automation with a Platform Approach
- Real-Time Automation and B2B MFT — The Perfect Match: When MFT, whether internal or external, is combined with the UAC's intelligent scheduling and visual workflow design capabilities, enterprises can embed file transfer tasks into larger process automation workflows.
- Centrally Manage Transfers across your Entire Hybrid IT Landscape: In addition to B2B Managed File Transfer, move data between your internal on-premises, cloud, and containerized applications.
- Add Efficiency and Eliminate Waste: Consolidate disparate point-MFT solutions into a single, standardized, enterprise-grade platform.
Easily Set Up and Manage External Partners
- Federate partner provisioning, authentication, and authorization by synchronizing with LDAP/AD or SSO systems via SAML or OIDC / OAuth 2.0 – or optionally manage locally within UDMG.
- Offload partner certificate management to your HSM solution, while centralizing SSH and PGP key and credential management for easy, reusable access.
- Centralize the administration of internal customers and external partners from a single, unified control center.
Provide B2B MFT-as-a-Service
- Self-Service B2B MFT: Provide end-users, both internal and partners, with the ability to send data securely (MFT-as-a-service).
- Intuitive and Secure User Experience: A simple graphical user interface with centrally managed access controls ensures users see only what they need.
- Centralized Control and Visibility: Centralized management of flows (pipelines), endpoints, credentials, and security policies.
Automation-First
Approach
Embed managed file transfers directly into automated workflows with batch and event-driven triggers for real-time data movement.
Peer-to-Peer
Ad-Hoc File Sharing
Empower end-users to share files using a simple web browser front-end with multi-lingual support (English, Spanish, German).
Observability and
Traceability
Support regulatory compliance with end-to-end auditability and traceability. See every transfer in one place—who sent what data, where it went, and when it arrived.
Deployment
Flexibility
Deploy on-prem or in the cloud, SaaS or self-managed, with future support for containerization.
B2B Transfers from
Anywhere to Anywhere
Securely move files/data across on-prem, cloud, or hybrid environments.
Secure by
Design
Exchange sensitive data end-to-end without exposing the DMZ or opening inbound firewall ports.
Explore Additional Managed File Transfer Components
B2B Managed File Transfer FAQs
Which Protocols Does UDMG Support?
- FTPS (FTP Secure) – Traditional FTP enhanced with SSL/TLS encryption for secure data transfer.
- SFTP (SSH File Transfer Protocol) – File transfer protocol that runs over SSH, providing encryption and secure authentication.
- HTTPS (HTTP Secure) – Web-based data transfer over TLS encryption, commonly used for APIs and browser-based file exchange.
- AS2 (Applicability Statement 2) – Secure, encrypted, and signed data exchange protocol commonly used for EDI/B2B transactions, typically over HTTPS.
How does UDMG handle partner provisioning, authentication, and authorization?
UDMG supports federated partner provisioning by synchronizing with enterprise identity systems such as LDAP and Active Directory. It also integrates with SSO platforms using SAML or OIDC/OAuth 2.0 for secure authentication and authorization.
For organizations that prefer localized control, partner access and credentials can also be managed directly within UDMG.
Can UDMG integrate with our existing security infrastructure?
Yes. UDMG is designed to work within your existing security ecosystem.
- Partner certificate management can be offloaded to your Hardware Security Module (HSM) solution.
- SSH keys, PGP keys, and other credentials can be centrally managed within UDMG for simplified, reusable access.
This approach ensures strong security while reducing operational complexity.
How does UDMG secure file transfers in the DMZ?
UDMG uses a companion product (secure proxy tool) to enforce DMZ security best practices. This architecture ensures that inbound and outbound file transfer requests are tightly controlled, minimizing exposure while maintaining seamless connectivity with external partners.
- UDMG prevents data from landing in the DMZ by eliminating “store-and-forward” patterns in that zone. Files do not persist in the DMZ, significantly reducing risk and limiting the attack surface in the event of a breach.
- UDMG is architected to ensure there is no direct connection from the Internet into your secure zone. This layered approach protects internal systems while still enabling secure B2B file exchange with external partners.
How does UDMG simplify onboarding new partners?
UDMG automates partner onboarding by allowing you to:
- Automatically associate partners with predefined groups
- Link those groups to file pipeline templates
This eliminates manual configuration steps such as assigning partners to target folders, reducing errors, and accelerating time to value.
Does UDMG have high availability and failover support?
Yes, UDMG provides high availability and failover support for mission-critical workloads (active-active and active-passive), enabling operational confidence and scalability.
Can I export observability data?
Yes, easily export log, trace, and metric data to third-party observability tools (Ie, DataDog, Dynatrace, Grafana) via the UAC OpenTelemetry Connector.
Additionally, you can leverage internal dashboards and reports to support transfer monitoring and detailed logging for troubleshooting and reporting.
Can we minimize or eliminate API polling costs?
Yes — in many cases, you can eliminate (or drastically reduce) API polling with Stonebranch by switching to event-driven automation. Methods include event-based monitors/triggers and webhooks.
Instead of a client/app repeatedly calling an API to ask “is it ready yet?”, you run the workflow when something actually happens (an event), and only call APIs when needed.