Skip to Main Content

Frequently Asked Questions

As part of our upcoming migration to a new secure file transfer platform, we’re making updates to encryption protocols and connection requirements. This FAQ is intended to help you prepare, avoid disruption, and answer any questions you or your team may have.

What is a Fully Qualified Domain Name (FQDN), and where do I update it?

 

A Fully Qualified Domain Name (FQDN) is the complete domain path used to connect to our server (e.g., files.example.com). You will need to update your SFTP or FTPS client configuration to use the FQDN instead of a direct IP address.

Can I still use the old IP address after the migration?

 

Unfortunately, no. Connections made directly to a static IP address may fail after migration. FQDNs allow us to manage security certificates, routing, and updates without requiring further action from you in the future.

What encryption protocols or cipher suites are supported on the new platform?

 

The new platform supports modern, secure protocols including, but not limited to:

  • SFTP: SSH with strong key exchange and MAC algorithms (e.g., AES-256, SHA-2)
  • FTPS: TLS 1.2 and higher, with updated cipher suites compliant with industry standards
  • FTP with PGP encryption, although assisting with transitioning that very small subset of clients to another protocol is expected post-migration

Will I need to update my firewall settings or allowlist?

 

If your firewall rules are based on IP addresses, they may need to be updated to accommodate new IPs behind the domain name; please ensure outbound connections to the FQDN are allowed.

Will our automated scripts or jobs need to change?

 

Yes, any scripts using hardcoded IP addresses should be updated to use the FQDN. In addition, confirm that your automation tools support modern ciphers.

Will our SSH keys or FTPS certificates still be valid?

 

In most cases, yes. However, if there are changes in authentication methods or key policies, we will notify you in advance. You may need to trust a new certificate chain for FTPS connections.


Security & Compliance

Why are older ciphers being deprecated?

 

Older ciphers are no longer considered secure and may be vulnerable to cryptographic attacks. This update aligns with modern compliance frameworks like NIST, HIPAA, and PCI-DSS.

Is this new platform compliant with regulatory requirements?

 

Yes, the new platform is designed to meet or exceed common regulatory standards, including encryption requirements and auditability.

Will there be downtime during the migration?

 

We are working to minimize and/or entirely eliminate any service interruption. A specific maintenance window (if needed) will be communicated in advance; however, it would only occur during non-business hours.

Will TLS/SSL certificates change?

 

Yes, FTPS users may see a new certificate associated with the FQDN. Be sure to trust the certificate presented by the new server and avoid certificate pinning to IPs.


Operational & Support

Will any usernames, passwords, or login processes change?

 

Login credentials will remain the same.



First Horizon Bank. Member FDIC.