"FedLine Advantage"
Posted By: lisa
"FedLine Advantage" - 06/15/05 10:07 PM
Are any of you guys out there using FedLine Advantage? We are in the process of getting it operational and would appreciate any comments.
Thank you,
lbezner@f-s-b.com
Posted By: Anonymous
Re: "FedLine Advantage" - 06/16/05 02:45 PM
We are also in the "multi-step" process and would love to hear from anyone...
Posted By: AnnL
Re: "FedLine Advantage" - 06/16/05 07:48 PM
We are in the testing phase and it looks pretty go so far. One warning if you haven't looked at ACH do so soon. The FRB has eliminated transaction level entries such as auto-enrollment and deriving a return. We have no problem with the returns but the enrollment is causing an issue. Our core processor does not currently support ENR in their ACH Origination option so we are looking for a solution. They are looking into adding the SEC code but who knows when or if that will happen.
Posted By: BankLogic
Re: "FedLine Advantage" - 06/26/05 08:24 PM
As someone who has installed FedLine Advantage at some banks and performed IT audits for banks that are currently running FedLine advantage, I have a caution which I expressed to the Fed and I'll limit my comments so I don't compromise what they consider confidential information.
There are banks that permit their employees to take their USB tokens home for disaster recovery purposes. The reasoning is that if the main office blows up, they can use the token at a branch office that is a configured FedLine Advantage workstation. I'm not a fan of this procedure although (as I learned) there currently is no guidance saying a bank can't do this. Under a certain set of conditions where the bank is also permitting VPN access for remote users, it's possible to pull up a FedLine Advantage session offsite. Not good.... My recommendation is that tokens should be locked up after use at a bank site.
I would also add that small banks who contract with a 3rd party for firewall/network maintenance or who have one employee who handles the firewall without anyone knowledgeable reviewing the firewall logs for firewall ruleset changes, should have someone independent perform an annual IT vulnerability assessment that includes a review of the firewall ruleset in place and the firewall policy. The reason is you want to make sure the IP addresses management wants to be included in the FedLine Advantage VPN are the only IP addresses being permitted. In addition if you allow employees to VPN into your bank, you want to be sure that the internal IP addresses being handed out are not the same as the ones with the Fed VPN.
Posted By: RandomName
Re: "FedLine Advantage" - 06/28/05 04:32 PM
Quote:
The FRB has eliminated transaction level entries such as auto-enrollment and deriving a return. We have no problem with the returns but the enrollment is causing an issue.
Good to know. I guess the Fed is taking a flexible interpretation of "early 2005" from their blurb below:
"Q: With none of our software vendors offering ENR origination capabilities, is there another way to process these transactions?
A: The Treasury Green Book provides information related to how Federal payment recipients canenroll for Direct Deposit without visiting a financial institution. These details, known asSimplified Enrollment, can be found in the Automated Enrollment - Section 1 of the Green Book. The GreenBook can be accessed online from the following URL:http://www.fms.treas.gov/greenbook. Please note that an ENR feature is expected to be available on the FedACH FedLine Web service in early 2005."
Posted By: HappyGilmore
Re: "FedLine Advantage" - 07/12/05 09:05 PM
Quote:
There are banks that permit their employees to take their USB tokens home for disaster recovery purposes. The reasoning is that if the main office blows up, they can use the token at a branch office that is a configured FedLine Advantage workstation. I'm not a fan of this procedure although (as I learned) there currently is no guidance saying a bank can't do this
BL - as someone who lives in an area of the country that often sees major flooding due to hurricanes, having this token at a building the employees can't get to does not help me in a disaster recovery mode. In the event the employees can get to another location, without this token card, I'm dead in the water. And, since the Fed, in their infinite wisdom, has said that no user will be permitted 2 cards, I choose the lesser of 2 evils, and will allow, no I will mandate, that users take these token cards home.
Also,as long as you set the bank to dual control, you have less risk.
Posted By: Anonymous
Re: "FedLine Advantage" - 07/13/05 12:51 PM
Have you guys any opinion on the implementation of the Fedline Advantage Program? I've been dissapointed with the whole process. We haven't had any local training seminars or sessions available to us in Boston (that I could find). It pretty much leaves us with trying to learn on our own...
Posted By: BankLogic
Re: "FedLine Advantage" - 07/16/05 02:47 PM
Quote:
BL - as someone who lives in an area of the country that often sees major flooding due to hurricanes, having this token at a building the employees can't get to does not help me in a disaster recovery mode. In the event the employees can get to another location, without this token card, I'm dead in the water. And, since the Fed, in their infinite wisdom, has said that no user will be permitted 2 cards, I choose the lesser of 2 evils, and will allow, no I will mandate, that users take these token cards home.
Also,as long as you set the bank to dual control, you have less risk.
It would be better if you had a branch workstation set up with FedLine Advantage and kept a token locked up at the branch rather than have employees taking them home. That's been one of my recommendations to the Fed.
Posted By: BankLogic
Re: "FedLine Advantage" - 07/16/05 02:52 PM
Quote:
Have you guys any opinion on the implementation of the Fedline Advantage Program? I've been dissapointed with the whole process. We haven't had any local training seminars or sessions available to us in Boston (that I could find). It pretty much leaves us with trying to learn on our own...
I've heard disappointment with the implementation but the users at banks I'm at really seem to like it. I think it's a good product (although the Fed needs to issue some guidelines)
Posted By: HappyGilmore
Re: "FedLine Advantage" - 07/18/05 06:06 PM
Quote:
It would be better if you had a branch workstation set up with FedLine Advantage and kept a token locked up at the branch rather than have employees taking them home
BL - great idea, except Fed won't issue 2 tokens to one individual. And, since wires are dual control, having only one at a branch won't work. Of course, you could spend $400 to have 2 backup tokens for 2 users at that branch, and then you run the risk of users who never use the system of being responsible in a contingency situation.
Sadly, FRB once again took steps that they thought should be taken, rather than allowing the banks to implement standards based on their own risk assessments.
Posted By: BankLogic
Re: "FedLine Advantage" - 07/19/05 05:33 PM
Quote:
BL - great idea, except Fed won't issue 2 tokens to one individual. And, since wires are dual control, having only one at a branch won't work. Of course, you could spend $400 to have 2 backup tokens for 2 users at that branch, and then you run the risk of users who never use the system of being responsible in a contingency situation.
OK I'm with you on that.... I should've added what you mentioned.
Quote:
Sadly, FRB once again took steps that they thought should be taken, rather than allowing the banks to implement standards based on their own risk assessments.
While I see some disappointment with the implementation and guidance of FedLine Advantage, I think they had to come with the standards.
Posted By: HappyGilmore
Re: "FedLine Advantage" - 07/19/05 05:35 PM
They built it based on their closed operating environment of the Federal Reserve, not the real world of banking. There is a huge difference between the 2.
Posted By: BankLogic
Re: "FedLine Advantage" - 07/20/05 04:16 PM
Happy,
If you mean that the Fed has shrouded some things in secrecy as part of their security, I would agree. And as a huge open source Linux guy, I think if your security is good, you shouldn't be afraid to lay it all out there.
What would you have done different? I've got a document you'd probably love to read. If you want to correspond offline, my e-mail addie is out there.
Posted By: Anonymous
Re: "FedLine Advantage" - 08/02/05 06:46 PM
The Electronic Payments Network (EPN) offers a Windows-based automatted enrollement software package. The package works in a standalone, multi-user or branch environment. A derived return fee of $.50 can add up quickly.
Posted By: Anonymous
Re: "FedLine Advantage" - 08/03/05 12:29 AM
kkl
Posted By: Anonymous
Re: "FedLine Advantage" - 08/03/05 03:46 PM
What is the derived return fee for? I looked on the EPN website and didn't have any luck with finding the software. Does anyone have any other recommendations? One option available thru treasury is to sign up via the phone. The disadvantage here is that the customer has to make the call.
Posted By: Anonymous
Re: "FedLine Advantage" - 09/19/05 02:48 PM
Visit the on-line store on the EPN website under software. The derived return fee of $.50 is for every return generated by using Fedline Advantage system for returns
.
Posted By: Barbl
Re: "FedLine Advantage" - 09/19/05 06:13 PM
We are currently fully into using Fed Advantage for Checks, Cash, ACH - we use another software product for origination & preparing returns - Funds Transfers & Securities. The Learning center section of Fed Advantage is helpful with training although if you had Fedline DOS, things are somewhat similar in Advantage, just a windows environment versus DOS.
Posted By: Anonymous
Re: "FedLine Advantage" - 09/27/05 02:47 AM
There is one vendor I came across at
http://www.ezdd.com that is offering the ability to create ENR files.
Hope this helps.
Susan
Posted By: M.A. Kopan
Re: "FedLine Advantage" - 12/23/05 07:40 PM
I am looking into utilizing FedLine Advantage to perform ACH transactions in the Healthcare industry. MyriadHealth is a new startup that will be processing healthcare claims and doing electronic payments from groups to an intermediary (transfer ) bank and then disburse payments to providers when acknowledgement of transfer is verified. Our system will export the ACH X12 flat file, then we can have the Fedline software do the transfer. We are also using Microsoft BizTalk to orchestrate the processes. Can you give us some additional information on the usage the FedLine Advantage ACH process with this business model application?
Posted By: ETH
Re: "FedLine Advantage" - 12/28/05 08:33 PM
We have been using Fedline Advantage for at least 6 months and we love it! Much easier than the DOS terminal.
Posted By: IamNoBanker
Re: "FedLine Advantage" - 01/16/06 06:18 PM
I actually setup Fedline Adv. for two banks. They seems to like better than DOS. What we did is IP lock down. Basically only selected IP can get onto Fedline Adv website. and setup a camera pointing those workstation
it only looks "good", but can't catch much. And only selected few employee could take the token home, even with remote access (VPN) they still need to be on that selected workstation. of course with dual control all should be well.
best of luck in this crazy world.
Posted By: Doxie Pride
Re: "FedLine Advantage" - 01/24/06 03:51 PM
Has anyone purchased the EZ Direct Deposit product to use for ENR? Seems like a good deal at just $199.
Posted By: IslandBank
Re: "FedLine Advantage" - 06/07/10 04:12 PM
Just wondering if you have ever tested the ability to connect to FedLine remotely (from employee's home)and if it worked. I have an employee who is starting to work offsite via VPN. No matter what we try, it appears impossible to actually login in to FedLine as it appears the system recongnizes the fact that the employee is in fact offsite even though the IP address is internal to the network. The Fed has confirmed that they are aware of this and that no fix exists to their knowledge.
Thank you.
Posted By: HappyGilmore
Re: "FedLine Advantage" - 06/09/10 09:43 PM
we sign in remotely from our DR site 3x a year with no issues. I have signed in from home.
Posted By: Andy_Z
Re: "FedLine Advantage" - 06/10/10 06:02 PM
Posted By: IslandBank
Re: "FedLine Advantage" - 06/14/10 10:10 PM
Do you have a separate VPN to the Fed from your DR site? The Fed is telling us that that's the only way to do this. Any help would be greatly appreciated as each time we try, the token seems to be recognizing that she is not really at that PC. She can launch it but once you get to the pass phrase, the issue always ocurrs.
Posted By: BurntSienna
Re: "FedLine Advantage" - 06/14/10 10:55 PM
My understanding from speaking about this with the Fed in the past is that yes, you would need to have a separate VPN set up from each physical location. So, if you wanted 1) the bank president to be able to access FedLine Advantage from home and you wanted 2) to be able to access FedLine Advantage from your Disaster Backup site and you want 3) to be able to access FedLine Advantage from the bank as usual, you'll need 3 VPN's set up. Part of me can't really believe that there's no other way to do it, but this is what our Fed support guy and our Fed rep told us.
The algorithms used by the Fed to allow/disallow access by token definitely take into consideration the physical location of the user, and the system will for sure "know" that the user is not in the bank.
Somewhere on FedLine Advantage there is a form to submit to make changes to VPN's and locations. You may want to look at that for clues. Good luck!
Posted By: Nicholas
Re: "FedLine Advantage" - 06/22/10 10:05 PM
"Part of me can't really believe that there's no other way to do it, but this is what our Fed support guy and our Fed rep told us."
You would be correct to not believe it.
We just had a mandatory VPN device replacement. You can have your VPN device set up as your FI sees fit. Depending on what option you have in place, and what network settings you choose for your VPN device, you may not need a VPN device at each location; it's entirely possible to have one VPN device that supports all of your FedAdv users from multiple other locations on other network segments. That said, you would still need a second VPN device at your DR location if the intent is to mitigate the loss of the primary VPN.
I completely agree with the argument NOT to allow remote VPN access from a non-bank managed device! including non-FedAdv related work too.
Nick