Home Button Print Button Support Button <---ShowHide
  • Contents
  • Index
  • Glossary
 

Secure Ad Hoc Transfer Module System Requirements and Installation Prerequisites

The Secure Ad Hoc Transfer (SAT) module is supported with EFT SMB and EFT Enterprise v6.5 and later.

SAT was tested with the following applications/systems:

Before installing the SAT module, the following tasks must be completed:

  • Both EFT and IIS must be installed, configured, and running before installing the SAT module. (The installer detects which version of IIS is installed.)

  • If EFT and IIS are not running on the same computer, you must ensure that IIS can reach EFT via the EFT administration port. By default, the administration port is set to 1100.

  • IIS and .NET Framework must be installed, configured, and running before installing the SAT module.

  • Before installing the SAT module, you should have the following information available:

    • The EFT "server role" administrator account user name and password

    • The EFT IP address and administration port number. (By default, the administration port is set to 1100.)

    • The SMTP server IP address and port number and authentication credentials, if required

    • A SAT module activation serial number (unless installing as a trial)

  • The following settings should be configured in EFT before installing the SAT module:

    • Define a Site that uses Globalscape authentication or ODBC authentication. If SAT is connecting to an AD or LDAP Site, it cannot create temporary users.

    • Enable remote administration in EFT.

    • Enable the HTTPS protocol in EFT at the Site level.

    • Temporarily disable password complexity for administrator accounts during the SAT installation. After SAT installation is complete, generate a new password for SAT, then update the password via the SAT administration page. If you are using EFT's High Security module and the SAT module, you should create a separate, non-PCI DSS Site that is used only for the SAT module. Or you can disable the features on the PCI DSS Site that are not compatible (e.g., administrator password expiration and forced reset), but doing so would take the Site out of compliance with the PCI DSS.

To test the connection

  1. On the IIS server, open a command prompt.

  2. Type telnet <IP_address> <port_number> then press ENTER. For example type:

telnet 192.168.20.123 1100

If EFT is not reachable, the Telnet response is Connect failed.

Secure Ad Hoc Transfer Deployment Methods

The Secure Ad Hoc Transfer (SAT) Module is installed on the IIS server computer. The IIS server computer can be on the same server computer where EFT is running, or on a separate computer.

Common Deployment Methods

  • Place IIS with SAT inside your network. Access to the SAT interface is limited to internal users who can exchange files with external users.

  • Place IIS with SAT in the DMZ. Access to the SAT Web interface is available to external users who can exchange files with internal users or other external users. Globalscape recommends against placing the IIS server with SAT in the DMZ to prevent possible misuse of the SAT module as a mail relay.

The architectural diagram below demonstrates this setup with EFT and IIS both on separate boxes. It also assumes the use of the DMZ Gateway; without it, you would need to configure the solution differently, so that recipients can reach EFT.

  1. The sender, inside your network, connects to the web page provided by IIS running the Secure Ad Hoc Transfer module page.

  2. Secure Ad Hoc Transfer on IIS then offloads the file to EFT, creates a notification message, and sends that directly to the recipient through your SMTP server.

  3. The recipient connects using the link-back https hyperlink to EFT to download the available files and, if applicable, uploads files back to EFT for later pick-up by the originator (sender).

Related Topics

BEFORE Installing the SAT Module with IIS7

Installing Secure Ad Hoc Transfer

Configuring SAT on Windows 2012 with IIS8