GlobalSCAPE® EFT Server™ version 6 combines the robust security features and extensibility of EFT Server with the simplicity and ease of use of Secure FTP Server. EFT Server is offered in a basic and an Enterprise edition, with modules available so that you can extend EFT Server's functionality as you need it. Certain features are available only in EFT Server Enterprise and/or only with the modules. Refer to EFT Server Feature Comparison for a detailed list of the different features available in the basic and Enterprise editions and each of the modules.
If you are upgrading from EFT Server version 5 or Secure FTP Server version 3, also review the list of features and enhancements below that were added in EFT Server 6.0.
Version 6.1 of EFT Server and EFT Server Enterprise continues the trend of improving security, making the interface easier to use, and enhancing automation, reporting, and tracking capabilities.
Create and administer SSH keys in ssh.com or OpenSSH output format.
Comply with Federal Standards with extended FIPS support for SSH outbound connections.
Control how account login credentials are sent to users: send the username and password in the same e-mail or in separate e-mails, or only send the username.
Automatically populate the e-mail address in the Change Password dialog box if present in the User Account Details dialog box; subadministrator accounts cannot override the populated address. If the e-mail address is not defined in the User Account Details dialog box, the address typed in the Change Password dialog box will update the User Account Details dialog box.
The Change Password function supports user principal and common names (AD/LDAP).
Validation of the e-mail address in the User Account Details dialog box correct format and content.
Monitor Folders across network shares/forests in Active Directory.
Login with a bare username in an Active Directory cross-domain setup (on Sites using Active Directory authentication).
Improved support for Active Directory foreign domain users and groups.
Administrators can unlock a user account that has been temporarily locked out of the Server due to invalid login attempts. Locked out (not disabled) users are visible in tree and the Status tab indicates the length of time the user will remain locked out.
Updated context variables %FS.PATH%, %FS.FILE_NAME%, and %FS.FOLDER_NAME% in Move Actions to match the new file location.
More easily install or upgrade EFT Server in a cluster.
Request to extend the trial of EFT Server if a 30-day evaluation is not enough.
Added numerous new and removed deprecated methods and properties in the COM API.
Improved OpenPGP support of ASCII Armored file format for data files
Extensive and configurable text-file logging to assist Customer Support
Clear Command Channel and Clear Data Channel support for FTPS
Status tab provides upload and download speed for SFTP connections
EFT Server administrator password length can now be up to 99 characters
Event Rule client transfers now function through ISA and SQUID proxies, and supports multi-part POST uploads
HTML Listing and Upload page (also known as the Plain Text Client) changes:
Allows accented characters in folder and file names, depending on the code page.
Hide the Change Password button if the user account does not have permission to change the password.
Upgraded libraries to provide better performance when listing folders that contain thousands of files and subfolders.
AS2 module changes:
EFT Server now accepts inbound AS2 transactions that are using Message Level Security (MLS).
AS2 transaction report shows the headers in the transaction
Can now configure inbound only or outbound only AS2 partners.
Auditing and Reporting module (ARM) changes:
Improved the installer for detailed configuration depending on database type.
Advanced Workflow names are audited for use in Event Rule reports.
Choose between SQL and Windows authentication for EFT Server’s database connection.
Advanced Workflow changes:
Added ability to import Advanced Workflows within the Administrator interface.
AWE workflow names appear in ARM reports
Web Transfer Client (WTC) changes:
Hides the Change Password button if the user account does not have permission to change the password.
Set a registry key to determine the number of times WTC will try to send a file.
Allows the Euro symbol and other accented characters in folder and file names. (Per ISO-8859-15 for URI encoding/decoding.)
Displays an error messages if the folder/file path exceeds the Windows limits.
Displays an error message if you try to rename a file with invalid characters, such as a question mark.
Saves the proxy's NTLM credentials to a cookie and reads from the cookie on the local computer.
Allows you to transfer files by clicking and dragging the files from one pane to the other.
Secure Ad Hoc Transfer (SAT) version 2.1 changes:
Prevents "spoofing" by forcing the From address to the address in Active Directory before sending the message (when authenticating using AD Authentication for the sender).
Logs the IP address of the sender to the auditing database and will appear in the ARM SAT reports.
Verifies whether prerequisite applications are installed (IIS version and .NET version) and configuration/IIS role settings are correct before continuing.
Detects whether IIS 7 is installed and, if it is, extends the maxAllowedContentLength value in IIS's ApplicationHost.config file to 2 GB.
Added a label to the SendMail form to remind users that they can only send files up to 2 GB (unless SAT is installed on the same computer as EFT Server).
Supports semicolon delimiter for multiple e-mail send addresses.
If you are upgrading from EFT Server version 5 or Secure FTP Server version 3, review the following list of features/enhancements that were added in EFT Server 6.0.
x64 OS support - EFT Server and EFT Server Enterprise are supported on Windows 2003 and 2008 64-bit operating systems (in addition to Windows 32-bit operating systems). For a full list of requirements, refer to System Requirements.
Trial version support - As in prior versions, all functionality and modules are available during the trial; in EFT Server 6, you do not have to register the trial version. It is ready to use as soon as it is installed. The trial allows you to install, configure, and test EFT Server on a development system so that you can determine which modules and features you will need to purchase for your production system. Purchasing add-on features and modules requires no further installation. The features/modules are activated depending on the license that you use to activate the product. Adding new features later only requires that you purchase a new license to activate that feature in the product.
Installation Wizard - EFT Server's improved installation wizard is used to install EFT Server, the Administrator Interface, DMZ Gateway, Secure Ad Hoc Transfer, the Auditing and Reporting database, and each of the other modules. The wizard can walk you through configuring auditing and reporting on your existing SQL or Oracle database (Oracle connectivity is available in EFT Server Enterprise), upgrading an existing EFT Server Auditing and Reporting database, or installing a new database with SQL Server Express. The wizard detects whether previous installations exist, and allows you to create a new, fresh installation in a different location, or upgrade your existing installation. (Refer to Upgrading the Software for details of available upgrade paths.)
Migration wizard - When you are ready to move EFT Server from development to production, in EFT Server Enterprise edition you can use the Migration wizard to gather the necessary files, then package them into one easy-to-transport file. The wizard can recreate the entire folder structure and settings automatically or you can run it in manual mode and verify every setting as you step through the wizard. The wizard can also be used for routine backups or backing up in preparation for major changes or for disaster recovery. A Backup Server Configuration Rule is created and enabled by default when EFT Server Enterprise is installed. This rule automatically backs up EFT Server's configuration every day at midnight, saves the .bak archive to C:\Documents and Settings\All Users\Application Data\EFT Server Enterprise\Backup, and then cleans up any .bak files older than 30 days. The location and cleanup schedule are editable and you can disable the rule if you prefer to backup manually.
Administrator Interface - EFT Server's Administrator Interface has been reorganized and updated.
Every dialog box, tab, and wizard overhauled
Exposes various existing real-time statistics to Administrator interface main pages and added new statistics.
Indicates % disk space used in disk quota management
Remembers last VFS folder selected while navigating EFT Server
Provides ability to create and display ultra long group names
Exposes HTTP error messages so they can be edited
Exposes login credentials and expiration e-mail messages so they can be edited
Writes to Windows event log when Web Transfer Client connections exceed available licenses
Multiple prompts added/removed/updated to prevent destructive behavior
Updated complex password creation so that non-alpha chars are not used
E-mail notification dialog overhauled; browser for users using quick search function
Multiple interface enhancements to the Web Transfer Client
FIPS-Certified Libraries - EFT Server's High Security module provides FIPS-certified libraries for SSH and SSL connections. EFT Server 6 with the HS module allows you to turn on/off FIPS modes. If you already have Secure FTP Server - FIPS, you can upgrade for free to EFT Server (base) with the HS module to provide the same, but improved, functionality.
Server Administrators - A new administrator role, User Administrator, has all of the privileges of the Change Password administrator, but can also create new users. The User Administrator is not allowed to see or edit Settings Templates, but is able to change passwords, disable users, or create more users.
Default Paths - You can now change the default location of EFT Server's configuration file.
Default Server messages - You can configure default Server messages for the password reset reminder/required messages and the user login credentials message.
Server local time - EFT Server provides the option to switch between UTC/GMT and local server time for the timestamps returned for FTP/S and HTTP/S directory listings.
Home Folder - The Create New User wizard now permits the designation of a home folder other than the one inherited, including variable support for dynamically named home folders.
User Disk Quota - The user Disk Quota fields now show quota values in megabytes and a percentage value for disk space free/remaining.
SQL Server Express - EFT Server now comes packaged with SQL Server express for development testing. It is recommended that you connect to a SQL Server or Oracle database for production. (Oracle connectivity is available in EFT Server Enterprise.)
Oracle database connectivity - EFT Server Enterprise can audit to an Oracle database in addition to SQL.
Custom Commands - You can now create custom Commands "on the fly" from within Event Rules, and you can select variables to use in the Command from within an Execute Command dialog box.
Event Rule Download and Copy/Move Action wizards - New wizards for defining the Download Action and the Copy/Move Action in Event Rules take the guesswork out of defining these very complex Actions. The Download Action is now available with more Event triggers. The destination folder can now be within the VFS or anywhere on the physical system or network drive.
Event Rule Builder interface updates - The Event Rule Builder interface is updated with intuitive icons, informational prompts, and logic to prevent errors such as infinite loops.
Send E-mail Action Address Browser - The E-mail Action template now has To, Cc, Bcc buttons that launch a Select Names dialog box to display, search, and select from all names and e-mail address pairs stored on EFT Server. You can also override the From value and send to multiple To recipients.
Auditing of Administrator Changes - All changes to EFT Server made by any administrators are now fully audited to the Auditing and Reporting database. A new report displays administrator activities.
Secure Ad Hoc Transfer Module Reports - The Auditing and Reporting Module now provides 5 new reports of SAT module events. Refer to Descriptions of Preconfigured Reports for details.
New OpenPGP library - With a new OpenPGP library, EFT Server allows you to view/edit more PGP options, including:
Signing options (same file, same file ASCII armored, separate file, separate file ASCII armored)
Hashing algorithm used for signing
Creation of Self Decrypting Archives
Compression on/off and levels
Debug log on/off and levels
Choice of cipher during key creation
Key type, including RSA Legacy
SFTP OpenSSH - An updated SSH library now supports import and creation of OpenSSH style keys, key generation, and display of EFT Server’s public key.
Ban IP address on invalid account - EFT Server improves on prior logic for connecting clients to count invalid login attempts when a non-existing username is provided.
Advanced Workflow Engine - The Advanced Workflow Engine extends the capabilities of EFT Server Enterprise Event Rules to perform complex actions automatically when a specific event occurs. You can use Automated Workflows to design scripts, batch files, macros, or any other code-intensive process using an easy drag-and-drop interface.
DMZ Gateway Multiple Site - DMZ Gateway is now available (with EFT Server Enterprise only) in a multiple-Site version, allowing you to configure DMZ Gateway Enterprise to listen at the same IP address to one or more Sites on EFT Server. (Refer to the DMZ Gateway documentation for more about what's new in DMZ Gateway.)
PCI DSS 1.2 Support - EFT Server’s High Security Module (HSM) has been updated to comply with the latest Payment Card Industry Data Security Standard version 1.2, including a change that affected requirements 8.5.5 (disable/removal of inactive accounts), 8.5.11 (password complexity), and 8.4 (one-way hashes based on strong cryptography), affecting the creation of SSL certificate signatures to use SHA-1 instead of the MD5 hashing algorithm. Refer to PCI DSS Requirements for details.
Plain HTTP Interface Updated and Customizable - The HTML Listing and Upload form is updated to support column view, graphical images for actions, and file listing. The page is user-modifiable, facilitating branding to your corporate look and feel.
General Changes - Multiple AS2 usability and bug fixes, backwards compatibility with Secure FTP Server 3 and EFT Server 5 versions (easily upgrade from either version to EFT 6); password reset and password complexity are now part of the core Server feature set.