EFT™ 2013 Standard and Enterprise Feature Comparison

Globalscape EFT™ 2013 is available in a small-to-medium business Standard Edition and an Enterprise Edition. Each edition is built on the same foundation and offers similar core functionality to enable organizations to receive files from business partners or end users over a variety of Internet standard protocols, such as FTP/S, SFTP, and HTTP/S. Add-on modules are available to both products that extend auditing from simple flat-file logging to database driven auditing and customizable reports; provide advanced security controls typically needed by organizations that must comply with security standards such as PCI DSS, HIPAA, or SoX; facilitate ad hoc provisioning of users; and provide a richer experience when transferring data over a web browser.

During the evaluation period, all functionality is enabled and visible in the EFT administration interface. After the trial expires, the functions and modules that are enabled and visible depend on the license purchased. (EFT's Web Services interface, Oracle support, AWE, and AS2 are available only in the Enterprise edition.)

The tables below compare the features available in each edition. Certain features require the activation of one or more of the following modules, as indicated by one or more superscript numbers after "Optional." For example, "Optional, 6,7" indicates that the feature requires the High Security module (6) and the Auditing and Reporting module (7).

  1. SFTP module (included in EFT Enterprise)

  2. HTTP/S  module (included in EFT Enterprise)

  3. OpenPGP Encryption/Decryption module

  4. Mail Express ad hoc transfer

  5. Web Transfer Client (Requires HTTP/S module; the basic edition is limited to maximum of 5 concurrent users)

  6. High Security module (Requires ARM)

  7. Auditing and Reporting (ARM)  (Oracle support available in EFT Enterprise only)

  8. DMZ Gateway (Outbound proxy support in EFT Enterprise only)

  9. AS2 Module (Available in EFT Enterprise only; requires ARM module)

  10. Advanced Workflow Engine (AWE module) (Available in EFT Enterprise only)

  11. Secure Mobile Access (SMA) module

  12. Business Activity Monitoring (BAM) dashboard

Feature

Standard

Enterprise

Protocols (Inbound Listeners)

 

FTP/S (File Transfer Protocol / Secure) - still used for communications with legacy systems.

Included

Included

 

 

SSL/TLS - secure FTP communications

Included

Included

 

 

SSL key manager - manage, import, export, and create SSL certificates

Included

Included

 

 

SSL Config - specify ciphers and versions allowed (SSL v2, v3, and TLS v1)

Included

Included

 

 

Checkpoint restart - resume interrupted transfers

Included

Included

 

 

Compression - inline  compression of ASCII files

Included

Included

 

 

Acceleration - reduce transfer time over poor connections

Included

Included

 

 

Verification - guarantee integrity by comparing checksums

Included

Included

 

 

Command blocking - prevent unwanted behavior

Included

Included

 

 

S-key OTP - One-time-password scheme for plain-text FTP

Included

Included

 

 

PASV port range - facilitate FTP connections behind network firewalls

Included

Included

 

 

EBCDIC  - Used for communicating with legacy systems

Included

Included

 

 

UTF-8 - Transfer Unicode filenames over FTP

Included

Included

 

 

Session tools - Real-time session monitoring

Included

Included

 

 

Customizable - Modify various FTP banners to suit your specific needs

Included

Included

 

 

FIPS - FIPS 140-2 certified SSH cryptographic module 

Optional, 6

Included

 

SFTP (SSH2). The secure alternative to FTP, especially for system-to-system transfers.

Optional, 1

Included

 

 

Key manager - manage, import, export, and create SSH key pairs

Optional, 1

Included

 

 

Key types - OpenSSH and SSH.COM (SECSH format) supported

Optional, 1

Included

 

 

Authentication - Any combination of password and/or public key

Optional, 1

Included

 

 

Strong ciphers - 256-bit Twofish, 256-bit AES CBC, and 256-bit AES CTR mode

Optional, 1

Included

 

 

Configurable SSH-protoversion-softwareversion - lower attack footprint

Optional, 1

Included

 

 

FIPS - FIPS 140-2 certified SSH cryptographic module 

Optional, 1,6

Included

 

HTTP/S (Hyper Text Transfer Protocol / Secure) - Ideal for interactive person-to-system transfers

Optional, 2

Included

 

 

Customizable landing portal - Login page can be branded

Optional, 2

Included

 

 

Form-based auth - sessions are managed securely by the server

Optional, 2

Included

 

 

Basic-auth - standard browser authentication (fallback auth mechanism)

Optional, 2

Included

 

 

Session management in accordance with OWASP guidelines

Optional, 2

Included

 

 

Password reset in accordance with OWASP guidelines

Optional, 2

Included

 

 

Lost username retrieval in accordance with OWASP guidelines

Optional, 2

Included

 

 

SSO - using Integrated Windows Authentication (IWA) 

Optional, 2

Included

 

 

HTTP->HTTPS auto-redirect - increased security through implicit redirection of non-secure connections

Optional, 2, 6

Optional, 6

 

 

Web client - Optional Java applet adds a rich set of features compared to script-driven HTTP/S transfers

Optional, 2,5

Optional, 5

 

AS2 (Applicability Statement 2) - used for transmission of EDI documents

N/A

Optional, 9

 

 

Multi-directional - service inbound and initiate outbound AS2 transactions

N/A

Optional, 9

 

 

Drummond certified - 3rd-party certified equals superior interoperability.

N/A

Optional, 9

 

 

Message Level Security (MLS) - certificate-based authentication

N/A

Optional, 9

 

 

Reliability Profile - AS2 extension that increases interoperability

N/A

Optional, 9

 

 

Multiple Attachments (MA) Profile - AS2 extension that facilitates multiple concurrent transactions

N/A

Optional, 9

Authentication (Access Controls)

 

Native - (proprietary) authentication (EFT-managed authentication)

Included

Included

 

Active Directory (AD) authentication

Included

Included

 

ODBC - leverage any ODBC data source for user authentication

Included

Included

 

NTLM - authenticate local system accounts (Choose "Windows AD Authentication" when creating the Site.)

Included

Included

 

LDAP - authenticate against LDAP sources, including AD

N/A

Included

 

RADIUS - often used as a two-factor authentication source

N/A

Included

 

RSA SecurID® - 3rd-party access manager that provides two-factor authentication

N/A

Included

 

CAC - Common Access Card authentication 

N/A

Optional, 6

Authorization (Resource Controls)

 

AD Impersonation - leverage Active Directory ACLs

Included

Included

 

Permissions - set folder level permissions or inherit from parent

Included

Included

 

Permission groups - assign users to permission groups or templates

Included

Included

 

Virtual folders - map virtual to physical folders including networks hares

Included

Included

 

Home folders - designate a home folder and optionally make it the user's root folder

Included

Included

 

Set limits - number of logins, connections,  file sizes, transfer speeds, disk quotas

Included

Included

Security 

 

Invalid passwords -  controls to auto-lockout, disable, or ban IP

Included

Included

 

Invalid account names - controls to auto-ban offender IP

Included

Included

 

DoS detection - controls to temporarily or permanently ban suspect IPs 

Included

Included

 

IP access rules - full featured IP access rule manager

Included

Included

 

Banned file types - prevent upload of unwanted file types

Included

Included

 

Monitor and kick offending users from the server

Included

Included

 

Password complexity - configure a large number of complexity options

Included

Included

 

Password reset - user-initiated or on initial login

Included

Included

 

Password reuse - disallow historical (previously used) passwords

Included

Included

 

Expire accounts - disable account on a given date

Included

Included

 

Expire inactive accounts - disable or remove account after N days of inactivity

Optional, 6

Included

 

Expire passwords - expire passwords after N days

Optional, 6

Optional, 6

 

Expiration reminder - email user reminder to change their password

Optional, 6

Optional, 6

 

Data sanitization - securely clean deleted data using military grade wiping

Optional, 6

Optional, 6

 

EFS - encrypt data at rest using Windows' Streaming repository encryption (EFS)

Optional, 6

Optional, 6

 

PGP - use OpenPGP to encrypt, sign, and decrypt data

Optional, 3

Optional, 3

 

PCI DSS monitor - actively monitor and alert on violations (PCI DSS v2.0)

Optional, 6,7

Optional, 6,7

 

PCI DSS report - generate a compliance with a single mouse click

Optional, 6,7

Optional, 6,7

 

PCI DSS compensating controls (CCs) - capture and report admin-provided CCs

Optional, 6,7

Optional, 6,7

 

PCI DSS setup wizard - walkthrough configuration with PCI DSS in mind

Optional, 6,7

Optional, 6,7

 

DMZ Gateway - securely proxy transfers through the DMZ

Optional, 8

Optional, 8

Administration

 

Silent installation - unattended setup

Included

Included

 

Administrator GUI - Windows based Graphical User Interface (GUI)

Included

Included

 

Remote administration - administer from other systems in the network

Included

Included

 

Secure remote administration - SSL encrypted administration communications

Included

Included

 

Multiple administrators - allow concurrent administration

Included

Included

 

Secure administration - same password complexity options available for admins

Included

Included

 

Flexible authentication - leverage native, NTLM, or AD to authenticate administrators

Optional, 6

Optional, 6

 

COM API - programmatic administration

N/A

Included

 

Delegated administration - role based administrator accounts with granular permissions

N/A

Included

 

Backup and Restore - one-click backup and easy restore of entire configuration

N/A

Included

 

Batch account management - perform actions to multiple accounts simultaneously

N/A

Included

 

Forensics - audit and report on all administrator activity and changes

N/A

Optional, 6,7

Auditing and Visibility

 

Logging - flat file log in W3C and other formats

Included

Included

 

Monitor inbound transfers in real time

Optional, 7

Included

 

Audit to SQL - audit transactions to a SQL database

Optional, 7

Optional, 7

 

View reports - choose from pre-built or build your own

Optional, 7

Optional, 7

 

Audit to Oracle - audit transactions to an Oracle database

N/A

Optional, 7

 

Monitor outbound transfers in real time

N/A

Included

 

Business Activity Monitoring (BAM) - real-time visibility, dashboarding, and analytics

N/A

Optional, 12

Automation (Integration with Back End Systems)

 

React to stimuli - trigger workflows based on file uploads and other server events

Included

Included

 

Send email to users or administrators as part of a workflow

Included

Included

 

Execute a process including scripts as part of a workflow

Included

Included

 

Context variables - use transaction values inside of workflows

Included

Included

 

Hot folders - trigger workflows when files arrive in a monitored folder

N/A

Included

 

Scheduled events - trigger workflows on a recurring basis

N/A

Included

 

Web Services - trigger workflows using WS calls

N/A

Included

 

Conditional logic - build fine-grained business logic into workflows

N/A

Included

 

Clean up - securely clean target folders from within a workflow

N/A

Included

 

Offload and download - push or pull files to remote servers as part of a workflow

N/A

Included

 

Advanced workflows - tap into the Advanced Workflow Engine to build sophisticated workflows

N/A

Optional, 10

Ad Hoc (person-to-person file transfer)

 

Ad hoc file transfer - secure file transfer available either via Outlook Add-in or web interface

Optional, 4

Optional, 4

 

Two-way file sharing - recipients provided with multiple methods to send files back

Optional, 4

Optional, 4

 

Receipt notification - email notification when files are picked up by the recipient

Optional, 4

Optional, 4

 

Pick-up authentication - recipients can be required to verify their identity before downloading files

Optional, 4

Optional, 4

 

Full file tracking - Users and admins can view complete history of files sent and received

Optional, 4

Optional, 4

 

Centralized policy controls - administrator can enforce varying levels of required usage policies

Optional, 4

Optional, 4

 

Active directory authentication - authentication internal users using AD

Optional, 4

Optional, 4

 

Integration with EFT - monitor all Mail Express file transfer activity from EFT

Optional, 4

Optional, 4

 

Complete customization - easily customize all Mail Express web interface

Optional, 4

Optional, 4

Architecture

 

IPv6 - Full dual stack (IPv4/6 mixed) support

Included

Included

 

Virtual - Run on virtual machines, e.g. VMware and Hyper-V

Included

Included

 

Unicode - UTF-8 encoding of filenames and other fields where applicable

Included

Included

 

IDN - Internationalized domain name support

Included

Included

 

I/O Completion Ports - Technology that allows for tremendous performance on Windows systems

Included

Included

 

Active-passive clustering - Failover for high availability

N/A

Included

 

Saas - Managed and hosted versions available

N/A

Included

 

Logo certified - Windows Server 2008 and 2012 Logo Certified

N/A

Included