More than just a managed file transfer (MFT) server, EFT Server™ extends beyond standard MFT servers to allow you to connect with any industry-standard file-transfer client with a robust security architecture for meeting business and regulatory requirements, ensuring that encrypted transactions occur only with the appropriate entities, and that data confidentiality and integrity are preserved during transport and storage. Its modular form makes it affordable by allowing you to purchase just the functionality you need and add more advanced features as your business needs change.
EFT Server is offered in a basic edition and EFT Server Enterprise™. The EFT Server is built on the same code as EFT Server Enterprise, with Enterprise-specific features disabled, but visible so that you can see features that you might want to add later. All module features are available during the trial period for both basic and Enterprise editions and are clearly identified as Enterprise or module features that require licensing and activation separate from the basic edition.
Data Protection and Encryption - EFT Server protects intellectual property, trade secrets, and customer files transferred over the Internet using secure protocols including FTPS (SSL/TLS), SFTP (SSH2), and HTTP/S (SSL).
Guaranteed Delivery and Data Integrity - EFT Server extends the industry standard FTP protocol with strong reliability features, including post transmission integrity verification, mid-file recovery, and automatic restart.
Tracking and Auditing - Secure data delivery requires strong audit trails for tracking and non-repudiation. EFT Server provides industry standard logging (W3C, NCSA, Microsoft IIS Extended), e-mail notification of completed transactions, and digital certificates for proof of identity.
Programmatic Interface - EFT Server can be controlled through its Administrator interface or through its Component Object Model (COM) interface. The COM API is a programmatic interface that lets you control EFT Server from your own custom applications using any COM-enabled programming language.
Accelerated Transfers - EFT Server supports multi-part (segmented) transfers for faster delivery of large files over large geographical distances. Multi-part transfers require the use of compatible clients such as CuteFTP Professional.
Life-Cycle Management - EFT Server helps you quickly and efficiently manage users, temporary accounts, and expired or compromised public-keys or certificates.
Authentication and Authorization - EFT Server supports password, public-key, or one-time-password authentication. User profiles can be managed internally or externally through NTLM, Active Directory (AD), or ODBC data sources.
User and Group Management - Manage system resources including bandwidth, folder access, file types, and more using granular or Site-wide controls provided for user and group management. Visually manage folder permissions via the Windows Explorer-like Virtual File System (VFS). Inherit or override permissions, grant administrative, guest, or anonymous permissions, or deny access altogether. Manage client connections with real-time monitoring and on-the-spot disconnection of users. Administrators can force users to reset their passwords upon initial login, require complex passwords, remove/disable inactive accounts automatically.
Specify SSL ciphers and version levels - EFT Server provides administrators the ability to specify symmetric key cipher(s) and the ordering of those ciphers for establishing SSL sessions. EFT Server validates inbound SSL sessions and allows or denies connections based on specified or approved ciphers.
LDAP authentication functionality
Delegated administration for user-only, Site-only, or Server-only management
ARM support for Oracle database (with optional ARM module; available in EFT Server Enterprise)
DMZ Gateway multi-site configuration (with optional DMZ Gateway)
AS2 support (with optional AS2 module)
HTTPS (Included in the Enterprise edition) - The HTTPS add-on module allows you to set up a secure connection to anyone in minutes using any Web browser. The HTTPS module adds the HTTPS protocol to EFT Server, enabling you to support secure browser-based transfers without having to install a Web server. HTTPS encrypts the session data using the SSL (Secure Socket Layer) protocol, which provides protection from eavesdroppers and man-in-the-middle attacks.
SFTP (Included in the Enterprise edition) - SFTP is a subset of the popular SSH protocol and is a platform independent, secure transfer protocol. SFTP provides a single connection port for easy firewall navigation, password and public key authentication, and strong data encryption, to prevent login, data, and session information from being intercepted and/or modified in transit. The SFTP module enables EFT Server to authenticate and transfer data securely with SFTP-ready FTP clients, such as CuteFTP Professional.
AS2 (Available in EFT Server Enterprise) - The AS2 (Applicability Statement 2) specification supports the exchange of structured business data securely on top of the HTTP or HTTP/S protocol.
OpenPGP - EFT Server employs industry-standard OpenPGP (based on the open source implementation of Pretty Good Privacy) technology to safeguard data at rest. The OpenPGP data encryption or decryption process is directed by Event Rules that specify how data files are treated in a particular context. EFT Server uses OpenPGP to encrypt uploaded data and the off-load capabilities of EFT Server to move the file to another location.
High Security Module (HS) - The High Security (HS) module achieves or exceeds security practices mandated by PCI-DSS, HIPAA, and Sarbanes-Oxley for data transfer, access, and storage. The HS module protects data in transit by enforcing the use of secure protocols, strong ciphers and encryption keys, and maintaining strict password policies. The HS module also includes the following features:
Protect sensitive information. The Federal Information Processing Standard (FIPS) Publication 140-2 specifies the security requirements of cryptographic modules. EFT Server supports operation with the FIPS 140-2 Validated GlobalSCAPE Cryptographic Module (GSCM) for inbound SSL/TLS and certificate generation and the FIPS-certified version of Crypto++ for inbound SFTP (SSH) connections.
Redirect HTTP to HTTPS automatically for secure connections.
Hide or disable non-allowed SSL ciphers, key lengths, anonymous accounts, and so on.
Securely delete or purge a file by writing over the initial data using encrypted and/or pseudorandom data (also known as data wiping).
Auditing and Reporting Module (ARM) - The Auditing and Reporting module captures all of the transactions passing through EFT Server. You can query the data and create/view reports from within EFT Server's Administrator console. A new database is created when upgrading to version 6. (The basic version does not offer support for Oracle databases.)
Web Transfer Client (WTC) - The Web Transfer Client (WTC) deploys automatically upon client connection to EFT Server and can be used by any trading partner using virtually any Web browser that supports Java and DHTML. (Limited to 5 concurrent users in the basic edition.)
Secure Ad Hoc Transfer (SAT) - The Secure Ad Hoc Transfer (SAT) module allows you to exchange files without the problems associated with having to manually create temporary FTP accounts, the size limitations and security issues of regular e-mail, or the time delays and high costs of overnight and physical shipments. (Neither edition is compatible with prior versions of the Secure Ad Hoc Transfer module.)
DMZ Gateway - Used in combination with EFT Server to create a multi-tier security solution for data storage and retrieval. The DMZ Gateway resides at the edge of the network, brokering data between EFT Server residing behind your corporate firewall and your clients in the outside world. (Multiple-Site configuration is only available in Enterprise edition.)
Advanced Workflow Engine - (Available in EFT Server Enterprise) Similar to EFT Server's Commands, EFT Server's Advanced Workflows add additional automation capabilities, allowing you to add scripting and variables to Tasks, then add these reusable Tasks to Event Rules. A Task is a series of steps that can perform file transfers, batch data processing, application testing, and so on, set to run automatically when started by some event.