EFT v. 7.4.2 Is Now Available With New High Availability, File Sharing and AWS Functionality

EFT v. 7.4.2 Is Now Available

With New High Availability, File Sharing and AWS Functionality

This version of EFT has been designed to reinforce support for our customers who use EFT to move their most important files and data. From support for on-premises deployments to those moving to the cloud, we continue to make EFT more powerful and more user friendly.

We’ve made the following additions in EFT v7.4.2: 

•       Enhanced Support for Active-Active High Availability Clustering Deployments –Tier 1 applications requiring complicated HA systems are often time consuming and difficult to maintain. In the latest version of EFT, we’ve implemented features and functionality designed to make the maintenance and operation of these complex and mission-critical systems even easier.

o      Server Drain Functionality -- The new server drain functionality in EFT allows admins to manually “drain” file transfers, which causes EFT to wait until current transfers and event rules are complete before restarting or shutting down, thus decreasing the occurrence of partial file transfers and processes. Setting EFT to automatically drain transfers helps keep all nodes of a cluster in sync.

o      Unicast Transmission -- We’ve added support for unicast transmission to aid communication between cluster nodes along with our current multicast transmission method. Unicast is an alternative for use in situations where multicast is not available.

•       Additional Support for Person-to-Person File Sharing – We’ve continued to enhance support for transactional file sharing in the Workspaces module. This release includes support for a pick-up and a drop-off portal. The drop-off portal provides an easy method for external partners and customers to send large files securely to users within an organization. An enhanced pick-up portal allows users to retrieve files and reply to senders.

•       New Auto-Scaling Capabilities in Amazon Web Services - With support for high availability auto-scaling in AWS, EFT can "scale up" to accommodate bursts of traffic and then scale down once peak traffic has past. This provides organizations with big savings in resources and provides crucial load balancing and disaster resource tools.

Managed File Transfer for the Enterprise

 

EFT™ from Globalscape® is an advanced, powerful managed file transfer (MFT) solution that replaces insecure legacy FTP servers, inflexible and haphazard home-grown file transfer systems, slow physical shipment of data, and expensive leased lines and VANs.

 

Merge or Replace Legacy File Transfer Systems

 

Managing multiple systems costs a lot of time and money. EFT is a full-service MFT solution that replaces inefficient, outdated, and insecure file transfer and data management systems. EFT provides secure file sharing and mobile access solutions to give flexibility to employees, customers, and partners—and gives you control of data security.

 

 

Track File Movement from Beginning to End

 

Enterprise data management is not just about security. By understanding how data moves around in your organization, you can identify issues with your file transfer processes and make your business more efficient. Our Enhanced File Transfer™ (EFT™) is designed to give you unparalleled visibility across every aspect of managed file transfer, with a real-time status viewer and a reporting module that combines granular detail with remarkable ease of use.

 

 

Scale Your Managed File Transfer Solution as Your Business Grows

 

Adapt to increasing business demands with a scalable managed file transfer solution. From small businesses to large corporations, there is an Enhanced File Transfer™ (EFT™) configuration perfect for you. EFT has basic capabilities perfect for the small business owner who needs enterprise file transfer software, and, for the large enterprise, EFT has military-grade security along with amazing load capacity and high availability. No matter which version you start with, you can customize your solution with our modules to provide protection for PCI DSS, process files thorough antivirus and data loss prevention tools, auditing and reporting, and more.

 

 

 

 

Automate Workflows and Integrate Systems

 

With file transfer software at the center of so many business-critical processes, security is only the first aspect of a much greater IT concern. When information consumers in your organization rely on manual and intermittent batch processes to deliver the data they need, day-to-day productivity becomes dangerously vulnerable to manpower limitations, vacations, turn-over, and simple human error. Globalscape’s secure file transfer solutions offer workflow management capabilities that ease the burden on your team, enabling IT to focus on high priority initiatives rather than daily maintenance.

 

 

Meet Compliance Mandates for Managed File Transfer Systems

 

Our Enhanced File Transfer™ (EFT™) software ensures the highest levels of compliance with government and corporate security policies and privacy regulations, such as PCI DSS, FIPS-140-2, HIPAA, and SOX. Globalscape’s flexible platform allows you to customize an MFT solution with modules that meet your specific requirements. Whether your business is obligated to comply or you simply desire the utmost in security standards, EFT can help you secure data transfers, access, and storage.

 

 

Secure Your File Transfers

 

 

 

Our Enhanced File Transfer™ (EFT™) software enables your organization to securely manage file transfers among worldwide offices, clients, and partners using industry-standard Internet protocols such as HTTP, HTTPS, FTP, FTPS, SFTP, and AS2. EFT is the managed file transfer solution used and trusted by the U.S. Army, Fortune 100 companies, and small to large businesses around the world. With the EFT modular structure, you purchase just the functionality you need, making secure file transfer scalable and affordable.

 

 

Securely Access Your Data on any Device Without the Cloud

 

You don’t have to be forced to use a cloud-based file storage solution. Our MFT software lets businesses retain control over their information while giving employees and partners the flexibility to access the information they need, when and where they need it. Businesses benefit from having a centralized location for secure file access on EFT, without needing to upload/sync files with cloud servers or pay for additional cloud storage.

 

 

Compare Editions

 

EFT is offered in six different bundles or "tiers," as described below. The tiers are organized to meet the needs of small, medium, and enterprise businesses. You are not locked in to these specific groupings. For example, if SMB Tier 2 would meet all of your needs, but you also need a secure proxy server in the DMZ, you can add DMZ Gateway. Anything marked "Optional" in the table is available to add to your bundle.

7.4.2 Release Notes

Additions:

EFT Enterprise and SMB:

Added template for password reset confirmation email that is sent when user is unauthorized to reset password

Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.

Auditing and Reporting Module (ARM):

Add new option in EFT to log TED6 logs to the new table - default new option to false/off

COM Interface:

Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

New COM APIs for Drop-Off controls

High Availability (HA):

Added support for Autoscaling in AWS

Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast

Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time

Logging:

Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

Protocols - FTP/S:

Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

Protocols - SFTP:

Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

Added diffie-hellman-group-exchange-sha256 KEX

Added ability to select SFTP KEX algorithms through GUI and COM

SMTP:

Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

Web Interfaces – General:

Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)

Workspaces:

Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

Added administrative option to place newly invited Workspace participants in specific settings template

Drop-Off:

Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile

Reply Portal:

Users can now reply to a message from Send/Drop-Off

Enhancements:

EFT Enterprise and SMB:

PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

Now able to login with Admin accounts in AD Universal group in child domains

EFT Enterprise only:

Configuration Restore dialog has been updated. Backup must be generated from EFT 7.3.3 or higher.

Administrator Interface (AI):

Find/Search in EFT doesn't search connection profiles

Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

More clearly show the configuration state and current flag value of change password on first login

Clarified user Password Expiration, Reminder, and Notification Options

Installation:

On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.

Protocols - General:

Improved responsiveness when browsing directories containing many subfolders.

Secure Ad-hoc Transfer (SAT):

Removed SAT install files from EFT 7.4 Installer

Web Interfaces – Web Transfer Client (HTML5):

Updated Jument webclient to version 1.4.0 build 4

Updated French translation

Update French translation for word "Language"

Web Interfaces – Light Text Client (LTC):

Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces

Updated Workspace Invitation Subject line to "You've been added to a workspace"

On upgrade from 7.2.x, Workspace notifications should be disabled

Where possible, Workspace owner’s full name is used for WS invites instead of their login name

Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them

New participant of a workspace now lands to that particular shared folder and not at the home page of WTC

Workspace owner can now add additional participant(s) to a private workspace

Fixes:

EFT Enterprise and SMB:

Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

EFT Password email reminders with AD Site did not trigger

When changing password for user through Admin GUI, force password option was being automatically enabled

EFT forcing users to change their password upon first log in

Renaming folders in VFS causes a loading indicator

EFT Standalone: User's last time connected was only being updated once per day

Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant

EFT Enterprise only:

During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed

EFT SMB only:

Event Rules were not grayed out on SMB with no add on modules activated

Reference to Enterprise only features were available in EFT SMB reports

Administrator Interface (AI):

Resolved EFT Admin GUI crash after using the send Email test button

Settings Templates was no longer sorted alphabetically as of 7.3.3.21

Admin GUI did not retain setting for Password Expiration at user level

When changing password in admin interface, force password option was automatically checked

When modifying password expiration "Remind" option Apply button was greyed out.

Settings Template options did not properly display inherited options

LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.

AS2

Potential for AS2 settings to be removed after to 7.3.3.21

Auditing and Reporting Module (ARM):

Report is missing filters (Traffic - Protocolwise Connections (Summary)

Executive Summary Report data was being truncated

The text "hmtest" appeared in Event Rules Detailed report after the Description:

Admin Action report Change Originator column was being truncated

Authentication - General:

Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

Corrected scenario where certain user accounts were not able to authenticate if the account was renamed

Authentication - LDAP:

Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21

Custom password change responses were not working for LDAP sites

COM Interface:

"IsFolderVirtual" COM method was no longer functioning in 7.3.5

Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

ICISite::SetWorkspace failed with MX error 7

Custom Command:

Custom Command default execution timeout for newly created Custom Commands should be 30 seconds

Event Rules:

User Account Disabled Rule did not function after upgrade to 7.3.3.21

Event Rule using FAST protocol to Download Files would fail if connection profile was used

Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

Corrected scenario of being unable to import Event Rules caused by unexpected config values

High Availability (HA):

Event rules with comma character ',' in event rule name would fail when load balanced

When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

Installation:

Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"

Logging:

Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

SSL/TLS logging for FTPS connections was not working

Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE

OpenPGP:

Addressed potential scenario of new PGP key not displaying correct expiration date

Protocols - FTP/S:

EFT responded to a quit command with an additional 0d 0a after version 7

Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file

SMTP:

Trailing spaces in SMTP host address would not resolve the address

User Credentials email had an erroneous = at end of username

Email notification for credentials contained an erroneous trailing =

Web Interfaces – General:

Forgot password in WTC didn’t work if 2+ users shared an email address

Web Interfaces – Web Transfer Client (HTML5):

WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled

WTC was not displaying password expiration reminder on login

While uploading a large file, occasionally received errors when trying to create folders or workspaces

Join with Smartcard button was improperly visible when connecting to CAC enabled site

Download button did not function the Max transfer speed option was enabled at the site level

Workspaces – Web Client

Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal

Resolved issue of being unable to send files from the iFrame

Workspaces – Outlook Add-In

Outlook Add-In functionality was not working in some instances

Private workspace owner was unable to add additional users to private workspaces

Changes 7.3.7

August 1st, 2017

7.3.7 Release Notes

EFT Enterprise and SMB:

Additions

Added template for password reset confirmation email that is sent when user is unauthorized to reset password

COM Interface:

Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

Logging:

Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

Protocols - FTP/S:

Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

Protocols - SFTP:

Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

Added diffie-hellman-group-exchange-sha256 KEX

Added ability to select SFTP KEX algorithms through GUI and COM

SMTP:

Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

Workspaces:

Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

Enhancements:

EFT Enterprise and SMB:

PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

Now able to login with Admin accounts in AD Universal group in child domains

EFT Enterprise only:

Configuration Restore dialog has been updated. Backup must be generated from EFT Server 7.3.3 or higher.

Administrator Interface (AI):

Find/Search in EFT doesn't search connection profiles

Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

Protocols - General:

Improved responsiveness when browsing directories containing many subfolders.

Web Interfaces – Web Transfer Client (HTML5):

Updated webclient to version 1.3.0 build 10

Updated French translation

Update French translation for word "Language"

Workspaces

Updated Workspace Invitation Subject line to "You've been added to a workspace"

On upgrade from 7.2.x, Workspace notifications should be disabled

Where possible, Workspace owner’s full name is used for WS invites instead of their login name

Fixes:

EFT Enterprise and SMB:

Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

EFT Password email reminders with AD Site did not trigger

When changing password for user through Admin GUI, force password option was being automatically enabled

EFT forcing users to change their password upon first log in

Renaming folders in VFS causes a loading indicator

EFT Standalone: User's last time connected was only being updated once per day

Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

EFT Enterprise only:

During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed

EFT SMB only:

Event Rules were not grayed out on SMB with no add on modules activated

Reference to Enterprise only features were available in EFT SMB reports

Administrator Interface (AI):

Resolved EFT Admin GUI crash after using the send Email test button

Settings Templates was no longer sorted alphabetically as of 7.3.3.21

Admin GUI did not retain setting for Password Expiration at user level

When changing password in admin interface, force password option was automatically checked

When modifying password expiration "Remind" option Apply button was greyed out.

Settings Template options did not properly display inherited options

LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.

AS2

Potential for AS2 settings to be removed after to 7.3.3.21

Auditing and Reporting Module (ARM):

Report is missing filters (Traffic - Protocolwise Connections (Summary))

Executive Summary Report data was being truncated

The text "hmtest" appeared in Event Rules Detailed report after the Description:

Admin Action report Change Originator column was being truncated

Authentication - General:

Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

Corrected scenario where certain user accounts were not able to authenticate if the account was renamed Authentication - LDAP:

Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21

Custom password change responses were not working for LDAP sites

COM Interface:

"IsFolderVirtual" COM method was no longer functioning in 7.3.5

Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

ICISite::SetWorkspace failed with MX error 7

Custom Command:

Custom Command default execution timeout for newly created Custom Commands should be 30 seconds Event Rules:

User Account Disabled Rule did not function after upgrade to 7.3.3.21

Event Rule using FAST protocol to Download Files would fail if connection profile was used

Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

Corrected scenario of being unable to import Event Rules caused by unexpected config values

High Availability (HA):

Event rules with comma character ',' in event rule name would fail when load balanced

When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

Installation:

Upgrade installer asked to create an admin account instead of "Provide server administrator credentials" Logging:

Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

SSL/TLS logging for FTPS connections was not working

Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE OpenPGP:

Addressed potential scenario of new PGP key not displaying correct expiration date