For information about Globalscape, visit www.globalscape.com. |
|
|
For information about Globalscape, visit www.globalscape.com. |
|
Globalscape EFT™ 2013 (v6.5) is available in a small-to-medium business Standard Edition and an Enterprise Edition. Each edition is built on the same foundation and offers similar core functionality to enable organizations to receive files from business partners or end users over a variety of Internet standard protocols, such as FTP/S, SFTP, and HTTP/S. Add-on modules are available to both products that extend auditing from simple flat-file logging to database driven auditing and customizable reports; provide advanced security controls typically needed by organizations that must comply with security standards such as PCI DSS, HIPAA, or SoX; facilitate ad hoc provisioning of users; and provide a richer experience when transferring data over a web browser.
During the evaluation period, all functionality is enabled and visible in the EFT administration interface. After the trial expires, the functions and modules that are enabled and visible depend on the license purchased. (EFT's Web Services interface, Oracle support, AWE, and AS2 are available only in the Enterprise edition.)
The tables below compare the features available in each edition. Certain features require the activation of one or more of the following modules, as indicated by one or more superscript numbers after "Optional." For example, "Optional, 6,7" indicates that the feature requires the High Security module (6) and the Auditing and Reporting module (7).
SFTP module (included in EFT Enterprise)
HTTP/S module (included in EFT Enterprise)
Mail Express ad hoc transfer
Web Transfer Client (Requires HTTP/S module; the basic edition is limited to maximum of 5 concurrent users)
High Security module (Requires ARM)
Auditing and Reporting (ARM) (Oracle support available in EFT Enterprise only)
DMZ Gateway (Outbound proxy support in EFT Enterprise only)
AS2 Module (Available in EFT Enterprise only; requires ARM module)
Advanced Workflow Engine (AWE module) (Available in EFT Enterprise only)
Secure Mobile Access (SMA) module
Business Activity Monitoring (BAM) dashboard
|
Feature |
Standard |
Enterprise |
||
|
Protocols (Inbound Listeners) |
||||
|
|
FTP/S (File Transfer Protocol / Secure) - still used for communications with legacy systems. |
Included |
Included |
|
|
|
|
SSL/TLS - secure FTP communications |
Included |
Included |
|
|
|
SSL key manager - manage, import, export, and create SSL certificates |
Included |
Included |
|
|
|
SSL Config - specify ciphers and versions allowed (SSL v2, v3, and TLS v1) |
Included |
Included |
|
|
|
Checkpoint restart - resume interrupted transfers |
Included |
Included |
|
|
|
Compression - inline compression of ASCII files |
Included |
Included |
|
|
|
Acceleration - reduce transfer time over poor connections |
Included |
Included |
|
|
|
Verification - guarantee integrity by comparing checksums |
Included |
Included |
|
|
|
Command blocking - prevent unwanted behavior |
Included |
Included |
|
|
|
S-key OTP - One-time-password scheme for plain-text FTP |
Included |
Included |
|
|
|
PASV port range - facilitate FTP connections behind network firewalls |
Included |
Included |
|
|
|
EBCDIC - Used for communicating with legacy systems |
Included |
Included |
|
|
|
UTF-8 - Transfer Unicode filenames over FTP |
Included |
Included |
|
|
|
Session tools - Real-time session monitoring |
Included |
Included |
|
|
|
Customizable - Modify various FTP banners to suit your specific needs |
Included |
Included |
|
|
|
FIPS - FIPS 140-2 certified SSH cryptographic module |
Optional, 6 |
Included |
|
|
SFTP (SSH2). The secure alternative to FTP, especially for system-to-system transfers. |
Optional, 1 |
Included |
|
|
|
|
Key manager - manage, import, export, and create SSH key pairs |
Optional, 1 |
Included |
|
|
|
Key types - OpenSSH and SSH.COM (SECSH format) supported |
Optional, 1 |
Included |
|
|
|
Authentication - Any combination of password and/or public key |
Optional, 1 |
Included |
|
|
|
Strong ciphers - 256-bit Twofish, 256-bit AES CBC, and 256-bit AES CTR mode |
Optional, 1 |
Included |
|
|
|
Configurable SSH-protoversion-softwareversion - lower attack footprint |
Optional, 1 |
Included |
|
|
|
FIPS - FIPS 140-2 certified SSH cryptographic module |
Optional, 1 |
Included |
|
|
HTTP/S (Hyper Text Transfer Protocol / Secure) - Ideal for interactive person-to-system transfers |
Optional, 2 |
Included |
|
|
|
|
Customizable landing portal - Login page can be branded |
Optional, 2 |
Included |
|
|
|
Form-based auth - sessions are managed by the server in a secure fashion |
Optional, 2 |
Included |
|
|
|
Basic-auth - standard browser authentication (fallback auth mechanism) |
Optional, 2 |
Included |
|
|
|
Session management in accordance with OWASP guidelines |
Optional, 2 |
Included |
|
|
|
Password reset in accordance with OWASP guidelines |
Optional, 2 |
Included |
|
|
|
Lost username retrieval in accordance with OWASP guidelines |
Optional, 2 |
Included |
|
|
|
SSO - using Integrated Windows Authentication (IWA) |
Optional, 2 |
Included |
|
|
|
HTTP->HTTPS auto-redirect - increased security through implicitly redirection of non-secure connections |
Optional, 2 |
Included |
|
|
|
Web client - Optional Java applet adds a rich set of features compared to script-driven HTTP/S transfers |
Optional, 2,5 |
Optional, 5 |
|
|
AS2 (Applicability Statement 2) - used for transmission of EDI documents |
N/A |
Optional, 9 |
|
|
|
|
Multi-directional - service inbound and initiate outbound AS2 transactions |
N/A |
Optional, 9 |
|
|
|
Drummond certified - 3rd-party certified equals superior interoperability. |
N/A |
Optional, 9 |
|
|
|
Message Level Security (MLS) - certificate-based authentication |
N/A |
Optional, 9 |
|
|
|
Reliability Profile - AS2 extension that increases interoperability |
N/A |
Optional, 9 |
|
|
|
Multiple Attachments (MA) Profile - AS2 extension that facilitates multiple concurrent transactions |
N/A |
Optional, 9 |
|
Authentication (Access Controls) |
||||
|
|
Native - (proprietary) authentication (EFT-managed authentication) |
Included |
Included |
|
|
|
Active Directory (AD) authentication |
Included |
Included |
|
|
|
ODBC - leverage any ODBC data source for user authentication |
Included |
Included |
|
|
|
NTLM - authenticate local system accounts (Choose Windows AD Authentication when creating the Site.) |
Included |
Included |
|
|
|
LDAP - authenticate against LDAP sources, including AD |
N/A |
Included |
|
|
|
RADIUS - often used as a two-factor authentication source |
N/A |
Included |
|
|
|
RSA SecurID® - 3rd party access manager that provides two-factor authentication |
N/A |
Included |
|
|
|
CAC - Common Access Card authentication |
N/A |
Optional, 6 |
|
|
Authorization (Resource Controls) |
||||
|
|
AD Impersonation - leverage Active Directory ACLs |
Included |
Included |
|
|
|
Permissions - set folder level permissions or inherit from parent |
Included |
Included |
|
|
|
Permission groups - assign users to permission groups or templates |
Included |
Included |
|
|
|
Virtual folders - map virtual to physical folders including networks hares |
Included |
Included |
|
|
|
Home folders - designate a home folder and optionally make it the user's root folder |
Included |
Included |
|
|
|
Set limits - number of logins, connections, file sizes, transfer speeds, disk quotas |
Included |
Included |
|
|
Security |
||||
|
|
Invalid passwords - controls to auto-lockout, disable, or ban IP |
Included |
Included |
|
|
|
Invalid account names - controls to auto-ban offender IP |
Included |
Included |
|
|
|
DoS detection - controls to temporarily or permanently ban suspect IPs |
Included |
Included |
|
|
|
IP access rules - full featured IP access rule manager |
Included |
Included |
|
|
|
Banned file types - prevent upload of unwanted file types |
Included |
Included |
|
|
|
Monitor and kick offending users from the server |
Included |
Included |
|
|
|
Password complexity - configure a large number of complexity options |
Included |
Included |
|
|
|
Password reset - user-initiated or on initial login |
Included |
Included |
|
|
|
Password reuse - disallow historical (previously used) passwords |
Included |
Included |
|
|
|
Expire accounts - disable account on a given date |
Included |
Included |
|
|
|
Expire inactive accounts - disable or remove account after N days of inactivity |
Optional, 6 |
Included |
|
|
|
Expire passwords - expire passwords after N days |
Optional, 6 |
Optional, 6 |
|
|
|
Expiration reminder - email user reminder to change their password |
Optional, 6 |
Optional, 6 |
|
|
|
Data sanitization - securely clean deleted data using military grade wiping |
Optional, 6 |
Optional, 6 |
|
|
|
EFS - encrypt data at rest using Windows' Streaming repository encryption (EFS) |
Optional, 6 |
Optional, 6 |
|
|
|
PGP - use OpenPGP to encrypt, sign, and decrypt data |
Optional, 3 |
Optional, 3 |
|
|
|
PCI DSS monitor - actively monitor and alert on violations (PCI DSS v2.0) |
Optional, 6,7 |
Optional, 6,7 |
|
|
|
PCI DSS report - generate a compliance with a single mouse click |
Optional, 6,7 |
Optional, 6,7 |
|
|
|
PCI DSS compensating controls (CCs) - capture and report admin provided CCs |
Optional, 6,7 |
Optional, 6,7 |
|
|
|
PCI DSS setup wizard - walk through configuration with PCI in mind |
Optional, 6,7 |
Optional, 6,7 |
|
|
|
DMZ Gateway - securely proxy transfers through the DMZ |
Optional, 8 |
Optional, 8 |
|
|
Administration |
||||
|
|
Silent installation - unattended setup |
Included |
Included |
|
|
|
Administrator GUI - Windows based Graphical User Interface (GUI) |
Included |
Included |
|
|
|
Remote administration - administer from other systems in the network |
Included |
Included |
|
|
|
Secure remote administration - SSL encrypted administration communications |
Included |
Included |
|
|
|
Multiple administrators - allow concurrent administration |
Included |
Included |
|
|
|
Secure administration - same password complexity options available for admins |
Included |
Included |
|
|
|
Flexible authentication - leverage native, NTLM, or AD to authenticate administrators |
Optional, 6 |
Optional, 6 |
|
|
|
COM API - programmatic administration |
N/A |
Included |
|
|
|
Delegated administration - role based administrator accounts with granular permissions |
N/A |
Included |
|
|
|
Backup and Restore - one-click backup and easy restore of entire configuration |
N/A |
Included |
|
|
|
Batch account management - perform actions to multiple accounts simultaneously |
N/A |
Included |
|
|
|
Forensics - audit and report on all administrator activity and changes |
N/A |
Optional, 6,7 |
|
|
Auditing and Visibility |
||||
|
|
Logging - flat file log in W3C and other formats |
Included |
Included |
|
|
|
Optional, 7 |
Included |
||
|
|
Audit to SQL - audit transactions to a SQL database |
Optional, 7 |
Optional, 7 |
|
|
|
View reports - choose from pre-built or build your own |
Optional, 7 |
Optional, 7 |
|
|
|
Audit to Oracle - audit transactions to an Oracle database |
N/A |
Optional, 7 |
|
|
|
Monitor outbound transfers in real time |
N/A |
Included |
|
|
|
Business Activity Monitoring (BAM) - real-time visibility, dashboarding, and analytics |
N/A |
Optional, 12 |
|
|
Automation (Integration with Back End Systems) |
||||
|
|
React to stimuli - trigger workflows based on file uploads and other server events |
Included |
Included |
|
|
|
Send email to users or administrators as part of a workflow |
Included |
Included |
|
|
|
Execute a process including scripts as part of a workflow |
Included |
Included |
|
|
|
Context variables - use transaction values inside of workflows |
Included |
Included |
|
|
|
Hot folders - trigger workflows when files arrive in a monitored folder |
N/A |
Included |
|
|
|
Scheduled events - trigger workflows on a recurring basis |
N/A |
Included |
|
|
|
Web Services - trigger workflows using WS calls |
N/A |
Included |
|
|
|
Conditional logic - build fine-grained business logic into workflows |
N/A |
Included |
|
|
|
Clean up - securely clean target folders from within a workflow |
N/A |
Included |
|
|
|
Offload and download - push or pull files to remote servers as part of a workflow |
N/A |
Included |
|
|
|
Advanced workflows - tap into the Advanced Workflow Engine to build sophisticated workflows |
N/A |
Optional, 10 |
|
|
Ad Hoc (person-to-person file transfer) |
||||
|
|
Ad hoc file transfer - secure file transfer available either via Outlook Add-in or web interface |
Optional, 4 |
Optional, 4 |
|
|
|
Two-way file sharing - recipients provided with multiple methods to send files back |
Optional, 4 |
Optional, 4 |
|
|
|
Receipt notification - email notification when files are picked up by the recipient |
Optional, 4 |
Optional, 4 |
|
|
|
Pick-up authentication - recipients can be required to verify their identity before downloading files |
Optional, 4 |
Optional, 4 |
|
|
|
Full file tracking - Users and admins can view complete history of files sent and received |
Optional, 4 |
Optional, 4 |
|
|
|
Centralized policy controls - administrator can enforce varying levels of required usage policies |
Optional, 4 |
Optional, 4 |
|
|
|
Active directory authentication - authentication internal users using AD |
Optional, 4 |
Optional, 4 |
|
|
|
Integration with EFT - monitor all Mail Express file transfer activity from EFT |
Optional, 4 |
Optional, 4 |
|
|
|
Complete customization - easily customize all Mail Express web interface |
Optional, 4 |
Optional, 4 |
|
|
Architecture |
||||
|
|
IPv6 - Full dual stack (IPv4/6 mixed) support |
Included |
Included |
|
|
|
Virtual - Run on virtual machines, e.g. VMware and Hyper-V |
Included |
Included |
|
|
|
Unicode - UTF-8 encoding of filenames and other fields where applicable |
Included |
Included |
|
|
|
IDN - Internationalized domain name support |
Included |
Included |
|
|
|
I/O Completion Ports - Technology that allows for tremendous performance on Windows systems |
Included |
Included |
|
|
|
Active-passive clustering - Failover for high availability |
N/A |
Included |
|
|
|
Saas - Managed and hosted versions available |
N/A |
Included |
|
|
|
Logo certified - Windows Server 2008 and 2012 Logo Certified |
N/A |
Included |
|
