What's New in EFT Arcus?

Listed below are the features, fixes, and enhancements of EFT Arcus.

NOTE: When a new version of EFT Arcus is released, the new version is rolled out to customers slowly. Therefore, not all customers are on the same version during the transition to the new version. You can see which version you are on in the administration interface.

v8.1.1.0 - 8.1.1.16

EFT Arcus has been updated to roll in the changes from previous releases of EFT on-premises. Refer to the EFT release notes in the Client Success Portal (https://portal.globalscape.com/) for more info about each of the EFT on-premises releases.

New Features

  • Added ability to export RAM status into CSV or ARM

  • Added support for using compress/ decompress Action in Remote Agent Rules

  • Added Advanced Properties

    • FailOnPGPVerifyOfUnsignedFile - If set to true, the OpenPGP action will fail if the target file is not signed. When If action failed is enabled, the event rule will trigger the failure if the PGP file is missing the signature.

    • UseLegacyAdminPermissionsForREST

      • Type: bool

      • Default Value: false

      • Description: Use the old admin permissions for REST API.

    • SMTP settings not sending:

      • SmtpTlsMaxVersion

        • Type: uint32_t

        • Default Value: 3

        • Minimum Value: 0

        • Maximum Value: 4

        • Description: SmtpTlsMaxVersion: 0 - SSL 3.0, 1 - TLS 1.0, 2 - TLS 1.1, 3 - TLS 1.2, 4 - TLS 1.3

      • SmtpTlsMinVersion

        • Type: uint32_t

        • Default Value: 3

        • Minimum Value: 0

        • Maximum Value: 4

        • Description: SmtpTlsMinVersion: 0 - SSL 3.0, 1 - TLS 1.0, 2 - TLS 1.1, 3 - TLS 1.2, 4 - TLS 1.3

  • REST API endpoint additions or changes:

    • REST: ARM Reports

    • REST: VFS Cloud

    • REST: Remote Agents

    • REST: Authentication endpoint to return info about admin session

    • REST: Connection Profiles

    • REST: Include last password change details in UserId metrics

    • REST: Advanced Workflows

    • REST: Custom commands endpoint

    • REST: Certificate get/set endpoints

    • REST: Permission Groups and User Settings Template endpoints

Enhancements

  • Converted EFT Arcus to 64bit (x64)

  • Converted EFT Arcus to the module-based licensing introduced in EFT v8.0.7.

  • Updated PGP library (EFT uses IPWorks OpenPGP 2020 v20.0.8136 from /n Software for secure OpenPGP messaging and advanced encryption and decryption, and is RFC 4880 compliant.)

  • TermsOfService.json is now in the config share so it will persist across VM scale-ins (Terms of Service and Privacy Policy default files are just templates. You must create your own Terms of Service and Privacy Policy in your language(s).

  • EFT templates are now all in one location, Templates

  • Provide 5 free Workspaces seats when HTTPs Protocol is licensed

  • Updated AWS S3 regions list in Copy/Move to and Download from Cloud Storage event rule actions

  • Extended auto-ban capabilities and added two new advanced properties

Previous Versions

v8.0.3.27, October 7, 2021

  • Moved TermsOfService.json to the shared configuration so it will persist across VM scale-ins

  • Added IP-allow list for Remote Desktop Gateway pass-thru authentication. Registry setting is: GSFTPS_LOCAL_MACHINE_REGKEY_EFT74 SaaSLimitPassThroughAuthToIp
    If the list is empty, then no pass through authentication connections are allowed. If the registry setting is absent, then all connections are allowed.

  • Support new pricing model consisting of several pricing tiers that reflect increasingly sophisticated combinations of hardware, along with set storage/transfer limits, and standard EFT subscription licensing required to unlock functionality. (Refer to the EFT Arcus datasheet or contact Support for details. Also see Introduction to Arcus for a list of features.)

v8.0.3.22 May 22, 2021

  • Added support for administration console access via a new remote desktop gateway based on Apache Guacamole.

    • With Guacamole, administration interface resources reside exclusively in the customer's tenant / region / national boundary, which furthers GDPR compliance.

    • Security-wise, users can now customize their own firewall rules for admin access; that is, they can whitelist their own IPs and block others.

    • You can avoid the remote desktop gateway, which is a shared resource. You can opt to disable access through the remote desktop gateway if you choose to do so.

    • You can connect to any node in the cluster for the purposes of monitoring activity in real-time, kicking suspicious transfers, etc. (Previously, when using the remote desktop gateway, users could only connect to the node that the load balancer nominated for admin traffic.) Note that the admin lock still remains a constraint; however, only one node can be monitored or administered at a time.

  • Fixed a deadlock that caused the administration console to became inaccessible.

  • Fixed an issue where EFT was returning a 401 when RAM agents were checking in.

  • Updated the jQuery library to the current version.

  • Fixed deadlock in EFT occurring when processing an invalid HTTP login.

  • Fixed an issue where false positives were reported in the PCI compliance report due to RAM agent settings.

  • Fixed intermittent hangs of the administration console due to deadlocks in the folder monitor subsystem.

  • Fixed a problem where EFT administrators were getting an error when specifying SSH keys for event rules.

  • Fixed an issue where terms of service and forced password reset caused WTC access to be denied.

v8.0.3.9 May 10, 2020

  • Basic Tier clients can now create one Remote Agent (additional fee applies)

  • BulkUserExport: Upload a JSON file named "ExportUsersSettings.json" into the BulkUserExport folder to dump the user list for a specific site (or all sites if the value is empty).

  • PGP keys, SSH keys, and SSL certificates can be imported into EFT Arcus through the Arcus Management Template

  • Added ability to use the SAML assertion map attribute Email field in JIT or LDAP after an IDP- or SP-initiated login to create an account in EFT

  • OpenPGP key pairs are defined and managed on a Site instead of the Server

  • Updated PGP library to IP*Works! OpenPGP 2016

  • Added privacy and other GDPR-related features:

    • User agreements and consent options on the General Tab of a User Node

    • Privacy options on the User Account Action in Event Rules

    • Privacy options for EFT on the Site > Web tab and in the WTC

    • Terms of Service agreement options for EFT web portal on the Site > Web tab

    • User Account Details Template on Site > Security tab to apply GDPR-related privacy settings to all user accounts on a Site

    • Optional permission on Server > Administration tab to give administrator accounts permission to manage personal data for users

    • GDPR-related event, context variables, and user conditions

    • Personally identifiable information (PII) / personal data is encrypted by default (beyond normal Arcus disk encryption)

    • Removed email address from User > General tab

  • ARM reports:

  • New Event Rule features:

    • Added Create or set variable Action

    • Added Call (GoTo) Event Rule Subroutine Action

    • Added ability to scan metadata with Content Integrity Control Action

    • Added "Enable this account" option in the User Account Action. (Refer to Workspaces Invitations for an example of using the User Account Action to enable an expired Guest account.)

    • Added context variable to take anything after the last dot (before the extension) and place it into this context variable

    • Added new context variables for date and time stamps in ISO8601 format

    • Updated to Advanced Workflow Engine version that includes several bug fixes

    • Event Rules are now saved in JSON (instead of XML) for import/export

  • Workspaces changes:

    • Added Site > Web tab to configure web portals and their features. (Replaces Workspaces tabs.)

    • Now support moving files between Workspaces

    • Added ability to retain Workspaces files on disk after link has expired

    • Password-protected pickup - Allow or require senders to require recipients to provide a, out-of-band passcode before accessing files

    • Securely send an email without an attachment (applies to browser-based sends and the Outlook Add-In)