Feature Availability

The tables below describe which features are available in EFT Express, Enterprise, and Arcus.

(Right-click within this topic to print a copy.)

Protocols

Feature Express Enterprise Arcus

FTP protocol (RFC 959)

Included

Included

Included

FTP extensions (multi-part, resume, parallel threads, file integrity checking, custom commands, S-Key, PASV port range, UTF-8, customizable banner, command blocking, EBCDIC mode, PASV port range controls, plus more)

Included

Included

Included

SSL/TLS 1.2 – for secure communications

Included

Included

Included

SSL certificate management

Included

Included

Included

SSL control over ciphers, algorithms, and protocols

Included

Included

Included

All protocols: Real-time session monitoring

Included

Included

Included

FIPS 140-2 certified cryptographic module for SSL

ESM

ASM

Included

SFTP protocol (https://filezilla-project.org/specs/draft-ietf-secsh-filexfer-02.txt et. al)

SFTP

Included

Included

SFTP advanced options (multiple auth methods)

SFTP

Included

Included

SFTP key management

SFTP

Included

Included

SFTP control over ciphers, algorithms, and protocols

SFTP

Included

Included

FIPS - FIPS 140-2 certified cryptographic module

SFTP, ESM

ASM

Included

HTTPS protocol

HTTP/S

Included

Included

HTTPS extensions (various auths including IWA/SSO, configurable headers, compliance with OWASP security guidelines, HSTS support, many other headers,)

HTTP/S

Included

Included

Web client – Built-in web client adds a rich set of features compared to script-driven HTTP/S transfers

HTTP/S

Included

Included

HTTP->HTTPS auto-redirect

HTTP/S, ESM

ASM

N/A

Native Mobile Transfer Client (MTC) – For iOS and Android

HTTP/S, MTC

Included

Included

Accelerate file transfers using EFT Event Rule Actions (not available after 8.0.5.7)

N/A

N/A

N/A

AS2 protocol

N/A

AS2 module

HTTPS and AS2

AS2 extensions (Message Level Security (MLS), Reliability Profile, Multiple Attachments (MA) profile.

Authentication (Access Controls)

Feature Express Enterprise Arcus

EFT-managed accounts

Included

Included

Included

Active Directory (AD) – native Windows integration

(In EFT Arcus, "AD impersonation" is available, but not authentication.)

Included

Included

N/A

ODBC - leverage any ODBC data source

Included

Included

N/A

LDAP - authenticate against LDAP sources, including AD

N/A

Included

Included

SAML (WebSSO) - including Just In Time (JIT) provisioning

N/A

ASM

Included

RADIUS - often used as a two-factor authentication source

N/A

ASM

Available in the Premium Tier and configured by Support

SMS authentication - two-factor authentication (2FA) for WTC and Workspaces

(In EFT Arcus, the "out-of-bad" passcode to pick up files is available. "SMS Config" is coming soon.)

ESM

ASM

Available in the Premium Tier and configured by Support

RSA SecurID® (native and Steel-Belted Radius (SBR))

N/A

ASM

Available in the Premium Tier and configured by Support

CAC - Common Access Card authentication

N/A

ASM

Available in the Premium Tier and configured by Support
Secrets module Included Included N/A

Authorization (Resource Controls)

Included Included Included
Feature Express Enterprise Arcus

AD Impersonation - Active Directory manages permissions

Included

Included

N/A

EFT managed folder permissions

Included

Included

Included

Permission groups – templatize sets of permissions

Included

Included

Included

Virtual folders - map virtual to physical folders including network shares

Included

Included

N/A

Home folders - designate a home folder and optionally make it the user's root folder

Included

Included

Included

Set limits - number of logins, connections,  file sizes, transfer speeds, disk quotas

Included

Included

Included

DoS detection algorithms and auto-IP ban logic

Included

Included

Included

IP access rules - full featured IP access rule manager

Included

Included

Included

Banned file types - prevent upload of unwanted file types

Included

Included

Included

Monitor and kick offending users from the server

Included

Included

Included

Invalid account names - controls to auto-ban offender IP

Included

Included

Included

Invalid passwords -  controls to auto-lockout, disable, or ban IP

Included

Included

Included

Password complexity - configure a number of password complexity options

Included

Included

Included

Password reset - user-initiated or on initial login

Included

Included

Included

Password reuse - disallow historical (previously used) passwords

Included

Included

Included

Expire accounts - disable account on a given date

Included

Included

Included
Expire inactive accounts - disable or remove account after N days of inactivity ESM ASM Included
Expire passwords - expire passwords after N days ESM ASM Included
Expiration reminder - email user reminder to change their password ESM ASM Included
Data sanitization - securely clean deleted data using military grade wiping ESM ASM Included

Encrypted folders - EFT built-in, secure-data-at-rest Solution

N/A

Included

Included

EFS - encrypt data at rest using Windows' Streaming repository encryption (EFS)

ESM

ASM

N/A
Override VFS credentials Included Included N/A

OpenPGP - use OpenPGP to encrypt, sign, and decrypt data

OpenPGP

OpenPGP

Included

PCI DSS - Site settings to facilitate PCI DSS and other compliance mandates

ESM, ARM

ASM,ARM

Included

DMZ Gateway®- securely proxy transfers through the DMZ

DMZ Gateway®
(inbound only)

DMZ Gateway®

N/A

Administration

Feature Express Enterprise Arcus

Silent installation - unattended setup

Included

Included

N/A

Administrator GUI - Windows based Graphical User Interface (GUI)

Included

Included

Included

Remote administration - administrate from other systems in the network

Included

Included

Included

Secure remote administration - SSL encrypted administration communications

Included

Included

Included

Multiple administrators - allow concurrent administration

Included

Included

Included

Secure administration - same password complexity options available for administrators as for users

Included

Included

Included

Flexible authentication - leverage native, NTLM, or AD to authenticate administrators

ESM

ASM

Only LDAP supported

Forensics - audit and report on all administrator activity and changes

ESM, ARM

ASM, ARM

Included

COM API - programmatic administration

Limited

Included

N/A

Delegated administration - role based administrator accounts with granular permissions

Server and Site administrator only

Included

ServerAdmin N/A

REST endpoint for querying administrative info and server status

Included

Included

Included

Backup and Restore - one-click backup and easy restore of entire configuration

N/A

Included

N/A

Batch account management - perform actions to multiple accounts simultaneously (such as multi-select users to reset their passwords)

N/A

Included

Included

Specify personal data and privacy settings on a Site and per user

ESM

ASM

Included

Generate GDPR DPIA report

ESM

ASM

N/A

Auditing and Visibility

Feature Express Enterprise Arcus

Logging - flat file log in W3C and other formats

Included

Included

Included

Monitor transfers in real time

Included

Included

Included

View historical transfers in the administration interface

ARM

Included

Included

Audit to SQL - audit transactions to a SQL database

ARM

ARM

Included

View reports (predefined)

ARM

ARM

Included

Create custom reports

ARM

ARM

N/A

Audit to Oracle - audit transactions to an Oracle database

N/A

ARM

N/A

Business Activity Monitoring (BAM) - real-time visibility, dashboard, and analytics (Requires ARM)

BAM, ARM

BAM, ARM

N/A

Automation (Integration with Other Systems)

Feature Express Enterprise Arcus

React to stimuli - trigger workflows based on file uploads and other server events

Included

Included

Included

Send email to users or administrators as part of a workflow

Included

Included

Included

Execute a process, including scripts, as part of a workflow (Custom Commands only in Express and Enterprise)

Included

Included

N/A

Context variables - use transaction values inside of workflows

Included

Included

Included

Folder monitor - trigger workflows immediately after files arrive in a monitored folder

Folder Monitor Module

Included

Restricted to Arcus Site root folder share only

Schedule events - trigger workflows on a recurring basis

Timer Event Module

Included

Included

Web Services - trigger workflows using Web Service calls; Invoke Web Service from URL

N/A

Included

Included

Conditional logic - build fine-grained business logic into workflows

Included

Included

Included

Cleanup Action - securely remove old files based on your organization’s data retention policies

N/A

Included

Included

Upload and download - push or pull files to remote servers as part of a workflow

File Transfer Client module

Included

Included

Send pre- and post- commands to mainframe during copy/move actions

N/A

Included

Included

Perform folder and file operations

N/A

Included

Included

Compress/Decompress files

Included

Included

Included

User Account Action - for tasks like re-enabling user accounts and compliance requests (for example, HIPAA, GDPR) in which users might ask that an organization remove all traces of their account.

Included

Included

Included

Advanced workflows - tap into the Advanced Workflow Engine to build sophisticated workflows

N/A

AWE

Included

Integration with antivirus and DLP (Data Loss Prevention) tools to permit or prevent transfers based on policies.

NOTE:

  • Content Integrity Control is used in event rules to send a file to an external antivirus scanner or data loss prevention solution for processing.
  • Customer must install an antivirus/ data loss prevention solution. Any third-party content inspection product that supports ICAP can communicate with the Content Integrity Control module.
  • EFT Arcus has built-in Windows Defender antivirus protection at the OS level.

ESM

ASM

Included


(Read comments to the left.)

Integration with cloud (AWS and Azure) storage; Copy, move, and download from cloud storage

Cloud Connector Module

Included

Included

Ability to monitor and act upon AWS S3 and Azure blob storage activity

Cloud Connector Module

Included

Included

Centralized control for automating transactions originating from distributed systems (Remote Agents), including provisioning, management and Event Rules

N/A

RAM

Included

Reusable connection profiles for use in Event Rules

N/A

Included

Included

Run PowerShell scripts in Event Rules

Included

Included

N/A

Move tabular data between programs using Get/Loop from Host Action, and Import/Export to/from Dataset

Included

Included

Coming soon

Person-to-Person (P2P) File Transfer

Feature Express Enterprise Arcus

Ad hoc file transfer – Allow authorized users to share files or folders with guest users via Outlook or using EFT’s web interface, for secure P2P file exchange

HTTP/S, Workspaces

Workspaces

Included

Two-way file sharing - recipients provided with multiple methods to securely send files to each other

HTTP/S, Workspaces

Workspaces

Included

Receipt notification - email notification when files are picked up by the recipient

HTTP/S, Workspaces

Workspaces

Included

Pick-up authentication - recipients can be required to verify their identity before downloading files

HTTP/S, Workspaces

Workspaces

Included

Full file tracking - Users and administrators can view complete history of files sent and received

HTTP/S, Workspaces

Workspaces

Included

Centralized policy controls - administrator can set defaults and mandate policies or let authorized users decide

HTTP/S, Workspaces

Workspaces

Included

Mixed mode authentication - optionally authenticate internal employees against AD, while maintaining guest isolation

HTTP/S, Workspaces

Workspaces

LDAP only

Integration with EFT - monitor all ad hoc file transfer activity from EFT

HTTP/S, Workspaces

Workspaces

Included

Request files – Authorized users can generate a request link that guests follow to securely upload files.

HTTP/S, Workspaces

Workspaces

Included

Drop-off files to internal users with no attachment limits

HTTP/S, Workspaces

Workspaces

Included

Manage personal data and privacy settings for GDPR and other privacy rules in the Workspaces client

HTTP/S, Workspaces, ESM

Workspaces, ASM

Included

Multifactor authentication via email or SMS for client logins

HTTP/S, Workspaces, ESM

Workspaces, ASM

N/A

Gather metadata for uploads in the client via upload forms

HTTP/S, Workspaces

Workspaces

N/A

View sent and received messages history in client

HTTP/S, Workspaces

Workspaces

Coming soon!

Architecture

Feature Express Enterprise Arcus

IPv6 - Full dual stack (IPv4/6 mixed) support

Included

Included

Included

Virtual - Install on virtual machines, e.g. VMware and Hyper-V

Included

Included

N/A

Unicode - UTF-8 encoding of filenames and other fields where applicable

Included

Included

Included

IDN - Internationalized domain name support

Included

Included

Included

I/O Completion Ports - Technology that allows for fast performance on Windows systems

Included

Included

Included

Active-passive clustering - Failover for high availability

Included

Included

N/A

Active-active, high availability (HA) clustering with two or more EFT servers

N/A

Included

Included