FTP protocol (RFC 959)

FTP extensions (multi-part, resume, parallel threads, file integrity checking, custom commands, S-Key, PASV port range, UTF-8, customizable banner, command blocking, EBCDIC mode, PASV port range controls)

SSL/TLS 1.2 – for secure communications

SSL certificate management

SSL control over ciphers, algorithms, and protocols

Real-time session monitoring

SFTP protocol

SFTP advanced options (multiple auth methods)

SFTP key management

SFTP control over ciphers, algorithms, and protocols

FIPS 140-2 certified cryptographic module (Requires SFTP or HTTPS to function properly)

HTTPS protocol

HTTPS extensions (various auths including IWA/SSO, configurable headers, compliance with OWASP security guidelines, HSTS support, many other headers,)

Web client – Built-in web client adds a rich set of features compared to script-driven HTTP/S transfers

HTTP to HTTPS auto-redirect

Mobile access via native mobile transfer client ) – For iOS and Android

AS2 protocol

EFT-managed accounts (i.e., "built-in authentication, or Globalscape authentication)

Active Directory (AD) – native Windows integration, including admin accounts)

(In EFT Arcus, "AD impersonation" is available, but not authentication.)

ODBC - leverage any ODBC data source

LDAP - authenticate against LDAP sources, including AD

SAML (WebSSO) - including Just In Time (JIT) provisioning

RADIUS - often used as a two-factor authentication source

RSA SecurID^® (native and Steel-Belted Radius (SBR))

CAC - Common Access Card authentication

AD Impersonation - Active Directory manages permissions

EFT managed folder permissions

Role-based administrator accounts with granular permissions (Delegated administration)

Permission groups – templatize sets of permissions

Virtual folders - map virtual to physical folders including network shares

Home folders - designate a home folder and optionally make it the user's root folder

Set limits - number of logins, connections,  file sizes, transfer speeds, disk quotas

DoS/flood detection algorithms and auto-IP ban logic

IP access rules - full featured IP access rule manager (whitelisting/blacklisting)

Ban file types by extension - prevent upload of unwanted file types

Monitor and kick offending users from the server

Invalid account names - controls to auto-ban offender IP

Invalid passwords -  controls to auto-lockout, disable, or ban IP

Password complexity - configure a number of password complexity options

Password reset - user-initiated or on initial login

Password reuse - disallow historical (previously used) passwords

Expire accounts - disable account on a given date

Encrypted folders - EFT built-in, secure-data-at-rest Solution

EFS - encrypt data at rest using Windows' Streaming repository encryption (EFS)

OpenPGP - use OpenPGP to encrypt, sign, and decrypt data

PCI DSS - Site settings to facilitate PCI DSS and other compliance mandates

Silent installation - unattended setup

Administrator GUI - Windows based Graphical User Interface (GUI)

Remote administration - administrate from other systems in the network

Secure remote administration - SSL encrypted administration communications

Multiple administrators - allow concurrent administration

Secure administration - same password complexity options available for administrators as for users

Flexible authentication - leverage native, NTLM, or AD to authenticate administrators

Forensics - audit and report on all administrator activity and changes

COM API - programmatic administration

REST endpoint for querying administrative info and server status

Backup and Restore - one-click backup and easy restore of entire configuration
(Scheduled backups requires the TEM)

Batch account management - perform actions to multiple accounts simultaneously (such as multi-select users to reset their passwords)

Specify personal data and privacy settings on a Site and per user

Logging - flat (text) file log in W3C and other formats

Monitor transfers in real time

View historical transfers in the administration interface

Audit to SQL - audit transactions to a SQL database

View reports (predefined)

Create custom reports

Audit to Oracle - audit transactions to an Oracle database

React to stimuli - trigger workflows based on file uploads and other server events

Send email to users or administrators as part of a workflow

Context variables - use transaction values inside of workflows

Conditional logic - build fine-grained business logic into workflows

Cleanup Action - securely remove old files based on your organization’s data retention policies
(Scheduled cleanup requires the TEM)

Upload and download - push or pull files to remote servers as part of a workflow

User Account Action - for tasks like re-enabling user accounts and compliance requests (for example, HIPAA, GDPR) in which users might ask that an organization remove all traces of their account.

Create reusable connection profiles for use in Event Rules

Integration with antivirus and DLP (Data Loss Prevention) tools to permit or prevent transfers based on policies.

NOTE:

• Content Integrity Control is used in event rules to send a file to an external antivirus scanner or data loss prevention solution for processing.
• Customer must install an antivirus/ data loss prevention solution. Any third-party content inspection product that supports ICAP can communicate with the Content Integrity Control in EFT.
• EFT Arcus has built-in Windows Defender antivirus protection at the OS level.

Send pre- and post- commands to mainframe during copy/move actions

Perform folder and file operations

Web Services - trigger workflows using Web Service calls; Invoke Web Service from URL

Execute a process, including scripts, as part of a workflow

Folder monitor - trigger workflows immediately after files arrive in a monitored folder

Schedule events - trigger workflows on a recurring basis

Compress/Decompress files

Advanced workflows - tap into the Advanced Workflow module to build sophisticated workflows

Integration with cloud (AWS and Azure) storage; Copy, move, and download from cloud storage

Ability to monitor and act upon AWS S3 and Azure blob storage activity

Centralized control for automating transactions originating from distributed systems (Remote Agents), including provisioning, management and Event Rules

Run PowerShell scripts in Event Rules

Ad hoc file transfer – Allow authorized users to share files or folders with guest users via Outlook or using the EFT web interface, for secure P2P file exchange

Two-way file sharing - recipients provided with multiple methods to securely send files to each other

Receipt notification - email notification when files are picked up by the recipient

Pick-up authentication - recipients can be required to verify their identity before downloading files

Full file tracking - Users and administrators can view complete history of files sent and received

Centralized policy controls - administrator can set defaults and mandate policies or let authorized users decide

Mixed mode authentication - optionally authenticate internal employees against AD, while maintaining guest isolation

Integration with EFT - monitor all ad hoc file transfer activity from EFT

Request files – Authorized users can generate a request link that guests follow to securely upload files.

Drop-off files to internal users with no attachment limits

Manage personal data and privacy settings for GDPR and other privacy rules in the Workspaces client

Multifactor authentication via email or SMS for client logins

Gather metadata for uploads in the client via upload forms