EFT
December
v8.2.1.33
Dec 04, 2024
Fixes
Event Rules
Dec 4, 2024
Fixes
Event Rules
-
Fixed an issue where under certain conditions in EFT 8.2.0/8.2.1 event rules with PowerShell-embedded scripts could cause a memory leak
SFTP
-
Fixed an issue where SSH connections from WinSCP versions 6.2.1 - 6.3.5 failed to connect to EFT 8.2.1 due to OpenSSH 9.5 and WinSCP's integration of Putty 0.81
-
Fixed an issue where OpenSSH PowerShell client version 8.9 or higher using an SSH key would fail to connect to EFT 8.2.1
-
Fixed an issue where high loads of SSH protocol transfers in EFT 8.2.1 could cause EFT to crash
-
Fixed an issue where EFT (all versions) did not correctly report the SSH offering as SHA-2 when using a SHA-2 SSH site key
RAM
-
Upgrading from EFT v8.2.0 or v8.2.1 with RAM configured will require manual upgrades on Remote Agents; this does not affect upgrades from EFT 8.1.x
October 2024
October
(missing or bad snippet)August 2024
v8.2.1
Aug 26, 2024
New Features
ARM
Added support for Database maintenance
Added PGP error codes to descriptions
Connection Profiles
Added support for AWS IAM Roles
Context Variables
Added new context variable for PGP error codes: %EVENT.ACTION_FAILURE_REASON%
EFT Administration
Added support for paths longer than 255 characters
Web Admin Client (WAC)
Added support for Arabic language
WTC
Added support for Arabic language
Enhancements
Administration
Updated several third-party libraries
Removed EOL redistributable from the EFT installer
Connection Profiles
Updated the AWS Region list
OpenSSL
Updated FIPS OpenSSL library to 3.1.4
OpenSSH
Updated OpenSSH library to 9.5.0
WTC
Updated Angular to version 17
Fixes
Automate Workflow Module (AWM)
Fixed an issue where certain AML conversions from version 10 to 2024 would fail
Fixed an issue where workflows would fail with an unexpected Automate response when the task is pushed to a full queue
Fixed an issue where Automate would report an error with an invalid request format error
Fixed an issue where Automate would report an error with invalid map K,T key error
Fixed an issue where Automate would report an error for invalid instance ID
Connection Profile
Fixed an issue where connection profile credentials could be modified when used in EFT Event Rules
Context Variables
Fixed an issue where the context variable, %FS.FOLDER_NAME% was missing in the "File System Variables" list
Fixed an issue where %GetTaskName()% would not retrieve the correct TaskName
EFT Administration
Fixed an issue where SMTP authentication would change back to SMTP when another option was selected
Fixed an issue where the "From" email address was displayed incorrectly when set to Gmail OAuth
EFT Event Rules
Fixed an issue where "if action FAILED" could not be added under a Loop dataset condition
Fixed an issue where credential override for event rules was not working as expected
Fixed an issue where actions were not nesting under some conditions
Fixed an issue where events were not indenting under Loop action which could cause an Admin GUI crash
Fixed an issue where passing arguments to PowerShell scripts would no longer work as expected
Fixed an issue where files uploaded to AWS would have wrong .xml content type
FIPS
Updated our documentation to reflect EFT service restart when enabling FIPS mode for SSH
Logging
Fixed an issue where Ted6 log AP for log path would cause the Admin GUI to fail to launch the log
REST API
Fixed an issue where EFT Event Rules created via REST API PATCH/POST requests would fail to trigger
Remote Agent
NOTE: Upgrading from EFT 8.2.0 to EFT 8.2.1 with RAM configured will require manual upgrade on Remote Agents, this does not impact upgrades from EFT 8.1.x
Web Admin Client
Fixed an issue where the User Management screen would post an error when loading users
WTC
Fixed an issue where the WTC login page was still accessible after disabling HTTP/S
Fixed a security vulnerability with our WTC change password validation
May 2024
v8.2.0.46
May 1, 2024
Fixes
Fixed an issue where EFT service would fail to start on additional nodes added to a new HA Active-Active cluster configuration
Updated several Help topics (typos, clarifications, and so on)
High Availability (HA)
Help Documentation
April 2024
v8.2.0.45
Apr 1, 2024
New Features
Advanced Workflow Module (AWM)
Updated Automate Workflow Module (AWM) to v2024
Context Variables
Added %EVENT.ACTION_FAILURE_REASON% to return event rule failure reason
Added %FS.VIRTUAL_DIR_NAME% to return the virtual folder name alias
Connection Profiles
Added native support for Google Cloud
Added support for Google Drive
EFT Administration
Added support for EFT site propagate
Added support for EFT site artifacts propagate
Added support for Web Admin Client (WAC)
Added support for Server Name Indication (SNI)
Added support for Microsoft 365 OAuth 2.0 email
Added support for Gmail OAuth 2.0 email
Added support for Email templates
Added support for OpenID
Event Rules
Added support for OpenSSL action
Added support for User Create action
OpenSSL
Updated OpenSSL library to 3.1.4 (Note: FIPS will continue to use 1.0.2u)
Updated OpenSAML to 3.2.1
Remote Agent (RAM)
Added support for proxy
REST API
Added support for restrict access to REST API to a few traditional admin roles
Added support to provide updated error codes for Admin password change errors
Added support to get metrics for all sites in a single reques
Added support for filtering by group to users endpoint
Added support for changing admin password on log in
Added support for sorting to the users endpoint
Added support for filtering to the users endpoint
Added support to generate support bundle
Added support to generate ARM reports
Added support for user actions
Added support for event rule counters
EFT SyncTool
Added support for EFT 8.1
Enhancements
Advanced Properties (AP)
Added new AP to disable mkcol requests, DisableMKCOLRequest, tunnelNonHttpVerbs
Added new AP to remove username and domain in shared workspace link, UseIdInWorkspaceLink
Added new AP to remove links from workspace comment, RemoveLinksFromWorkspaceInvitations
Added new AP to increase SFTP buffer size, SFTPWinFileReadWriteBufferSizeKB
Added a new AP to Force Zero Preview for ICAP specific servers, ForceZeroPreview
Removed the MaxNumberConnectionsPerSite, AP as this is no longer used
Advanced Workflows
EFT upgrades will export all Automate workflows into a zip file for backup
Added ability to suppress Automate workflow popups
Added support for Dataset
Added support for JSON objects
Added support for TLS 1.2 in Azure Action
Removed support for SharePoint 2007 and 2010
Added SharePoint App Only and Azure AD Only authentication types
Added support for TLS 1.2 and TLS 1.3 in FTPS connections
Various User Interface enhancements
Various SharePoint Action enhancements
Various Variable Action enhancements
Various OCR Action enhancements
Various FTP Action enhancements
Various File System Action enhancements
Various Terminal Action enhancements
Various Image Action enhancements
Various Compression Action enhancements
Various HTTP Action enhancements
Various Exchange Action enhancements
Various PDF Action enhancements
Various Email Action enhancements
Various Dialog Action enhancements
Added support for TLS 1.2 in Web Service Action
Updated Automate Task Builder layout
ARM
Added a new "Result" field in the Actions table
Removed SAT related tables from ARM database
EFT Administration
Upgraded all .Net components to .Net 4.8
Updated Database related help link
Added a new Automate Service Account section
Increased Default Minimum Password Length for EFT adminstrator accounts
Updated branding graphics
Updated links to module licensing site
Added better sorting capabilities for SSH user key management
Updated verbiage and links to reflect Fortra
Added new link to Fortra Connector Hub
Event Rules
Added option to compress files older than X to the Compress Action
High Availability (HA)
Updates to HA Active-Active upgrades by providing a new prompt to determine last node being upgraded
Licensing
Updated Advanced Workflow Module (AWM) trial period to 15 days
OpenPGP
Restored legacy support to export all pgp keys into a single set of public and private keys
Remote Agent (RAM)
Added SFTP logger configuration in the Remote Agent logging
REST API
Improved REST responses for the authentication endpoint
WTC
Updated Angular to v16
Updated branding graphics
Removed code for deprecated clients
Added support for redirect to hom epage and login when URL is invalid
Fixes
ARM
Fixed an issue where AuthenticationsExpired table was missing from the Purge Script
Fixed an issue where Admin Actions would not log created Event Rules
Fixed an issue where Activity - Session Lifecycle report had incorrect timestamp format
Fixed an issue where AS2 Detail reports would not generate when using an Oracle database
Fixed an issue where EFT administrators could not stop ARM report generation from the GUI
Advanced Workflow Module (AWM)
Fixed an issue where the help file would fail to launch from the Task Builder
Authentication
Fixed an issue where a blank RelayState values would cause authentication failures
Fixed an issue where MFA would bypass Active Directory (AD) expired passwords
Fixed an issue where reset passwords were not propagating to other nodes in an HA cluster
Fixed an issue where disabled users would not trigger User Login Failed Event Rule for SFTP and HTTP protocols
Fixed an issue where Enforcing Strong passwords would not properly honor words from the dictionary.txt
EFT Administration
Patched CVE-2023-2989
Patched CVE-2023-2990
Fixed an issue that under specific configurations could cause EFT to crash on certificate expiration notification
Fixed an issue where the EFT server could crash when OCSP stapling is enabled
Fixed an issue where Uploads per Session for HTTP/HTTPs connections would not work as expected
Fixed an issue where Password Expiration notices were sent on stopped EFT sites
Fixed an issue where under certain conditions the GUI could crash while attempting to login
Fixed an issue where the GUI would revert to previous interaction area
Fixed an issue where the scroll bar would not appear when adding several conditions to the same line
Fixed an issue where the certain AD user profile details were not being added into EFT's user profile
Fixed an issue where Max Transfer speed setting was not being honored
Fixed an issue where LDAP Auth Manager test would limit users to 10k users
Fixed an issue where EFT could hang under certain conditions during DMZ Gatewaysocket initialization
Fixed an expired Help link under the File send UI
Fixed a caching issue when using Test for LDAP site configurations
EFT Event Rules
Fixed an issue where under certain conditions after an upgrade some EFT event rules could cause EFT to crash
Improved exception handling for multi-file transfers for AWS S3 upload/download
Fixed an issue where multipart AWS uploads could crash EFT
Improved AWS cloud download performance
Fixed an issue where the Overwrite function would not work as expected
Fixed an issue where multiple nodes in an HA cluster would trigger an event rule on the same file
Fixed an issue where Numerate in File actions would not work as expected
Fixed an issue where Event Rules would not be able to pass /*.* to Advanced Workflows
Fixed an issue where context variable %FS.BASE_FILE_NAME% would not work after a PGP action
Fixed an issue where File rename operation would not work after upgrading to EFT 8.1
Fixed an issue where Event Rules could not be enabled/disabled after being renamed
Fixed an issue where the User Created Event Rule that triggers an Advanced workflow could cause an EFT admin UI disconnect
Fixed an issue where Override credentials may not work under certain conditions
Fixed an issue where File Upload rule with PowerShell action could trigger more than once
Fixed an issue where exclude file in File Delete operation would not work as expected
Mitigated Zip Slip vulnerability
Fixed an issue where Event Rule Daily Run starts on Tuesday instead of Monday
Fixed an issue where the PowerShell action would share embedded defined context variables with other Event Rules
Fixed an issue where Failed decompress actions would show as successful in the ARM database
Fixed a typo in the Report Action UI
Fixed an issue where the Overwrite option was available under the Import CSV from Dataset UI
High Availability (HA)
Fixed an issue where LastActiveTime synchronization could cause user login requests to hang
Fixed an issue where cluster nodes could run out of sync due to a deadlock
Help Documentation
Fixed our help documentation with updated footer and header
Fixed an issue where launching a PDF file could cause the EFT admin GUI to crash
Fixed an issue where script errors were displayed in Advanced Workflow section
Fixed an issue where the REST API help could cause UI hangs
Logging
Fixed an issue where an incorrect stat remote file error would be displayed in the TED6 log for SFTP connections
Fixed an issue where Test button for cloud secrets would not log to the EFT log file
Fixed an issue where TOS customizations would not properly reference the path being used in the EFT logger
OpenPGP
Fixed an issue where Decrypt and Verify signature would not work as expected
Fixed an issue where File Upload event rules with PGP encryption could create a 0kb file after upgrading to EFT 8.1
Outlook Add-in
Fixed an issue where the Help Guide in the EFT Outlook Add-in would not load
Fixed an issue where Outlook Add-in would error when using a SharePoint Send link
Proxy Protocol
Fixed an issue where EFT could crash when using proxy protocol over FTP
Registration
Updated the EFT Advanced Workflow Module (AWM) trial period to 15 days
Remote Agent
Updated RAM log to remove authorization agent details
Fixed an issue where RAM in 8.0.3 could not process rules from EFT 8.1.1
REST API
Fixed an issue where "The specified template does not exist" would be returned on the Add users endpoint
Fixed an issue where REST API calls for ARM PDF reports would not return any data
Workspaces
Fixed an issue where under certain configurations the username and password details were logged in the EFT logger for Workspaces
Fixed an issue where under certain configurations File links in Workspace emails did not work
Fixed an issue on how the Dropoff portal quota is updated and verified
WTC
Fixed an issue where password change did not work as expected
Fixed an issue where Firefox mobile would fail on uploads
Fixed an issue where Reset Password does not always work in case of invalid username and email
Fixed an issue where under certain conditions could not load password complexity details
Fixed an issue where the Advanced Property (AP) UplReqDel, was no longer supported in EFT 8.1
June 2023
v8.1.0.16
Jun 5, 2023
Fixes
EFT Event Rules
Fixed an issue where EFT event rules configured with Matching Filenames set to Numerate on local file uploads would not numerate the initial file properly.
EFT Security Updates
Mitigated a directory traversal vulnerability known as "Zip Slip" when exercising compression or decompression within EFT. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11585/Is-EFT-susceptible-to-the-Zip-Slip-vulnerability.
Mitigated an EFT administrator authentication out-of-bounds memory read vulnerability. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11586/Is-EFT-susceptible-to-the-Authentication-Bypass-via-Outofbounds-Memory-Read-vulnerability.
Mitigated an EFT server crash due to vulnerability when sending recursively compressed packet to the administrator port. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11588/Is-EFT-susceptible-to-the-Denial-of-service-via-recursive-Deflate-Stream-vulnerability.
Setting "Require SSL for remote administration" as default when enabling remote administration to avoid password leak due to insecure defaults. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11587/Is-EFT-susceptible-to-the-Password-Leak-Due-to-Insecure-Defaults-vulnerability.
April 2023
v8.1.0.14
April 5, 2023
Fixes
EFT Cloud Connector
Fixed an issue where AWS cloud transfers were slower.
Fixed an issue where under certain conditions AWS uploads could cause EFT to crash.
Fixed an issue where under certain conditions Azure uploads could cause EFT to crash.
EFT Event Rules
Fixed an issue where after upgrade File Rename actions in certain conditions would not rename files.
Fixed an issue where certain optional custom parameters were not passed to AWE from an Event Rule.
Fixed an issue where Folder Monitor Event Rules would not move files with filenames that started with a period.
Fixed an issue where under certain conditions the Overwrite option would not always overwrite an existing file.
Fixed an issue where Event Rules with AWE actions were incorrectly using virtual paths in context variables.
Fixed an issue where %FS.PATH% context variable was not being updated after a move offload action.
Fixed an issue where Overwrite in a download action was not working as expected on a destination virtual path.
EFT Help Updates
Updated several help topics and broken links.
EFT Logging
Cleaned up user details on the Workspace log.
EFT Web Transfer Client (WTC)
Fixed an issue where EFT was not returning the proper error code on invalid username and email in the Forgot Password WTC.
Fixed an issue where Uploads per Session configuration was not being properly enforced.
EFT Security Updates
Updated OpenSSL library used in OpenSAML to version 1.1.1t, other features are still using 1.1.1o.
October 2022
Version 8.1.0.11
October 31, 2022
Fixes
EFT Event Rules
Fixed an issue where Timer Event Rules configured for Daily runs would not trigger on Monday.
August 2022
Version 8.1.0.9
August 5, 2022
New Features
Added %USER.HOME_FOLDER_PATH% to return user's full home folder path
Added support for 64bit
Added support to create Advanced Workflow folders
Added support for Upload VFS Quotas
Added support to map EFT site root folder to the cloud
Added support for Remote Agent list export to CSV
Added support for SSL Certificate Rotation Period Notification
Added support for multi-event rule move to folder
Added support for upgrade cluster with zero downtime
Updated OpenPGP library
Updated OpenSSL library to 1.1.1o (Note: FIPS will continue to use 1.0.2u)
Added support for Compress/Decompress action in RAM
Added REST API support for email templates
Added REST API support to obtain defined users under the /sites/{siteid}/users endpoint
Added REST API keep-alive endpoint
Added REST API support to return admin session information
Added REST API support for User Settings templates
Added REST API support for Permission Groups
Added REST API support for AWE
Added REST API support for Custom Commands
Added REST API support for Connection Profiles
Added REST API support for DMZ Gateway
Added REST API support for VFS cloud
Added REST API support for Remote Agents
Added support for downloading a workspace share folder as a zip file
Context Variables
EFT Administration
Event Rules
High Availability (HA)
OpenPGP
OpenSSL
Remote Agent (RAM)
REST API
WTC
Enhancements
Removed "EnableMultiPart" and "MultipartValue" APs
Expanded support for %FS.VIRTUAL_PATH% in certain event rules
Expanded support for %WS_OWNER_NAME% in the Send email template
Increased Compress/Decompress buffer size for better performance in EFT admin UI and event rules
Restored the ability to select registration for Single or Multi Site DMZ
Added WEL and EFT logging for PGP Key Rotation Period Notification
Added Support for Microsoft Edge WebView2 for ARM report rendering
Support for Windows Server 2022
Added AWS Region Asia Pacific, Jakarta
EFT Templates are now in a single location when configured in a cluster
EFT will now provide 5 free workspace licenses upon activation of the HTTPs module
Added support to register Advanced Security Module (ASM) license key in Regulatory Compliance Module to unlock both Regulatory Compliance Module and Advanced Authentication Modes Module
Added support to register Express Security Module (ESM) license key in Regulatory Compliance Module to unlock Regulatory Compliance Module
Restored EFT registration UI behavior, EFT Server must first be registered before any other module
Added Advanced option to the EFT registration wizard to help troubleshoot registration issues
Added the ability to obtain last password change details in the userId metrics endpoint
Advanced Properties (AP)
Context Variables
EFT Administration
Event Rules
High Availability (HA)
Licensing
REST API
Fixes
Fixed an issue where data reported in the Traffic - Protocolwise Connections table were not properly reporting the correct bytes
Fixed an issue where LDAP users were getting provisioned without authentication due to an issue with SAML SSO configurations
Fixed an issue where modified custom commands would not be saved
Fixed an issue where context variables to action fields broke legacy behavior
Fixed an issue where the EFT Admin UI could hang when disk quota would trigger recalculation
Fixed an issue where the EFT administrators would not be able to connect via our Admin console remotely when TLS 1.3 was disabled
Fixed an issue where the EFT administrators could not set large values in custom user profile fields
Fixed an issue where requests were made to the EFT AppData path on user account login
Fixed an issue where the RADIUS test button would report a failure even when configured properly
Fixed an issue where the Automate Workflow logs would reside on the wrong path when configuring EFT remotely
Fixed an issue where the EFT Admin UI could crash when configured with a specific CIC profile
Fixed an issue where the Azure Blob SAS token test button would report a failure even when configured properly
Fixed an issue where the Admin UI stats option would not properly count event rules
Fixed an issue where EFT Event Rule administrators could not use the browse button in an event rule
Fixed an issue where copying/pasting event rule conditions/actions would not work as expected
Fixed an issue where under certain conditions EFT admin UI could hang during backup process
Fixed an issue where under certain conditions upgrades from EFT Express could fail
Fixed an issue where EFT would not properly prohibit reuse of previous password minimum value
Fixed an issue where the EFT admin UI would not always report the correct active session count
Fixed an issue where under certain conditions EFT would crash after an upgrade
Fixed an issue where under certain conditions new users were not being forced to change password upon first use
Fixed an issue where banned file types were still allowed to upload
Fixed an issue where site.GetPermPathsList would not properly identify non-existing folders
Fixed an issue where certain workspaces API endpoints were no longer available
Fixed an issue where Automate Workflow event rules would not always trigger after an upgrade
Fixed an issue where under certain conditions Folder Monitor event rules could double trigger
Fixed an issue where Cloud Upload actions would fail when the name contained a comma
Fixed an issue where the If Login Name condition would not work under certain conditions
Fixed an issue where the User Login failed condition would not trigger in the HTTPS protocol
Fixed an issue where If Virtual Path filter would not work when configured with Starts With
Fixed an issue where under certain conditions a configured MultiPartUpload could crash EFT
Fixed an issue where under certain conditions a configured pure sync event could cause EFT to crash
Fixed an issue where Cloud Monitor object event rules may not properly load balance
Fixed an issue where uploading to a Azure Blob would fail with permissions lower than Storage Level Access
Fixed an issue where under certain conditions users were unable to login via CAC when AllowNonCACUsers AP is enabled
Fixed an issue where upon upgrade EFT would not disable non-supported FIPS ciphers
Fixed an issue where under certain conditions upon upgrade to 8.0.6 FTPS transfers would fail
Fixed an issue where FTP would fail to connect to OpenVMS
Fixed an issue where TED6logs were not saved on the correct path when configured with an AP
Fixed an issue where UserAgentHeaderMustUseOTP Advanced Property (AP) would not properly work with different formatting/configurations
Fixed an issue where OpenPGP would fail to decrypt encrypted files with Bouncy Castle
Fixed an issue where manual registration for DMZ Single site license would fail
Fixed an issue where under certain conditions Remote Agents could experience memory leaks
Fixed an issue where under certain conditions a Remote Agent could enter an infinite loop when trying to write to the log
Fixed an issue where UTF-8 characters in remote agent rules were not supported
Fixed an issue where SFTP connections would not handle directly listing correctly with the STAT command
Fixed an issue where FTP via SSL connections could cause performance issues with certain clients
Fixed an issue where guest user Workspaces registration would fail when passwords contained # character
Fixed an issue where Workspaces users were unable to attach web file request in the reply portal
Fixed an issue where the WTC page would not display correct error when accessing a workspace invite after workspaces is disabled
Fixed an issue where WTC would fail to generate an appropriate error message when a password match a dictionary word
Fixed an issue where EFT would pass windows reserved paths accessible via WTC
Fixed an issue where under certain conditions exercising the forgot password option could SPAM a user account
Fixed an issue where WTC will now provide a prompt when a user account is blocked due to invalid login attempts
Fixed an issue where password complexity UI would not properly display for guest accounts
Fixed an issue where WTC users could not change their password when configured with an empty password
ARM
Authentication
Custom Commands
EFT Administration
EFT COM API
EFT Event Rules
FIPS
FTP
Logging
MFA
OpenPGP
Registration
Remote Agent
SFTP
SSL
Workspaces
WTC
December 2021
Version 8.0.7.4
December 04, 2021
Fixes
Features from EFT Express and EFT Enterprise have been merged into one EFT, with some features part of "EFT core" and others repackaged into new or existing modules. (For example, EFT Express ESM license activates the Advanced Authentication Modes module when upgrading to Continuum.) Refer to Feature Availability in the EFT online help for details. (If you are upgrading from an earlier EFT version, the features you had previously licensed continue to be available.)
A new Enterprise Actions Module (EAM) is used to activate previous Enterprise-only features, such as executing scripts, performing folder and file operations, compressing/decompressing files, subroutines, dataset actions, and REST invocation
You can now deregister licenses in EFT. This is used in the event that you are moving EFT to a new computer, the wrong serial number was used on the server, the module was not supposed to be registered on the server or node, or you are moving between perpetual licenses to subscription-based keys.
Added new ServerModule enums to activate modules
Enhancements
Updated EFT installer (EFT.exe/EFT-nodb.exe) (TFS 380907)
The Mobile Transfer Client (MTC) is now part of EFT core.
The Secrets functionality is now part of the Cloud Connector module (CCM)
The Upload forms feature (for gathering metadata) is now available in the Secure Forms Module (SFM)
Each protocol other than FTP requires a separate module (FTPS implicit/explicit is a separate module)
The features that were in the security modules (ESM/ASM) have been "repackaged" into the Advanced Authentication Modes Module (for CAC, RADIUS/RSA, SAML) and Regulatory Compliance Module (for GDPR and PCI DSS)
The Event Rules modules that were in EFT Express (CCM, FTC, FMM, PGP, TEM) are now modules in the merged EFT platform and provide the same actions and events as before
Multifactor authentication (2FA, SMS) has been moved to the HTTPS module
The Advanced Workflow Engine (AWE) has been renamed the Advanced Workflows Module (AWM)
Fixes
Fixed an issue where AWE 10 was no longer writing to individual csv logs (TFS 381793, Case 91337)
Fixed an issue where AWE 10 was unable to connect to SharePoint using TLS 1.0 (TFS 381795, Case 91542)
Fixed an issue where AWE 10 was logging to automatetasklist.txt (TFS 381794, Case 91337, 91542, 83445)
November 2021
Version 8.0.6.18
November 07, 2021
Fixes
Fixed an issue where Windows permissions were not used for NT/AD site user created by login via HTTP (TFS 381871, Case 94506)
Fixed and issue where users were unable to send a workspace share to existing users within a blacklisted domain (TFS 382023)
September 2021
Version 8.0.6.16
September 21, 2021
Enhancements
EFT Administration
Support block probing attempts in HTTP/S (DoS DDoS Flood) (TFS 380511)
Added ability to create users in Guest Users template for LDAP or AD configured sites (TFS 380301)
Advanced Properties
Added ability for Auto-ban to ignore unauthorized (anonymous) access to the defined paths (AutoBanAnonymousUnauthorizedAccessServicePathAllowList). Default value set to None (TFS 380511)
Added ability for Auto-ban to ban IP address on authorized (anonymous) access to defined paths (AutoBanAnonymousUnauthorizedAccessServicePathBlockList). Default value set to None (TFS 380511)
Added ability to enable or disable ARM BatchSQL feature so SQL requests can be applied one at a time as previous EFT 7.4 versions (DisableARMBatchSQL). Default set to false (TFS 381135, Case 92284)
Added ability to use multiple methods for ICAP Services (REQMOD AND RESPMOD) on the same URI (ICAPAllowMultipleMethodsForOneURI ). Default set to false (TFS 381063, Case 90968)
Added ability for EFT event rules not to intermediate encryption and decryption when transferring files to and from Encrypted Folders (IgnoreEncryptedFoldersInOutboundTransfers). Default set to false (TFS 380358)
Added ability to get file attributes via SFTP using FSTAT or LSTAT (SFTP2_ForceUseFSTAT). Default set to false (uses LSTAT) (TFS 380786, Case 89420)
Added ability to set list of user agents that are not allowed to bypass MFA (UserAgentHeaderMustUseOTP). Default set to None (TFS 379921, Case 87357)
Added ability to limit the number of workspaces that are cleaned up in a single pass so there is minimal EFT operational disruption (WorkspacesCleanupPortionSize). Default set to 1000 (TFS 379954, 380783, 380742, Case 90939, 87849, 91541, 92429)
ARM
Added support for SQL 2019 (TFS 70411)
COM API Added interfaces:
Added ICIAbortUserOperationActionParams interface
COM API Added properties:
Added ICIServer interface "CloseServerService" method
Added ICISite interface PGP properties:
PGPSendEmailExpirationCopyToAssociatedUser
PGPSendEmailPriorExpiration
PGPSendEmailUponExpiration
PGPEmailExpirationRecipientsList
PGPTimePriorExpirationInDays
Added ICIPGPKeyInfo interface property: UsageFlags
Added ICIEncryptedFolder properties:
EncryptionKey
KeyAlias
COM API enums
Added EventActionType enum: "AbortUserOperationAction"
Added Event Type enums:
OnAS2Test
OnAS2AsyncResend
OnWorkspaceExpired
OnSecureMessageComposed
OnSecureMessageSent
OnSecureMessageNotSent
OnSecureMessageViewed
OnSecureMessageAttachmentBeforeDownload
OnSecureMessageAttachmentAfterDownload
Renamed EventType enum "BeforeWorkspaceDeleted" to "OnWorkspaceBeforeDelete"
Event Rules
Added new ad hoc (Workspaces) conditions (TFS 369704)
Added new Abort User Operation action (TFS 379474)
Added new ad hoc "Message Composed" workspace event (TFS 369702)
Added new ad hoc "Message Not Sent" workspace event (TFS 369702)
Added new ad hoc "Message Viewed" workspace event (TFS 369702)
OpenPGP
Added ability to notify on PGP key rotation period (TFS 365341)
Added support for OpenPGP key metadata to easily identify PGP keys (TFS 376950)
Remote Agent
Added ability to import and export RAM rules (TFS 379187)
SSL
Support for TLS v1.3 (TFS 379224)
VFS
Added ability to map virtual folders to cloud storage (Beta) (TFS 379854)
Web Transfer Client (WTC) & Workspaces
Added support for pagination of directory listings (TFS 377878)
June 2021
Version 8.0.5.12
June 06, 2021
Fixed an issue where certain event rule configurations would fail to upgrade to EFT 8.0.5
April 2021
Version 8.0.5.7
April 30, 2021
New Features
EFT Administration
Added support for Proxy Protocol (TFS 376808)
Added a warning when exceeding EFT's specified limits (TFS 376816)
Added a "Last password change" field under the user's General tab (TFS 379671)
Added a Secrets Module backup storage location (TFS 376215)
Added the ability to define SSL and SFTP security settings (ciphers, mac's, etc.) at the Site Level (TFS 370369)
Added support for Twilio custom verification code (TFS 378823)
Added a warning for Folder Monitor Rules when monitoring a user's home folder path (TFS 376494)
Added ability to promote an EFT Server to a new cluster (TFS 377176)
Added two new Performance Counters: Event Rules Running Async Events, Event Rules Size of Async Events Queue (TFS 341305)
Advanced Properties
Added ability to ignore sending password reminder emails for expired or disabled user accounts (SendPasswordReminderEmailForDisabledClient). Default set to True (TFS 378128, Case 83175)
Added ability to set expiration limits on password reset links (PasswordResetLinkExpirationPeriodMinutes). Default set to 30 minutes (TFS 376459, Case 79626)
Added ability to set AKV Recovery Access Key (AKVRecoveryAccess) (TFS 376215)
Added ability to set AKV Recovery Host (AKVRecoveryHost) (TFS 376215)
Added ability to set AKV Recovery Password (AKVRecoveryPassword) (TFS 376215)
Added ability to set AKV Recovery SiteID (AKVRecoverySiteID) (TFS 376215)
Added ability to set legacy asynchronously reply (success reply is sent to client after the event rule kicked off), (WaitOnFileUploadEventCompletionBeforeSendingResult). Default set to False (TFS 341305)
Added ability to control the running rule size thread pool for asynchronous events (RunningAsyncEventsLimit). Default set to 20 (TFS 341305)
Added ability to control the maximum queued up thread pool for asynchronous events (QueuedAsyncEventsLimit). Default set to unlimited (TFS 341305)
Added ability to set the max limit in bytes for file action (MaxFileActionReadSize). Default set to 65534 bytes (TFS 376411)
Added ability to set write limit in bytes for file action (MaxFileActionWriteSize). Default set to 65534 bytes (TFS 376411)
Added ability to set timeout when receiving Proxy Protocol header after client disconnects (ProxyProtocolHeaderTimeoutInMS). Default set to 6000 ms (TFS 376808)
Added ability to prioritize SFTP Ciphers (SftpClientCiphers) (TFS 376085)
Added ability to prioritize SFTP KEX algorithms (SftpClientKexAlgorithms) (TFS 376085)
Added ability to prioritize SFTP MACs (SftpClientMACs) (TFS 376085)
ARM
Added support for Oracle 19c (TFS 70411)
Added support for SQL 2016 (TFS 70411)
COM API interfaces
ICIFileActionsChecksumParams
ICIFileActionConcatenateParams
ICIFileActionDeleteParams
ICIFileActionFilter
ICIFileActionReadParams
ICIFileActionRenameParams
ICIFileActionWriteParams
ICISynchronizeActionParams
ICIRESTInvocationAuthParams
ICIRESTInvocationVerifyParams
ICIRESTInvocationEventRuleParams
COM API Properties
ICIFileActionParams: added GetParams and SetParams, and changed type to Type
SFTP algorthm-related properties in ICIServer Interface
ICISite Interface:
AllowClearCommandChannel
AllowUnprotectedDataChannel
Enable the Proxy Protocol
EncryptionKey
IsSSLSettingsInherited
IsSFTPSettingsInherited
Secrets Module settings
SSLVersionMask
SSLCipherList
WorkspacesOAISecureMessageBodyPolicy
ICIAWTaskActionParams interface, added WaitUntilCompletes
ICICommandActionParams Interface, added WaitUntilCompletes
ICIMailActionParams interface, added WaitUntilCompletes
ICICallSubroutineActionParams, added WaitUntilCompletes
ICIContentIntegrityControlProfile Interface, added several new properties
ICIGDPRSettings Interface, added EncryptionPDKey property
ICICloudAWSS3DownloadParams interface, added TreatMissingSourceAsSuccess
ICICloudAzureBlobDownloadParams interface, added TreatMissingSourceAsSuccess
COM API enums
ChecksumAlgorithm (CRC32, MD5, SHA1, SHA256, SHA384, SAH512)
FileOperationType, added FileChecksum, FileConcatenate, FileDelete, FileRead, FileRename, FileWrite
IcapErrorsPolicy
MatchingFileOption (append, skip, overwrite, numerate, fail)
RESTInvocation, added to EventType
RESTInvocationAuthType
RESTInvocationVerifyType
SyncDirectionType
SyncOverwriteType
SynchronizeAction, added to EventAction Type
Event Rules
Added REST Invoke trigger (TFS 367340)
Added Run Now option on any event rule (TFS 376558)
Added event rule synchronize action that provides sync using EFT's built-in client or Remote Agent (TFS 378435)
Added File Action operations (Read, Concatenate, Checksum) (TFS 376411)
Added an option to Event Rules to reply asynchronously (TFS 341305)
Added checkbox for running event rule actions asynchronously (TFS 375790)
Added "Treat missing as success" option for Upload Cloud action (TFS 379608)
ICAP (CIC module)
Added support for reqmod client requests (TFS 377914)
Added support for respmod ICAP server responses (TFS 377915)
Added support for OPTIONS method (TFS 377916)
Added support to allow override of the REQMOD/RESPMOD X-headers sent by EFT (TFS 377974, Case 78915)
Additional support for Response Handling (TFS 377983)
Added support to block/allow on HTTP error (TFS 378265)
EFT Outlook Add-In
Added support to handle duplicate recipients more gracefully (TFS 367839, Case 79773)
Added authentication failure logic to prevent accidental DoS (TFS 375400, Case 77391)
Added additional debug logging (TFS 379285)
Web Transfer Client (WTC) & Workspaces
Added support to give EFT administrators control over Send Secure (mandated, allowed or sender's choice) (TFS 376825)
Added default settings for all WTC's settings via the Admin-configuration.json (TFS 377004)
Added WTC language support for: Italian, Japanese, Chinese simplified and Chinese traditional (TFS 377300)
Added support to display a count for total files/folders or a count of selected files in the current directory (TFS 377689)
Added the ability to send to self via the Send Portal (TFS 370060)
Added support for character input validation (TFS 375466, Case 78321)
Added support for the web client to remember the last state (open/closed) of the Activity and/or History panel (TFS 377875)
Added easy access to re-brand commonly branded elements in our WTC (Web Transfer Client) (TFS 376830)
Enhancements
EFT Admin UI
Modified UI/UX for Event Rules (TFS 370698)
Modified the Default Template Path for new users (TFS 372234)
Modified EFT's DNS routing process (TFS 375531, 73644)
Updated cluster web files path to the cluster share path (TFS 376137)
Updated the SAML error prompt when detecting an incompatible setting (TFS 379426)
Advanced Properties
Increased Auto-ban Limit default from 10000 to 50000. Additionally, increased the maximum value to 4294967295 from 60000 (TFS 378197)
Extended filter for all protocols in AuditUnimportantCommands (TFS 378041, Case 82475)
Extended AuditUnimportantCommands to control logging to the EX logs (TFS 379460, Case 82475)
Set Max limit for ICAPConnectionTimeoutInMS from 4294967295 to 2147483647 (TFS 378290, Case 83356)
Removed (FMRunActionsAsynchronously) due to new asynchronous functionality (TFS 375790)
Removed (applet_only) as this is no longer valid (TFS 375039)
Event Rules
Context variables are available to action fields (TFS 370855, Case 80765)
Various Event Rules UI changes (TFS 376444)
Removed Text in ICAP response headers and body text fields in the EFT UI (TFS 377983)
Optimization for EFT configurations that contain a large number of Folder Monitors (TFS 376791, 376409, Case 79954)
COM API
ICIFileActionParams properties: Contents, Encoding, ExclusionMasks, IncludeSubdirsFlag, NewNameMask, Operation, Path, OverwriteOption, UseExclusionMasksFlag (functionality moved to new File Action interfaces, listed below)
Web Transfer Client (WTC) & Workspaces
Removed obsolete web clients (TFS 375039, Case 76747)
Removed MKCOL call on folder creation (TFS 370399, Case 65468)
Improvements to the WTC Activity Panel to better identify ongoing transfers (TFS 377501)
Improvements to Timezone adjustments for file listings (TFS 377502)
Removal of jQuery in EFT (TFS 378206)
ARM
Updated a stored procedure for fact table generation to improve performance (TFS 378964)
Fixes
EFT Administration
Fixed an issue where the UI did not reference HTTPs 2FA as a dependent module (TFS 378250)
Fixed an issue where commas in multi-string upload forms reported an error when saved (TFS 379606)
Fixed an issue where the EFT Admin GUI could hang due to listings in the TED transfers (TFS 379004, TFS 378831, Case 84862)
Fixed an issue where EFT could experience a memory leak when the Admin UI was refreshed multiple times (TFS 378233, Case 84432)
Advanced Properties
Fixed an issue where (UserAgentHeaderSkipOTP) did not allow multiple user agents (TFS 378135)
ARM
Fixed an issue where the EFT report "Most Active Users - Connections" would display an entry for a user 'blank' (TFS 379465)
Fixed an issue where on SQL schema upgrade, sbo assignment on a stored procedure could be skipped (TFS 379454, Case 86556)
Fixed an issue where a connection string value would be automatically added to an ARM report using the report editor (TFS 376876, Case 79602)
DMZ Gateway
Fixed an issue where a deadlock between singlegateway and pncsocket could exists (no new DMZ required) (TFS 377892, Case 81076)
Fixed an issue where DMZ would not listen to FTPS Explicit only (no new DMZ required) (TFS 377458, Case 82367)
COM API
Fixed an issue where COM GetUserSettings was returning random values for users who had not connected to the server (TFS 378436, Case 84395)
Event Rules
Fixed an issue where sweep operations or Time event rules would not log Cloud download actions in AWS (TFS 379690)
Fixed an issue where an extra slash was added to the URL for Azure blob storage (TFS 378023, Case 82692)
Fixed an issue where a deadlock could exist on server startup (TFS 378114, Case 83274)
Fixed an issue where an event rule import that contained a large body would fail to import (TFS 377444, Case 82215)
Fixed an issue where an ORA-01858 error was reported with an Event Rule that contained a generate report action (TFS 378818, Case 84953)
Fixed an issue where EFT administrators were unable to create Event Rules when using a non-default server group (TFS 378832, Case 84877)
Fixed an issue where Export/Import of Event Rules that contained AWE actions in EFT 8.0.4 would fail (TFS 379117, Case 85706)
Fixed an issue where out of memory issues could be experienced when uploading large files to the cloud (TFS 379080, Case 88213)
Fixed an issue where Azure blob connection profile fails to connect to Storagev2 configurations (TFS 378913)
Fixed an issue where a Test connection in the Connection Profiles to AWS could cause the Admin UI to timeout (TFS 378821, Case 84987)
Fixed an issue where S3 cloud monitor could not get a proper listing with 1000+ files (TFS 377324, Case 81642)
Fixed an issue where EFT could run low on memory when performing multipart uploads via Cloud Upload actions (TFS 378144, Case 82545)
Fixed an issue where masked variables in Event Rules were not masked in the EFT log (TFS 378239, Case 81686)
Encrypted Folders
Fixed an issue where virtual folders mapped to a network share could not be added to EFT's Encrypted Folders (TFS 379074)
HA (High Availability)
Fixed an issue where the EFT service could crash due to corruption in the MSMQ (TFS 378331, Case 84775)
ICAP (CIC)
Fixed an issue where EFT could crash when ICAPConnectionTimeoutInMS was set above 2147483647 (TFS 378290, Case 83356)
Fixed an issue where EFT could crash during certain ICAP operations (TFS 379116, Case 85743)
Logging
Fixed an issue where the Administrator Permissions logger was not logging (TFS 379052, Case 85623)
Fixed an issue where improper logger configuration could cause the EFT service to crash (TFS 376134, Case 79299)
EFT Outlook Add-in
Fixed an issue where the OAI would fail to validate proper EFT polices (TFS 380051)
Fixed an issue where a connection to OAI would prevent the deletion of the user in the EFT Admin UI (TFS 376624, Case 80389)
Fixed an issue where OAI emails would conflict with encrypted emails (TFS 379325, Case 86222)
OpenPGP module
Fixed an issue where PGP encryption action would fail on NetApp network folders (TFS 378119, Case 82925)
Remote Agent (RAM)
Fixed an issue where dataset functionality would be available under Remote Agent rules (TFS 378252)
Fixed an issue where EFT admins would be unable to edit the Remote Agent IP access list (TFS 378249, Case 84506)
SSH/SFTP
Fixed an issue where 0KB files were downloaded from Linux servers with 640 permissions (TFS 378518, Case 84208)
VFS
Fixed an issue where modifying the VFS permissions could crash the EFT service (TFS 377497, Case 82487)
Web Transfer Client (WTC) & Workspaces
Fixed an issue where Received Items folder was hidden (TFS 378508)
Fixed an issue where existing users were unable to access shared workspaces when Terms of Service or Privacy Policy were enabled but not previously accepted (TFS 378896)
Fixed an issue where password resets would generate two email notifications (TFS 379095)
Fixed an issue where a 508 Violation was identified in the landing page (TFS 378066)
Fixed an issue where a 508 Violation was identified in the WTC Send portal (TFS 378068)
Fixed an issue where Collaborative workspace participants could not access the workspaces via SFTP (TFS 379270, Case 86495)
Fixed an issue where AD users needed permissions to the shared config when sending a Transactional Workspace (TFS 377988, Case 82589)
Fixed an issue where AD account search was too slow when sharing a workspace (TFS 378212, Case 83122)
Fixed an issue where workspace daily digest notifications were not being sent (TFS 378922, Case 83759)
Fixed an issue where the WTC page would send the default PasswordRestConfirm.html template even when customized (TFS 379053, Case 85655)
Fixed an issue where WTC users were not able to overwrite existing files (TFS 378220, Case 84333)
Fixed an issue where WTC users were not able to Share a file larger than 5GB via the Send Portal (TFS 378517, Case 83932)
Fixed an issue where Base64 encoded WTC credentials failed to login to WTC (TFS 378147)
Fixed an issue where WTC users were not able to login after changing their password if it contained a + (TFS 377265, Case 80991)
Fixed an issue where a sender's or recipients email was displayed in the invitation link URL (TFS 376994)
February 2021
Version 8.0.4.32
February 02, 2021
New Features
Added support for Twilio custom verification code (TFS 378823)
Updated PGP library (TFS 378983, Case 85355)
Various Bug fixes
November 2020
Version 8.0.4.27
November 1, 2020
New Features
EFT Administration
Added support for runtime templating, a means of setting reusable variables for paths and similar resources to facilitate DR and migrations (TFS 373679)
Added support for Datasets, which are easier to use and more powerful than arrays, a variable type that can hold tabular data (TFS 373163)
Added a new Event Rule action that will download a remote file listing and store the results in a Dataset (TFS 373167)
Added a new Event Rule action to loop through each element in a Dataset (TFS 373169)
Added support for break from loop for datasets in Event Rules (TFS 373170)
Added a new Event Rule action to read the contents of a Dataset and output those to a .CSV file (TFS 374260)
Added a new Event Rule action to store the contents of a .CSV file into a Dataset (TFS 374261)
Added an option to output PowerShell debug logging to a separate file, independent of EFT's primary log file (TFS 374313)
Added two additional AWS regions (EU (Milan) and Africa (Cape Town)) to EFT's AWS cloud actions (TFS 375029)
Added a customizable upload forms feature for collecting metadata from users prior to uploading files, which can be utilized by Event Rules (TFS 374804)
Added a prompt to the EFT Admin GUI that will warn administrators when enabling cipher suites that may be vulnerable to Raccoon (TFS 377846)
Advanced Properties
Added ability to default HTTP socket timeout (HTTPSocketDefaultTimeout) (TFS 375327, Case 77746)
Added ability to set sub-folder Remote listings in Datasets to parse recursively. The default value is 10 (GetListingActionMaxRecursion) (TFS 373167)
Added ability to set the number of records to display in the WTC Sent items view (outbox) and Received items view (inbox). The default value is 50. (BigCollectionsPageSize) (TFS 370374, 370375)
Added ability to restore legacy Dictionary password complexity functionality. The default value is False (DictionaryLegacyCheckIncludeSpecialDigits) (TFS 374099)
Added ability to enable/disable cipher aes128-gcm@openssh.com. The default value is Enabled (SFTP2_AES128_GCM_AT_OPENSSH_COM) (TFS 372451)
Added ability to enable/disable cipher aes192. The default value is Enabled (SFTP2_AES192) (TFS 372451)
Added ability to enable/disable cipher aes192-ctr. The default value is Enabled (SFTP2_AES192CTR ) (TFS 372451)
Added ability to enable/disable cipher aes256-gcm@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)
Added ability to enable/disable cipher chacha20-poly1305@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)
Added ability to enable/disable cipher rijndael-cbc@lysator.liu.se. The default value is Enabled (SFTP2_RIJNDAEL_CBC_AT_LYSATOR_LIU_SE) (TFS 372451)
Added ability to enable/disable MAC hmac-sha1-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA1_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC hmac-sha2-256-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_256_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC hmac-sha2-512-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_512_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC umac-64@openssh.com. The default value is Enabled (SFTP2_UMAC_64_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC umac-64-etm@openssh.com. The default value is Enabled (SFTP2_UMAC_64_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to allow user-agent to skip 2FA/MFA (UserAgentHeaderSkipOTP) (TFS 374817)
Added a new advanced property that would allow admins to export AWE tasks from EFT's database to their legacy file paths (AutoExportAllAWTasksToFiles) (TFS 374755)
AS2
Added the ability to allow values that exceed 600 seconds for the response and message send timeout setting (TFS 374078, Case 69531)
COM API
ICIServer, CreateSSHKey and CreateSSHKeyRemotely; changed nKeyBits to nKeyParams
ICISite, CreateSSHKeyPair, changed changed KeyBits to KeyParams
Added the following methods to ICISite:
AddUploadForm
DeleteUploadForm
EnableUsers
GetUploadForm
UpdateUploadForm
Added the following properties:
EnableMfa
MfaType
SmsProviderProfile
UploadFormsList
WebSSORedirectToSsoServiceBypassingLoginPage
WorkspacesMfaType
WorkspacesOAIMfaType
ICIClientSettingInterface, added the following functions:
GetRequireMfa
SetRequireMfa
ICIEventRule, added the AddLoopDatasetStatement method
ICIActionStatements, added the following methods:
AddActionStatement
AddIfStatement
AddLoopDatasetStatement
Added the ICILoopDatasetStatement interface, with the following methods:
AddActionStatement
AddIfStatement
AddLoopDatasetStatement
DeleteStatement
GetParams and SetParams
StatementsCount
Statement
Added ICICsvExportActionParams and ICICsvImportActionParams
Added ICIGetListingActionParams Interface
Added ICILoopDatasetStatement Interface
Added ICILoopDatasetStatementParams Interface
Added ICIUploadForm interface
Added ICIUploadFormElement interface
Added ICITwilioSmsProviderProfile interface
In the ICISimpleCondition interface, added the UseRegex property.
Enums added:
MFA type to specify whether to use email, SMS or either for second authentication
LoopDatasetStatement to EventRuleStatementType enum
LoopOrderType, used in the ICILoopDatasetStatementParams LoopOrder property
GetListingAction, LoopBreakAction, CsvImportAction, and CsvExportAction to EventActionType
FileDateFormat
UploadFormComType
UploadFormElementComType
REST API
Added underlying support for RESTful APIs in accordance with JSON:API principles (TFS 374144)
Added the ability to assign REST permissions to EFT administrator accounts (TFS 375336)
Added RESTful API endpoints for user account and VFS management configuration (TFS 374152)
Added the ability to create granular permissions for RESTful access to end points, down to the individual element (TFS 375337)
Added support for REST which allows EFT admins to create users and read all their settings but not delete them [users] or update them [users](TFS 375337)
Added support for REST which allows EFT admins to create users except for a user name matching "Administrator"(TFS 375337)
Added support for REST which allows EFT admins to read all the configuration for all users for a given site named (TFS 375337)
Added support for REST which allows EFT admins to read the AllowSecureFolderSharing value for users in the Guest template, but cannot read any other values or do anything else (TFS 375337)
Added support for REST which allows EFT admins to read the configuration to find out everything about all users in Site under template "Guest Users" but not make any changes to those users (TFS 375337)
Added support for REST which allows EFT admins to update everything about any user (TFS 375337)
Added support for REST which allows EFT admins to update everything about any user except for changing their SFTP key (TFS 375337)
Added support for REST which allows EFT admins to update all users except for a user matching a specific name (TFS 375337)
Added support for REST which allows EFT admins to update users but not create them or delete them (TFS 375337)
Added support for REST which allows EFT admins to delete users (TFS 375337)
Added support for REST which allows EFT admins to delete all users except for a specific user name (TFS 375337)
Added support for REST which allows EFT admins to execute the Generate pass function for all users (TFS 375337)
SAML
Added the ability to leverage federated authentication for Guest users, including SSO and JIT, where desirable (TFS 374120)
SSH/SFTP
Added support for aes256-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)
Added support for rijndael-cbc@lysator.liu.se SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)
Added support for aes192-ctr SSH cipher in Non-FIPS mode (TFS 372451)
Added support for aes192-cbc SSH cipher in Non-FIPS mode (TFS 372451)
Added support for aes128-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)
Added support for chacha20-poly1305@openssh.com SSH cipher in Non-FIPS mode (TFS 372451)
Added legacy support for cast128-cbc SSH cipher in Non-FIPS mode (TFS 372451)
Added legacy support for blowfish-cbc SSH cipher in Non-FIPS mode (TFS 372451)
Added legacy support for arcfour SSH cipher in Non-FIPS mode (TFS 372451)
Added new advanced properties to enable/disable certain ciphers for client outbound (TFS 372451)
Added support for hmac-sha2-512-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)
Added support for hmac-sha2-256-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)
Added support for hmac-sha1-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)
Added support for umac-64-etm@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)
Added support for umac-64@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)
Added new advanced properties to enable/disable certain MACs for client outbound (TFS 375033)
Added the ability to choose SFTP key type upon creation (TFS 370229)
Added backward compatibility for DSS keys (TFS 372452)
Added support for ecdh-sha2-nistp521 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for ecdh-sha2-nistp384 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for ecdh-sha2-nistp256 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for diffie-hellman-group18-sha512 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for curve25519-sha256 SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)
Added support for curve25519-sha256@libssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)
Added support for sntrup4591761x25519-sha512@tinyssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)
Added back the ability to see negotiated SFTP cipher suites to EFT's client (outbound) logs (TFS 373618)
Web Transfer Client (WTC) & Workspaces Changes
Added support for SMS 2nd factor validation for guest account enrollment (registration) and for normal authentication (TFS 374817)
Added a new shared folder (Workspaces) history section to the Web Transfer Client for owners and participants (TFS 374884)
Added a Received items (inbox) section to the Web Transfer Client for users to see messages and files sent to them (TFS 370375)
Added a Sent items (outbox) section to the Web Transfer Client for users to see messages and files they've sent to others (TFS 370374)
Enhancements
EFT Administration
Enhanced the password dictionary validation feature so that dictionary words surrounded by non-alphabet characters are detected and blocked (TFS 374099, Case 75599)
Updated the text under the Logs tab to reflect "Audit event rule client outbound transfer" instead of "Diagnostic Logging Settings" (TFS 376313)
Optimized EFT's folder monitor polling so that it wouldn't attempt to open file hands for files matching extension exclusion conditions (TFS 373182)
Modified EFT's import/export of Event Rules to match the json format supported by EFT's RESTful APIs (TFS 374054)
Modified the 'Variable' action so that it uses only a single line, making it easier to visually parse (TFS 374308)
Modified encrypted folder and personal data secrets so they are randomized by default and can be viewed or overridden by admins (TFS 373411)
Advanced Properties
Updated default value for Advanced Property SFTP2_ARCFOUR to False (TFS 372451)
Updated default value for Advanced Property SFTP2_Blowfish to False (TFS 372451)
Updated default value for Advanced Property SFTP2_CAST128 to False (TFS 372451)
Updated default value for Advanced Property SFTP2_MD5 to False (TFS 375033)
Updated default value for Advanced Property SFTP2_MD5_96 to False (TFS 375033)
Updated default value for Advanced Property SFTP2_SHA1_96 to False (TFS 375033)
Outlook Add-in (OAI)
Modified the Outlook Add-in to avoid message preparation when the add-in is not being used to handle attachments (TFS 377131, Case 80889)
REST API
Modified EFT's existing RESTful APIs for Server and Site endpoints to adhere to JSON:API (TFS 374361)
SSH/SFTP
Prohibit the ability to generate rsa SSH keys less than 2048 bit in FIPS mode (TFS 375076)
Prohibit the ability to use SSH keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)
Prohibit the use of "diffie-hellman-group1-sha1" SSH KEX (for both client and server) in FIPS mode (TFS 375076)
Prohibit the use of "hmac-sha1-96" SSH MAC (for both client and server) in FIPS mode (TFS 375076)
Enabled by default "hmac-sha1" SSH MAC (for client) in both FIPS and non-FIPS mode (TFS 375076)
Prohibit the ability to generate rsa SSH keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)
Ciphers are now ordered by strength, favoring FIPS approved ciphers, with only FIPS approved ciphers enabled by default (TFS 372451)
EFT admins will now be warned if they enable insecure ciphers (3des-cbc, cast128-cbc, blowfish-cbc, arcfour) in Non-FIPS mode (TFS 372451)
EFT admins will now be warned if they enable insecure cipher 3des-cbc in FIPS mode (TFS 372451)
The following ciphers are now enabled by default (due to FIPS-compliance): aes256-gcm@openssh.com, aes256-ctr, aes256-cbc, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc, aes128-gcm@openssh, aes128-ctr, aes128-cbc (TFS 372451)
The following ciphers are now enabled on upgrade: aes256-gcm@openssh.com, aes128-gcm@openssh, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc (TFS 372451)
Improved TED6 log verbosity with newer SSH library (TFS 373819, Case 72767)
The following MACs are now enabled by default (due to FIPS-compliance): hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)
The following MACs are now enabled on upgrade: hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)
KEX ciphers are now ordered by strength, favoring FIPS approved KEXes, with only FIPS approved KEXes enabled by default (TFS 372613, Case 77147)
The following KEX ciphers are now enabled by default (due to FIPS-compliance): ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 (TFS 372613, Case 77147)
KEX cipher diffie-hellman-group18-sha512 will not be enabled by default (despite the fact that its FIPS-compliance) due to its poor performance behavior (TFS 372613, Case 77147)
The following KEX ciphers are now enabled on upgrade: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256 (TFS 372613, Case 77147)
The following KEX ciphers are enabled by default for Client connections in both FIPS and Non-FIPS mode: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group18-sha512, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)
The following KEX ciphers are enabled by default for Client connections in Non-FIPS mode: curve25519-sha256, curve25519-sha256@libssh.org, sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)
SSL
Updated SSL Library to 1.0.2u (TFS 375029)
Prohibit the ability to generate rsa SSL keys less than 2048 bit in FIPS mode (TFS 375076)
Prohibit the ability to use SSL keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)
Prohibit the ability to generate rsa SSL keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)
WTC/Workspaces
Updated jQuery to v3.5.1 (TFS 376501, Case 80133)
Fixes
EFT Administration
Fixed an issue where EFT could hang after applying a change to the group and domain for an AD site (TFS 369730, Case 65993)
Fixed an issue where EFT would fail to create a GSAuth account when RSA manage password is enabled (TFS 375388, Case 78173)
Fixed an issue where a deadlock could be exhibited when stopping the EFT service via the Service Manager (TFS 371230, Case 70079)
Fixed an issue where the quick search produced incorrect results for connection profiles in upload/download actions (TFS 375328, Case 77625)
Fixed an issue where LDAP users could no longer login after changing the OU (TFS 374566, Case 75760)
Fixed an issue where the AWE mail registry SMTP Password would be overwritten when the EFT Admin GUI's SMTP settings were modified (TFS 376198, Case 78079)
Fixed an issue where a potential deadlock could cause a hang on the EFT Admin GUI (TFS 376222,376433,376389, Case 78656,79826, 80385, 80914)
Fixed an issue where a potential deadlock could cause HTTPs connections to fail (TFS 377021, Case 81348)
Fixed an issue where FTP listing on chrome would list an empty directory (TFS 377050, Case 80506)
Fixed an issue where plain FTP via DMZ would not work (TFS 376912, Case 78948)
Fixed an issue where upgrades to EFT 8.0 could fail when duplicate Event Rule folder names existed (TFS 377445, Case 82273)
Fixed an issue where upgrades to EFT 8.0 could fail when duplicate ssh public existed (TFS 377002, Case 80370)
Fixed an issue where upgrades to EFT 8.0 could fail when workspaces included duplicate names in upper and lowercase (TFS 376973, Case 80443)
Fixed an issue where server admin permissions could disappear after upgrading to EFT 8.0 (TFS 377672, Case 81472)
Fixed an issue where upgrades to EFT 8.0 could fail when a certificate resided in both the pending and trusted list (TFS 376153, Case 79408)
Fixed an issue where upgrades to EFT 8.0 could fail when an Event Rule contained Mail action (TFS 377457, Case 82232)
Fixed an issue where the EFT Admin GUI could run out of memory with heavy configurations (TFS 377338, Case 82025)
Fixed an issue where EFT Admins would receive an error when specifying remote SSH keys in Event Rules (TFS 376118)
ARM
Fixed an issue where the Activity - by Users reports were misleading with the data being pulled. (TFS 374125)
Fixed an issue where the reports using fact tables would group several lines for each group. (TFS 374454)
Fixed an issue where EFT would audit 0kb when AS2 transactions are successful (TFS 376257, Case 79486)
AWE
Fixed an issue where a race condition was seen when running GSAWE.exe that caused an AWE licensing error (TFS 372374, 71032)
Fixed an issue where the AWE OCR action would not work (TFS 375343, Case 76553)
COM API
Fixed an issue where user admins could not enable a user account via COM (TFS 373315, Case 74441)
Event Rules
Fixed an issue where Timer Event Rules - Exclude UK Holidays had missing days (TFS 376875, Case 78879)
Fixed an issue where the Event Rule change log would not properly update after clicking Apply (TFS 376277, Case 79465)
HA (High Availability)
Fixed an issue where Event Rule master would send MSMQ tasking message to itself when it shouldn't be (TFS 376320)
ICAP/CIC
Fixed an issue where the host header in a CIC request would send a request to http.example.com (TFS 377358, Case 81443)
Installer
Fixed an issue where EFT would fail installation when CWDIllegalInDllSearch registry is configured (TFS 373910, Case 70840)
Logging
Changed log level to ERROR for AML export errors (TFS 376480)
Fixed an issue where the wrong log level for Folder Monitor reconnect events was used (TFS 375800, Case 78333)
Outlook Add-in
Fixed an issue where duplicate email stuck in outbox when encrypted with zed mail (TFS 374623, Case 75460)
PCI DSS
Fixed an issue where PCI compliance reports would report failures due to password security for remote agents (TFS 377808, Case 82083)
Remote Agent (RAM)
Fixed an issue where a remote agent could crash when the source path is configured with a virtual local path (TFS 376602, Case 80300)
SAML SSO
Fixed an issue where the SAML SSO JIT user template pulldown can set incorrect user setting template (TFS 375614)
Fixed an issue where the SAML SSO JIT user email attribute taken from username attribute, not email attribute (TFS 375677)
Fixed an issue where users were presented with a 404 on the reply portal when using SSO (TFS 374791, Case 76465)
SSH/SFTP
Fixed an issue where EFT could crash when opening a file/folder (TFS 375556, Case 78436)
VFS
Fixed an issue where EFT startup performance would be affected by large number of virtual folders (TFS 374893, Case 76483)
Web Transfer Client (WTC) & Workspaces
Fixed an issue where "Expires:" headers were sent twice via our WTC page (TFS 375389)
Fixed an issue where Workspaces participants could not share their root folder (TFS 376164)
Fixed an issue where the From field in Send requests did not enforce server side validation (TFS 376091)
Fixed an issue where password resets were treated as successful but actually failed (TFS 375161, Case 76747)
Fixed an issue where customization changes in theme.json were not properly applied (TFS 374598)
Fixed an issue when viewing a workspace (as invitee) the update is active but would not display a progress bar (TFS 376221)
Fixed an issue where session tokens were not properly randomized (TFS 376419, Case 79654)
Fixed an issue where default datetime format was not defaulted to US (TFS 376870)
Fixed an issue where passwords with trailing spaces would get trimmed (TFS 375354, Case 77494)
Fixed an issue where Workspace invitation acceptance would fail if user already had a session open (TFS 377040, Case 81196)
Fixed an issue where duplicate file uploads to WTC could break upload functionality in the current session (TFS 377266, Case 80852)
Fixed an issue where copy/paste function when inviting someone to a workspace would fail in IE11 (TFS 376708, Case 80348)
Fixed an issue where a folder with "#" in the name would cause an error in WTC (TFS 375243, Case 77426)
Fixed an issue where EFT's Terms of Service and forced password reset would cause a permission denied error (TFS 376510, Case 79430)
Fixed an issue where WTC retry would fail with error 406 on Firefox (TFS 376199, Case 78233)
June 2020
Version 8.0.2.23
June 14, 2020
New Features
Added subscription licensing for EFT and most modules
Restored ability to customize default values for Workspaces permissions (TFS 376117, Case 78957)
Restored ability to customize default values for Workspaces participant limits (TFS 376121, Case 78957)
May 2020
Version 8.0.2.19
May 10, 2020
New Features
Advanced Properties
EFT now provides the ability to override the port used in all workspace email notifications. This is useful when the DMZ Gateway is on a non-default port (e.g., 4443) and differs from the site port (i.e., 443). When enabled, all workspace emails (Send/Share/Request/etc.) will now use and append the PORT defined via the Advanced Property regardless of the Send Settings URL:PORT or Site DMZ port configuration. This property is disabled by default (ExternalLinkPortOverride) (TFS 371388)
Ability for WTC reserved file/folder caching for HTTP(S) requests to cache based on file size instead of an entire directory. This property is disabled by default. (MaxCachedReservedFileSizeKB) (TFS 373650)
Enhancements
Ability to cache WTC reserved files/folders located under .../EFT Server Enterprise/web/public/EFTClient/wtc/lib/, this property is enabled by default (CacheReservedFiles) (TFS 373650)
Fixes
Web Transfer Client (WTC) & Workspaces
Fixed an issue where the WTC page failed to load for external domains when EFT is configured with both Internal (with SAML SSO) and External domains (TFS 375093)
Fixed an issue where WTC customization failed when configured with multiple sites (TFS 375253)
Fixed an issue where upgrades to EFT 8.0 could fail because of duplicated workspaces (TFS 375535)
Fixed an issue where EFT may crash on rare instances when configured with AD and authenticating with Internal/External workspace users (TFS 375040)
Fixed an issue where upgrades to EFT Express 8.0 could fail due to incorrect data in the local db files (TFS 375555)
Fixed an issue where ignored logging to the authentication and protocols tables were not being honored (TFS 375543)
Fixed an issue where upgrades to EFT 8.0 could fail because of non-existing workspaces (TFS 375497)
Fixed an issue where upgrades to EFT 8.0 could fail because of missing permissions or non-unique connection profiles (TFS 375683)
Fixed an issue where upgrades to EFT 8.0.2 could cause Remote Agents Event Rule downloads to fail (TFS 375750)
March 2020
Version 8.0.2.10
March 25, 2020
New Features
EFT Administration Changes
Added option to schedule FACT table updates (TFS 373489)
Advanced Properties
By default, EFT uses non-exclusive file-sharing mode when processing file uploads. With this advanced property (UseExclusiveSharingModeForUploads) (TFS 374129), EFT can be configured to use exclusive sharing mode for uploads (i.e., file locking)
COM API
Added enums and a Site interface property to support the Out-of-Band passcode to pick-up files in EFT. (Please refer to the EFT administration help contents.)
WorkspacesOAIPasscodeProtectionType enum, used in the ICISite property, WorkspacesOAIPasscodeProtection to specify whether the EFT administrator requires a passcode, does not require, or is chosen by the email sender.
Web Transfer Client (WTC) & Workspaces Changes
Added ability to Secure Send without attachment (Send portal and Outlook Add-in) (TFS 370270)
Added ability to request passcode for file pick-up (TFS 361146)
Added ability to redirect to login page instead of registration page for internal domains (TFS 373043)
Enhancements
Web Transfer Client (WTC) & Workspaces Changes
Re-wrote our web application based on more modern frameworks, refactoring it completely to emphasize performance while maintaining the same functionality as before. The net result is faster, more streamlined operations on the client side, with reduced performance impact on the server side. (TFS 373849)
Removed our legacy Jument WTC from the EFT installer (TFS 374773)
Fixes
EFT Admin GUI
Fixed an issue where EFT would allow AD admins to authenticate when not permitted (TFS 374195)
Fixed an issue where EFT would not respect server-level permissions (TFS 374330)
Fixed an issue where the Admin GUI may crash due to nested workspaces (TFS 374281)
Fixed an issue where enabling Encryption folders would cause open windows on the background to be displayed in the forefront (TFS 374831)
Fixed an issue where remote admin GUI would fail to display the GDPR report (TFS 374567)
Fixed an issue where a memory leak may exist in SSL_AES256_CBC_Encrypt (TFS 374865)
ARM
Fixed an issue where the Traffic-Average Transfer Rates by User would report groups by protocol instead of site (TFS 374441)
Fixed an issue where the report "Activity - File Scanned Data Results" was missing in EFT Express (TFS 374150)
Event Rules
Fixed an issue where the GUI may not display Else condition after saving and refreshing an event rule (TFS 374154)
Fixed an issue where the Virtual Path condition may not work properly (TFS 374139)
Fixed an issue where the EFT service may crash when trying to delete user while "On User Account Deleted" event rule is active (TFS 370599)
Fixed an issue where the Event Scheduler may crash on service stop (TFS 371951)
Installer
Fixed an issue where some upgrades to EFT 8.0 would fail during the copy serialization (TFS 374421)
Fixed an issue where some upgrades to EFT 8.0 would fail when custom calendar selectors contained duplicated case sensitive entries (TFS 374565)
Fixed an issue during upgrade from EFT Express to EFT Enterprise while changing the configuration path would lead to duplicate config and binaries of EFT folders (TFS 368531)
Fixed an issue where upon upgrade to EFT 8.0 poor loading performance was experienced on the FileAudit.db (TFS 374194)
Fixed an issue where an upgrade to EFT 8.0 could fail due to a deleted workspace (TFS 374280)
Fixed an issue where an upgrade to EFT 8.0 could fail when a Remote Agent template is in the Awaiting Approval state (TFS 374258)
Fixed an issue where on an HA install, selecting Modify and changing the ARM server to a different SQL server was not saved (TFS 374238)
Fixed an issue where an upgrade to EFT 8.0 could fail when incorrect values exist in Client IP access (TFS 374846)
Fixed an issue where an upgrade to EFT 8.0 could fail when an incorrect participation value exists in the workspaces.db (TFS 374845)
Outlook Add-in
Fixed an issue where the Outlook Add-in was treated as an untrusted publisher (TFS 374635)
Fixed an issue where files sent via the OAI (Outlook Add-in) that contain # in the filename were not available in the pick-up portal (TFS 374077)
Fixed an issue where emails can become stuck in the outbox when the Outlook Add-in is configured with Zedmail add-in (TFS 374053)
Fixed the copyright dates on the Outlook Add-in UI (TFS 372700)
PCI DSS
Fixed an issue where some users may be disabled every night on a PCI site (TFS 374577)
Fixed an issue where server admins were not required to use complex passwords when PCI is enabled (TFS 374807)
REST API
Fixed an issue where the EFT Express would allow folder creation via REST (TFS 374113)
SAML
Fixed an issue where SAML JIT password fail password complexity when enabled(TFS 374357)
Web Services
Fixed an issue where InvokeWebService action works wrong with Location Header (TFS 373928)
Web Transfer Client (WTC) & Workspaces
Fixed an issue when sharing a workspace with # the recipient could not register for access (TFS 373156)
Fixed an issue in which an expected error message that should be presented when trying to share a workspace with an external user is not being presented (TFS 374100)
Fixed an issue where authenticated external users were unable to reply to send requests without access to their home folder (TFS 374777)
Fixed an issue where the TOS (Terms of Service) and Privacy policy prompts were not working on the various portals (TFS 371808)
Fixed an issue where workspaces fails to redirect new external participants to their workspace when taking less than 60 minutes between registration and verification (TFS 371972)
February 2020
Version 8.0.1.4
February 09, 2020
New Features
EFT Administration Changes
EFT now provides a "Secrets module" under the Security tab, which provides the ability to encrypt certain EFT passwords locally or via Azure's Key Vault (AKV) (TFS 372081)
EFT now supports Azure's Data Lake Storage Gen2 (ADLSg2) (TFS 372082)
EFT now provides the ability to override VFS credentials (TFS 372229)
EFT now supports REST API for Event Rules (TFS 372230)
Fixes
EFT Admin GUI
Fixed an issue where an LDAP site failed to pull users in the UI but would allow authentication (TFS 369709)
Fixed an issue where the Admin GUI would truncate virtual folder paths larger than 260 characters (TFS 371035)
Fixed an issue where the Admin GUI did not properly apply the certificate to the Administration Service (TFS 373685)
Fixed an issue where the EFT Site Wizard UI would not follow the proper flow after pressing the back button (TFS 373735)
Fixed an issue where user login authentications may fail after SSL options at the user level are modified (TFS 374027)
Fixed an issue where the Admin GUI displayed the wrong CIC profile when editing an event rule for a SCAN file action (TFS 374051)
Fixed an issue where the EFT Admin GUI could crash when pressing refresh while viewing a report (TFS 374089)
Auth AD
Fixed where EFT was unable to authenticate an AD user (with UPN) on EFT Express (TFS 373552)
AWE
Fixed an issue where concurrent EFT Admins may use the same tmp file for editing AWE tasks (TFS 373762)
Event Rules
Fixed an issue where the focus in the Admin GUI was lost when adding variables to the subject field in an email action (TFS 374065)
Fixed an issue where the Event Rules "Stop Processing Rule" was always enabled (TFS 373879)
Fixed an issue where EFT would change the date modified timestamp in copy/move action changes on the destination file (TFS 373600)
FTP
Fixed an issue where the EFT service could crash via FTP (TFS 373856)
Fixed an issue where EFT failed to connect in FTP PASV mode when using DMZ as a proxy (TFS 371118)
GDPR
Fixed an issue where GDPR Article 32:(4) would not follow proper logic (TFS 373712)
Fixed an issue where DPIA Report logic for Article 32:(4) would not follow proper logic (TFS 374063)
Installer
Fixed an issue where some upgrades to EFT 8.0 would fail when upgrading from a large FTP.cfg file (TFS 373712)
Fixed an issue where some upgrades to EFT 8.0 would fail when certain EFT admins had misconfigured permissions (TFS 374116)
SFTP
Fixed an issue where the EFT could be flooded by network connections (TFS 373683)
Web Transfer Client (WTC)
Fixed an issue where the PowerShell script to customize WTC failed to run (TFS 37458)
Fixed an issue where the EFT would report a status code of 200 when failing to log on (TFS 373101)
COM API
Added enums, properties, and methods to support the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality in EFT. (For details of the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality, please refer to the EFT help contents.)
SecretsModuleType
CloudProviderType_AzureDataLakeStorageGen2
Properties in ICISiteInterface:
OverrideVFSCredentialsEnable
OverrideVFSCredentialsLogin
OverrideVFSCredentialsPassword
SecretsModuleClientID
SecretsModuleClientSecret
SecretsModuleType
SecretsModuleURL
Methods in ICICloudStorageMonitorEventRuleParams:
GetAzureDLSgen2GeneralParams
SetAzureDLSgen2GeneralParams
Enums:
January 2020
Version 8.0.0.38
January 13, 2020
New Features
EFT Administration
The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)
EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)
The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)
Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)
Added a separate control the Request File page/portal URL (TFS 371245)
Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)
Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)
A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)
Added SAML assertion map attribute to email field (TFS 369964)
Added new Site-Level Counters
User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users
User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections
User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator
Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32
Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory
Templates – number of templates defined for this site. Updated infrequently
User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently
User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently
User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator
User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections
User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users
Workspaces Drop-offs – number of drop-off requests active and not expired
Workspaces File Sends – number of file send operations that are active and have not yet expired
Workspaces Folders Shared – number of folder shares that are active and have not yet expired
Updated the Amazon S3 Region list (TFS 373493)
Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)
Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)
SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)
Each site has its own set of SSH keys
Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db
The SSH creation and management GUIs were changed accordingly
OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)
Workspaces tabs have been consolidated into the Site > Web tab
Advanced Properties
Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).
To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)
To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)
To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)
To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)
To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)
To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)
To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)
To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)
To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)
To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)
To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)
Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)
Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)
Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)
Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)
Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)
Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)
To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)
To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)
To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)
To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)
To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)
To disable cache for DN Type in Active Directory sites (TFS 367876)
Added to skip auditing of:
Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)
Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)
Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)
Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);
Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)
Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)
Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)
RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)
User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)
All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)
‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)
Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete
Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)
Auditing and Reporting
Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)
Provided the ability to control what EFT Audits within the following tables (TFS 369778):
tbl_SocketConnections
tbl_ProtocolCommands
tbl_AS2Transactions
Improved error messages logged when failing to connect tOracle databases (TFS 369217)
ARM schema tables added:
AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)
AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)
NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)
NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)
PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)
PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)
ScanDataAction to contain list of scanned files and scan results (TFS 365254)
PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)
Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)
Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)
Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)
Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)
Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)
Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)
Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)
Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)
Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)
Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)
Added ARM reports:
“Workspaces – Folders Unshared”
“Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)
“Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)
“Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)
“Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)
“Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)
“Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)
“Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)
“Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)
“Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)
Workspaces
Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)
COM API
In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)
UTF8Logs property
In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)
PGP Key properties and methods:
CreatePGPKey
ExportPGPKey, ImportPGPKey
PGPKeys
RemovePGPKey
Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.
SSH Key properties and methods:
CreateSSHKeyPair
ExportSSHPrivateKey, ImportSSHPrivateKey
ExportSSHPublicKey, ImportSSHPublicKey
GetSSHKeyForSFTP, SetSSHKeyForSFTP
RemoveSSHKey
RenameSSHKey
SSHKeys
Privacy-related changes:
GetClientDataField, SetClientDataField
GetPrivacyPolicy, SetPrivacyPolicy
GetTermsOfService, SetTermsOfService
GetGDPRSettings, SetGDPRSettings
Workspaces Properties:
WorkspacesDomainsToForbidInviteeAddresses
WorkspacesEnableDomainsToForbidInviteeAddresses
WorkspacesOAIDomainsToForbidInviteeAddresses
WorkspacesOAIEnableDomainsToForbidInviteeAddresses
WorkspacesOAIEnableDomainsToLimitInviteeAddresses
WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute
Content Integrity Control profile management methods and properties
GetVirtualFolderList Properties (TFS 368492):
Calls with empty parameters work as previous behavior
Improvements with data returns of virtual folders that are inside the folder
In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId
In the ICISSHKeyInfo interface, added HasPrivate property
In the ICIManualIPAccessRule interface, added Reason property
Interfaces added for new Event Rule Actions:
ICICallSubroutineActionParams interface
ICIDefineVariableActionParams interface
ICIRunPowerShellScriptActionParams interface
Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):
ICIClientDataField interface
ICIGDPRSettings Interface
ICIPrivacyPolicy interface
ICITermsOfService interface
Enums:
In the AdminAccountType enum, added ADGroupAccount
In the AdminPermissionsPolicy enum, added ManagePersonalData
In the EventType enum, added EventRuleSubroutine
In the EventActionTypeenum, added:
DefineVariableAction
RunPowerShellScriptAction
CallSubroutineAction
In the EventProperty enum, added:
FileExtension
ClientGDPRSubjectStatus
ClientGDPRConsentStatus
ClientGDPRReason
ClientGDPRRightExercised
New ClientDataField enum
New GDPRTermsofServiceMode enum
New GDPRPrivacyPolicyMode enum
New GDPRSubjectStatus enum
New GDPRPrivacyPolicyConsentStatus enum
New GDPRTermsOfServiceConsentStatus enum
In UserAccountActionType enum, added:
EnableAccount
PersonalDataDeleteFields
PersonalDataResetToDefaults
PersonalDataSetEnabled
PersonalDataSetModifiable
PersonalDataSetVisible
SetEUDataSubjectStatus
SetPrivacyPolicyConsent
SetTermsOfServiceConsent
March 2019
Version 7.4.13
March 14, 2019
Security fixes
Added security patch updates for potential vulnerabilities:
These updates address recently identified potential security vulnerabilities that affect system availability. They do not indicate data security risk. While there are no known exploitation of these vulnerabilities, we recommend upgrading as soon as possible to avoid potential risk.
Patches are available for the following versions here:
7.4.13.14 (Enterprise and Express)
7.4.11.34 (Enterprise and Express)
7.4.10.6 (Enterprise and Express)
7.4.9.11 (Enterprise and Express)
7.4.7.18 (Enterprise and Express)
7.4.7.15 (Enterprise and Express)
7.4.5.8 (Enterprise and Express)
7.4.5.7 (Enterprise and Express)
7.4.5.6 (Enterprise and Express)
Further information about these vulnerabilities is available here.
Original release, February 13, 2019
New Features
Added Encrypted Folders, an EFT-managed feature to encrypt/decrypt data at rest in a transparent, streaming fashion
Added support for Just-in-Time (JIT) user account provisioning for SAML initiated logins
Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)
Added automatic file download to the DirectDownload.htm template
Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.
Added a User Account Action to allow administrators to effect changes to accounts in an automated fashion
Added logs to alert administrator when an IP address has been banned
Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance
Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked port
Enhancements
Optimized disk quota calculations so that they occur on user account logon rather than upon service start
Enhanced usability during initial account registration and change password requests by showing password complexity requirements
Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols
Updated OpenSSL library to 1.0.2q
Updated OpenSSH derived library to latest version 7.9.0.0
Updated Web Transfer Client login page and localization features
Removed direct download links from workspace's email template
Fixes
Numerous bug fixes were released in this version of EFT.
February 2019
Version 7.4.13
February 13, 2019
New Features
Added Encrypted Folders, an EFT-managed feature to encrypt/decrypt data at rest in a transparent, streaming fashion
Added support for Just-in-Time (JIT) user account provisioning for SAML initiated logins
Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)
Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance
Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked port
Added logs to alert administrator when an IP address has been banned
Added a User Account Action to allow administrators to effect changes to accounts in an automated fashion
Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.
Added automatic file download to the DirectDownload.htm template
Enhancements
Optimized disk quota calculations so that they occur on user account logon rather than upon service start
Enhanced usability during initial account registration and change password requests by showing password complexity requirements
Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols
Updated OpenSSL library to 1.0.2q
Updated OpenSSH derived library to latest version 7.9.0.0
Updated Web Transfer Client login page and localization features
Removed direct download links from workspace's email template
Fixes
Numerous bug fixes were released in this version of EFT.
October 2018
Version 7.4.11
October 24, 2018
New Features
Added support for IdP initiated SAML SSO Logins
Added override to relax SAML assertion on signing requirements
Added support for Active Directory + RSA SecurID® chaining (login AD, then RSA)
Added ability to hide forgot (reset) password for LDAP authenticated users
Added option to disallow LDAP login for guest users originating from DMZ Gateway
Added option to force LDAP authentication for users connecting directly to EFT
Changed the default refresh interval for LDAP to 30 minutes
Added ability to map a Settings template to LDAP attributes
Added support to SAML auth for looking up not-yet sync’d users in LDAP
Added Event Rule Download Action: Option to treat missing remote file(s) as success
Added ability to inject passwords into exported rules xml, for event rule import
Added an advanced property (registry override) to all configuration of HSTS max-age value
Added an advanced property (registry override) to manage CSP Content Security Policy header
Added an advanced property (registry override) to disallow support for Basic Auth for HTTP/S
Updated AS2 to latest libraries including choice of ciphers
Added custom header support for AS2 send action
Added support GZIP payloads for MDN responses (AS2)
Added support for asynchronous MDNs (AS2)
Added support for specifying allowed signing algorithms (AS2)
Added support for specifying allowed MDN MIC algorithm for inbound transactions (AS2)
Added over a dozen Windows Performance Counters associated with EFT
Added support for multiple group filtering under AD
Added username to AuthManager login ‘failed login’ eft.log
Added a registry option to disable basic authentication
Added Azure shared access signatures (SAS) support to cloud connector module
Added ability to inject passwords into exported rules xml, for event rule import
Added support for accelerated, parallel cloud transfers to Azure (8X speed increase)
Added the ability to capture the reason behind a manual IP ban
Added more context variables, such as SITE.DMZ_ADDRESS or PORT
Added option in EFT to select whether to do DNS lookups on the local EFT Server or DMZ Server
Added the ability for users to download entire folders from the WTC
Added the ability for users to move folders in the WTC
Added a domain whitelist property for greater control over the send file feature
Added an advanced property (registry override) to display full name rather than login name in WTC
Added more granular variables to Workspaces invite messages
Added ability to provision LDAP users when a workspace is shared with them
Enhancements
Improved usability by instructing users on how to properly activate the acceleration module
Updated SFTP library in line with current FIPS compliance standards
Hid the disk quota feature by default as it remains experimental
Decoupled Workspaces sending from sharing permissions: A user may not have permission to share but can send, and vice versa.
Provided controls for treating connections differently depending on their origination
Enhanced the WTC to display an error on next login if a background transfer failed
Updated language support for French, German, Spanish and Dutch
Improved SFTP logging to capture algorithms used
Updated OpenSSL to 1.0.2p
Improved auditing of expired module licenses in EFT.log
Removed optional recording of contact details and IP to better comply with GDPR
Changed EFT Enterprise installer file name from eftserver-ent.exe to EFT-Enterprise.exe
Changed EFT Enterprise without SQL Express installer file name from eftserver-nodb.exe to EFT-Enterprise-nodb.exe
Fixes
Numerous bug fixes
August 2018
Version 7.4.10
August 21, 2018
New Features
Added option to show full name vs. logon name in WTC profile
AD Site: Added option to authenticate users via Active Directory while managing permissions internally in EFT
LDAP Site: Added option to hide Forgot Password link for internal/external facing domains
LDAP Site: Added option to not allow LDAP logins for external facing domains
Fixes
Various bug fixes and improvements
July 2018
Version 7.4.9
July 17, 2018
New Features
Added ability to construct internal URL hyperlinks in notification emails based on recipient domain
Added ability to specify internal domain certificate in instance where direct connection is made that bypasses DMZ Gateway
Added ability for AD sites to automatically remove accounts after X days of inactivity
Enhancements
Agents can now perform client transfers to any server you designate, rather than only back to the home EFT Server
Shorter update intervals (real-time (every 15 seconds), once a minute, every 5 minutes, every 30 minutes)
New options for when an agent fails
System environment variables in remote agent rules
Remote Agent Condition for relevant File System triggers in event rules
“Run on links” option has been removed when you create remote agent rules
LDAP Site: Automatically remove/disable account after X days of inactivity
Option to specify custom LDAP attributes that are configured at the site level and map to those in the user template level
Internal (LDAP) users must not authenticate when visiting external URL
Fixes
Various bug fixes and improvements
May 2018
Version 7.47
May 15, 2018
Enhancements
EFT Server (SMB) has been renamed to EFT Express
EFT Server Enterprise has been renamed to EFT Enterprise
High Security Module (HSM) is now Advanced Security Module (ASM) in EFT Enterprise
High Security Module (HSM) is now Express Security Module (ESM) in EFT Express
Update AWE to version 10
AWE rebranding
Migrate and convert AM8 tasks to AM10 as part of the EFT upgrade process
Better support in AWE for EFT Insight
New context variables available which are populated upon AWE task completion
New option to specify location of AWE debug logs
AWE debug Task log name update to include AWE {Node Name}_{AML File Name}_yyyy-MM-DD-HH-mm-ss.csv
New option to retain task debug logs by Success/Failure
Audit the AWE execution details to ARM database
When AWE logging is disabled, ARM will report N/A
New AWE actions
Amazon DynamoDB
Amazon EC2
Amazon RDS
Amazon S3
Amazon SES
Amazon SimpleDB
Amazon SQS
Azure Storage
Dynamics CRM
Image
OCR
OpenDocument Spreadsheet
PDF
VMware Guest
VMware Host
WMI
New support for AWS and Azure context variables
SQL Express 2017 is now bundled with the EFT installer (64bit support only)
Only EFT 7.4 has been rebranded to new logos and title (this includes most if not all UI related Items, including ARM Reporting but excludes the installer)
New splash screens
New globalscape logo
Updated Admin GUI wizard pages
Event Rule Action – Send email notification action with attachments
New Cloud Object Monitor will allow users to monitor Amazon S3 or Azure blob storage for file triggers including ability to execute an action based on a trigger
New AWS S3 compatible metadata support (support outside of AWS S3 or Azure blob)
Limited support for Google Cloud and Caringo
Allow S3 bucket URL override
Allow EFT admin to specify outbound IP address in Event Rule Advanced option in HA environment
CCM and MTC are now part of EFT Core
AAM and CIC are now part of Advanced Security Module (ASM)
OAI now provides a Secure Message Delivery Option
Microsoft Outlook Digital Signature is now supported with EFT OAI
Microsoft Outlook Encryption is now supported with EFT OAI
Agent/Account coexistence
Agents can be created on same site as standard user account
New Diffie-Hellman key exchange security between EFT and Remote Agent
Remote Agents will now Auto-update when required
EFT Admins can now enable/disable the Reply portal
Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled
EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal
Request file options will now provide ability to require authentication
EFT Email recipients can now access the reply/reply all page from the pickup portal
Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha
Workspace invites are now restricted to whitelisted domains (if configured)
EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace
The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share
EFT will now restrict guests to their shared workspace
External users will no longer be granted by default a home folder of their own
Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account
Add Spanish language to WTC
Rebranding of the WTC including all portals
SQL Express 2008 is now removed from the EFT Installer
Mail Express is now removed from the EFT Installer
Certificate creation for a RAM template is no longer required when configuring a new Remote Agent
AutoMate action has now been removed from AWE
Increased Workspace trial license count to 100 seats
EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating
Improved the account registration and verification process
After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace
Support strong KEX algorithms for Incoming SFTP
diffie-hellman-group16-sha512
diffie-hellman-group14-sha256
diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
Update to SSL security compatibility to reflect “Minimum Protocol Version”
Update to the generic Welcome FTP banner message on new installs
EFT Login - %Date% %Time% - Please enter valid credentials to continue
SMTP Implicit TLS option is now exposed via the new server setup wizard under the SMTP Server settings wizard page
Removed the personal data registration page on a new install, under the Globalscape EFT Server Registration wizard page
EFT user’s home folder will now sync with their AD profile folder
Ability to type a value for toggle “Auto-attach files in Outlook when they exceed:”
More descriptive error message when workspaces license count has exceeded
Admin will now be presented with a prompt that Request files will be disabled when Reply portal is disabled
The EFT full version is now displayed in the title bar
Updated JRE to version 1.8.0.162
Updated supported Linux distros
RHEL 7.3 64-bit Kernel: 3.10.0-514
SuSE Linux Enterprise Server 12.2 64-bit (SP2)
Ubuntu Ubuntu 16.04.3 LTS
Amazon Linux AMI 2017.03.1 64-bit
EnableConnFloodProtection feature is now disabled by default
Ensure S3 regions list is up-to-date
Changed from “Active’ to “Enrolled” in the agent status list
Expose MTC registration status via COM
Expose CIC registration status via COM
Add-in readme file now explains the difference between the .exe and .msi installer
Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors
Updated the security tab typo to reflect “FIPS-certified”
Fixes
Fixed “CTRL+F” search function
Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled
EFS icon was not displaying when a VFS folder was encrypted
EFT admin GUI crashed when a CIC profile was renamed
Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7
Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option
EFT UI will not accept configuration change when renaming CIC connection profile
Statistics box on “My Site” general tab needs to be adjusted
Stopped site does not have the red X on the MySite under VFS tab
Enterprise option to reset passwords for multiple users is greyed out
Cannot enter letters in zip code field in registration wizard
Admin UI: visual artifact in the UG tree
Web Service – Invoke Event Rules (Detailed) report no longer returns data
Outlook Send Report column (Recipient) is not populating
PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint
Admin console is hanging when login and also when trying to clone rules
Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth
Passwords not syncing with EFT AD site
Service hang - users can't connect
EFT Memory is growing gradually
Anonymous authentication bug since 7.3.3.21
Service crashing intermittently
After upgrade and applying hotfix, Permission groups no longer present
GUI Crashes with new ODBC site when creating new user
EFT Event Action S3 region list is incomplete
EFT S3 Region list is outdated
Browse Remote File System causes Error and GUI Crash
Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently
When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination
Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6
ER: An unencrypted user password can be written to WEL when using User Event Rules
Event Rule: The reason for not being able to delete a file (move) is not provided to the user
EFT’s copy/move does not appear to honor the “Retries” value
EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4
Source file name.ext not pre-populating in the source field after clicking OK
Source file name.ext not pre-populating in the source field after double clicking
UI does not refresh after deleting an Event Rule
File/Folder actions leak handle
Scheduled event rule not running at expected scheduled times after 12am
Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files
Connection Profile – Connection Details form disappears when the admin user hits the enter Key
Broken upgrade from pre 1M for custom command
Admin console hangs on login
EFT Server Ent 7.4.2.4 randomly crashes
High CPU Utilization and Hangs
DMZ Gateway Caches IPs for host names until service is restarted
Registered DMZ Gateway crashes when using FAST with expired DEI trial license
FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path
HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified
HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods
During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure
EFT Upgrade progress dialog is blank
Automatic service startup is not consistent
Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version
Modify install change stops EFT service from working
Upgrade -- ERROR AuthManager - Could not create client object already persistent
FTP.cfg is corrupted upon upgrade
Installer hangs and stops responding when ORCL credential used have expired
When modifying the start menu, the default value Globalscape still is the one that is used
Administrator Account Configuration screen - Text box line disappears
Installer allows upgrade from 7.1 directly to 7.4
Installer.log file contains admin user and password
Folder monitor override credentials being used when writing to log file
IPAccess logging is broken
EFT - Can't delete a file because Outlook is accessing it
PCI Invalid logins differ at the site and server level
EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate
Remote Agent Service executable has bad description
Agent Install URL returns 404 for HA installations
Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template
Remote Agent Template window, tab order not going left to right, top to bottom
Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."
Remote Agent Template can be selected for new administrator accounts
SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled
SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia
ClientFTP: CSocksSocket checks timeout wrong
Listing fails on remote server in EFT, but not Filezilla
SMTP to Exchange fails with TLS 1.1 and 1.2
EFT Admin: Status screen is not refreshing statistics
Cannot remove "All Users" group from a folder in VFS
Unable to configure streaming repository encryption when site root is a share
Show VFS home folder then setting permissions is broken again
VFS manipulation is slow
Refresh required when an unacceptable character is entered in Maximum message size
Banned file types appear to be sent from Drop-off and Send Portal
User isn't routed to the workspace (shared) folder upon login to WTC
Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending
Selected user background turns from 'blue' to 'gray' after the action
OAI body message is not visible when accessing the contents via WTC
Workspaces license limit email is being sent incorrectly
Workspaces guest template defaults to allow creation of workspaces
Http/1.1 404 Object Not Found error when clicking on Workspace link from email
Customizations.js executing before the UI is rendered, preventing customizations to the WTC
WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers
Embedded link downloads no longer working as of 7.4.x
WTC translation does not persist after clicking request file option
WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users
Version 7.3.9
May 15, 2018
Fixes
Updated the security tab typo to reflect “FIPS-certified”
EFS icon was not displaying when a VFS folder was encrypted
EFT admin GUI crashed when a CIC profile was renamed
Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7
Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option
EFT UI will not accept configuration change when renaming CIC connection profile
Statistics box on “My Site” general tab needs to be adjusted
Stopped site does not have the red X on the MySite under VFS tab
Enterprise option to reset passwords for multiple users is greyed out
Cannot enter letters in zip code field in registration wizard
Admin UI: visual artifact in the UG tree
Web Service – Invoke Event Rules (Detailed) report no longer returns data
Outlook Send Report column (Recipient) is not populating
PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraintAdmin console is hanging when login and also when trying to clone rules
Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth
Passwords not syncing with EFT AD site
Service hang - users can't connect
EFT Memory is growing gradually
Anonymous authentication bug since 7.3.3.21
Service crashing intermittently
After upgrade and applying hotfix, Permission groups no longer present
GUI Crashes with new ODBC site when creating new user
EFT Event Action S3 region list is incomplete
EFT S3 Region list is outdated
Browse Remote File System causes Error and GUI Crash
Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently
When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination
Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6
ER: An unencrypted user password can be written to WEL when using User Event Rules
Event Rule: The reason for not being able to delete a file (move) is not provided to the user
EFT’s copy/move does not appear to honor the “Retries” value
EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4
Source file name.ext not pre-populating in the source field after clicking OK
Source file name.ext not pre-populating in the source field after double clicking
UI does not refresh after deleting an Event Rule
File/Folder actions leak handle
Scheduled event rule not running at expected scheduled times after 12am
Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files Connection Profiles
Connection Profile – Connection Details form disappears when the admin user hits the enter Key
Broken upgrade from pre 1M for custom command
Admin console hangs on login
EFT Server Ent 7.4.2.4 randomly crashes
High CPU Utilization and Hangs
DMZ Gateway Caches IPs for host names until service is restarted
Registered DMZ Gateway crashes when using FAST with expired DEI trial license
FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path
HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified
HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods
During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure
EFT Upgrade progress dialog is blank
Automatic service startup is not consistent
Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version
Modify install change stops EFT service from working
Upgrade -- ERROR AuthManager - Could not create client object already persistent
FTP.cfg is corrupted upon upgrade
Installer hangs and stops responding when ORCL credential used have expired
When modifying the start menu, the default value Globalscape still is the one that is used
Administrator Account Configuration screen - Text box line disappears
Installer allows upgrade from 7.1 directly to 7.4
Installer.log file contains admin user and password
Folder monitor override credentials being used when writing to log file
IPAccess logging is broken
EFT - Can't delete a file because Outlook is accessing it
PCI Invalid logins differ at the site and server level
EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate Settings window
Remote Agent Service executable has bad description
Agent Install URL returns 404 for HA installations
Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template
Remote Agent Template window, tab order not going left to right, top to bottom
Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."
Remote Agent Template can be selected for new administrator accounts
SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled
SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia Server
ClientFTP: CSocksSocket checks timeout wrong
Listing fails on remote server in EFT, but not Filezilla
SMTP to Exchange fails with TLS 1.1 and 1.2
EFT Admin: Status screen is not refreshing statistics
Cannot remove "All Users" group from a folder in VFS
Unable to configure streaming repository encryption when site root is a share
Show VFS home folder then setting permissions is broken again
VFS manipulation is slow
Refresh required when an unacceptable character is entered in Maximum message size
Banned file types appear to be sent from Drop-off and Send Portal
User isn't routed to the workspace (shared) folder upon login to WTC
Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending
Selected user background turns from 'blue' to 'gray' after the action
OAI body message is not visible when accessing the contents via WTC
Workspaces license limit email is being sent incorrectly
Workspaces guest template defaults to allow creation of workspaces
Http/1.1 404 Object Not Found error when clicking on Workspace link from email
Customizations.js executing before the UI is rendered, preventing customizations to the WTC
WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers
Embedded link downloads no longer working as of 7.4.x
WTC translation does not persist after clicking request file option
WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users
Fixed “CTRL+F” search function
Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled
March 2018
Version 7.4.5 R2
March 20, 2018
New Features
Added Cloud Connector Module
Added EFT REST endpoint for querying administrative info and server status
Added Remote Agent Module
Added capability to Download and Copy/Move from AWS S3 storage
Added capability to Download and Copy/Move from Azure blob storage
Added ability to create Connection Profile to AWS S3 and Azure blob storage
Added new context variables related to Remote Agent functionality; %Agent.Name%, %Agent.Version%, %Agent.Last_Update_Timestamp%, %Agent.Next_Update_Timestamp%, %Agent.Computer_Name%, %Agent.Template%, %Agent.Status%
Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #
Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields
Added logging for AWS S3 and Azure blob storage to EFT.log
Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast
Added provisioning and management of Remote Agents
Added Remote Agent Event Rule Triggers - Folder Monitor, Folder Monitor Failed, and Timer
Added Remote Agent Event Rule Actions - Copy/Move (push) file to host, Download (pull) file from host, Stop processing
Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab
Added robots.txt so that Web Transfer Client does not appear in web search
Added feature to Request Files
Added option to Secure Message Body
Enhancements
Removed local notes.txt file (version history). Please see website for up to date version history and change notes.
Remove Java Option code from Login.htm file
Improved efficiency of Purge script
Defaulted log file appender to include computer name
Pick-up Portal now has “download all” option
Fixes
Fixed scenario of Event Rule delegation to non-existent node that could result in failure to execute Folder Monitor event rules
Fixed scenario of Event Rule delegation to non-existent node that could result in server crash
November 2017
Version 7.4.5 R1
November 21, 2017
New Features
Added Cloud Connector Module
Added EFT REST endpoint for querying administrative info and server status
Added Remote Agent Module
Added capability to Download and Copy/Move from AWS S3 storage
Added capability to Download and Copy/Move from Azure blob storage
Added ability to create Connection Profile to AWS S3 and Azure blob storage
Added new context variables related to Remote Agent functionality; %Agent.Name%, %Agent.Version%, %Agent.Last_Update_Timestamp%, %Agent.Next_Update_Timestamp%, %Agent.Computer_Name%, %Agent.Template%, %Agent.Status%
Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #
Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields
Added logging for AWS S3 and Azure blob storage to EFT.log
Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast
Added provisioning and management of Remote Agents
Added Remote Agent Event Rule Triggers - Folder Monitor, Folder Monitor Failed, and Timer
Added Remote Agent Event Rule Actions - Copy/Move (push) file to host, Download (pull) file from host, Stop processing
Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab
(WTC) Implement robots.txt so that Web Transfer Client does not appear in web search
(WTC) Added feature to Request Files
(WTC) Added option to Secure Message Body
(WTC) Removed local notes.txt file (version history). Please see website for up to date version history and change notes.
(WTC) Remove Java Option code from Login.htm file
Enhancements
Improved efficiency of Purge script
Defaulted log file appender to include computer name
Pick-up Portal now has “download all” option
Fixes
EFT service crashing randomly 7.3.5.4
Login attempts fail with "Precondition failed"
Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires
"If settings template equals" condition is now properly converted after upgrade.
AS2 setup wizard's "Test Connection" results in a GUI crash
AS2 Outbound setup wizard results in a GUI crash
Admin GUI crash when expanding workspaces under the VFS tab
Folder monitors are not updating enabled status icon when reconnecting after a failed health check
HA: Phantom node appears in Status tab.
Mouse pointer spinning in VFS when expanding Site root folders
EFS icon not displaying on encrypted VFS folder
Connection profile Test button outcome shows up as failed when in reality it does connect successfully
Server level TLS/SSL settings are being disregarded when using Connection Profile Test
Event Rule level backup nodes not recognized in the Status tab.
After adding a child domain group, a member of that group couldn’t login to admin console
Auditing and Reporting Module (ARM): Outlook Send Activity Report data truncated
EFT Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions
Event Rules: EFT is hanging and needs to be restarted to restore functionality
PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0
(WTC/Workspaces)The global search on Jument is throwing 404 error
(WTC/Workspaces)Creating a new workspace while uploading a large file will cancel the upload
(WTC/Workspaces)Unable to access WTC using CAC Authentication on an LDAP site
(WTC/Workspaces)Fixed issue of workspaces expiring immediately after upgrade
(WTC/Workspaces)Workspace link created from outlook add-in has the incorrect url
(WTC/Workspaces)Workspace Outlook add-in auto disables when using Integrated Windows Auth
(WTC/Workspaces)Workspaces Send breaks with IWA SSO
Version 7.3.8
November 21, 2017
New Features
Added a COM API method to retrieve the GUID using the site name
Added EFT Silent Installer parameter for Advanced Authentication Module
Enhancements
Removed local notes.txt file (version history). Please see website for up to date version history and change notes.
(WTC) Remove Java Option code from Login.htm file
Change default key length (in bits) from 1024 to 2048 in Create SSL Certificate Wizard
(ARM) Improved efficiency of Purge script
Defaulted log file appender to include computer name
Workspaces invitation and verify email messages customized per site
Fixes
Login attempts fail with "Precondition failed"
Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires
"If settings template equals" condition is now properly converted after upgrade
Server crashes when running vulnerability scanner Greenbone Security Assistant
EFT crashed due to OOM exception caused by excessive ScClientBundler::BundleThreadProc threads
Server hangs for 25-30 seconds when making config changes
AS2 setup wizard's "Test Connection" results in a GUI crash
AS2 Outbound setup wizard results in a GUI crash
Admin GUI crash when expanding workspaces under the VFS tab
Folder monitors are not updating enabled status icon when reconnecting after a failed health check
HA: Phantom node appears in Status tab.
Mouse pointer spinning in VFS when expanding Site root folders
EFS icon not displaying on encrypted VFS folder
Connection profile Test button outcome shows up as failed when in reality it does connect successfully
Server level TLS/SSL settings are being disregarded when using Connection Profile Test
Event Rule level backup nodes not recognized in the Status tab.
After adding a child domain group, a member of that group couldn’t login to admin console
Hang when accessing SSH public key manager
Auditing and Reporting Module (ARM): Outlook Send Activity Report data truncated
EFT Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions
Event Rules: EFT is hanging and needs to be restarted to restore functionality
High Availability (HA): Server not displaying that HA cluster is being administered on another node as expected
PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0
(WTC/Workspaces) The global search on Jument is throwing 404 error
(WTC/Workspaces) Creating a new workspace while uploading a large file will cancel the upload
(WTC/Workspaces) Unable to access WTC using CAC Authentication on an LDAP site
(WTC/Workspaces) Fixed issue of workspaces expiring immediately after upgrade
(WTC/Workspaces) Workspace link created from outlook add-in has the incorrect url
(WTC/Workspaces) Workspace Outlook add-in auto disables when using Integrated Windows Auth
(WTC/Workspaces) Workspaces Send breaks with IWA SSO
August 2017
Version 7.4.2
August 29, 2017
New Features
Administration interface
Added template for password reset confirmation email that is sent when user is unauthorized to reset password
Auditing and Reporting Module (ARM):
Add new option in EFT to log TED6 logs to the new table - default new option to false/off
COM Interface:
Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server
Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site
New COM APIs for Drop-Off controls
High Availability (HA):
Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.
Added support for Autoscaling in AWS
Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast
Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time
Logging:
Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used
Protocols - FTP/S:
Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.
Protocols - SFTP:
Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.
Added diffie-hellman-group-exchange-sha256 KEX
Added ability to select SFTP KEX algorithms through GUI and COM
SMTP:
Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password
Web Interfaces
Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)
Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
Added administrative option to place newly invited Workspace participants in specific settings template
Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile
Users can now reply to a message from Send/Drop-Off
Enhancements
PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled
Now able to login with Admin accounts in AD Universal group in child domains
Configuration Restore dialog has been updated. Backup must be generated from EFT 7.3.3 or higher.
Find/Search in EFT doesn't search connection profiles
Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled
Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
More clearly show the configuration state and current flag value of change password on first login
Clarified user Password Expiration, Reminder, and Notification Options
On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.
Improved responsiveness when browsing directories containing many subfolders.
Removed SAT install files from EFT 7.4 Installer
Web Interfaces – Web Transfer Client (HTML5):
Updated French translation
Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces
Updated Workspace Invitation Subject line to "You've been added to a workspace"
On upgrade from 7.2.x, Workspace notifications should be disabled
Where possible, Workspace owner’s full name is used for WS invites instead of their login name
Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them
New participant of a workspace now lands to that particular shared folder and not at the home page of WTC
Workspace owner can now add additional participant(s) to a private workspace
Fixes
Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.
EFT Password email reminders with AD Site did not trigger
When changing password for user through Admin GUI, force password option was being automatically enabled
EFT forcing users to change their password upon first log in
Renaming folders in VFS causes a loading indicator
EFT Standalone: User's last time connected was only being updated once per day
Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring
Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant
During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed
Resolved EFT Admin GUI crash after using the send Email test button
Settings Templates was no longer sorted alphabetically as of 7.3.3.21
Admin GUI did not retain setting for Password Expiration at user level
When changing password in admin interface, force password option was automatically checked
When modifying password expiration "Remind" option Apply button was greyed out.
Settings Template options did not properly display inherited options
LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.
Potential for AS2 settings to be removed after to 7.3.3.21
Report is missing filters (Traffic - Protocolwise Connections (Summary)
Executive Summary Report data was being truncated
The text "hmtest" appeared in Event Rules Detailed report after the Description:
Admin Action report Change Originator column was being truncated
Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication
Corrected scenario where certain user accounts were not able to authenticate if the account was renamedCouldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21
Custom password change responses were not working for LDAP sites
"IsFolderVirtual" COM method was no longer functioning in 7.3.5
Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword
ICISite::SetWorkspace failed with MX error 7
Custom Command default execution timeout for newly created Custom Commands should be 30 seconds
User Account Disabled Rule did not function after upgrade to 7.3.3.21
Event Rule using FAST protocol to Download Files would fail if connection profile was used
Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.
Corrected scenario of being unable to import Event Rules caused by unexpected config values
Event rules with comma character ',' in event rule name would fail when load balanced
When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes
Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"
Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT
SSL/TLS logging for FTPS connections was not working
Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE
Addressed potential scenario of new PGP key not displaying correct expiration date
EFT responded to a quit command with an additional 0d 0a after version 7
Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file
Trailing spaces in SMTP host address would not resolve the address
User Credentials email had an erroneous = at end of username
Email notification for credentials contained an erroneous trailing =
Forgot password in WTC didn’t work if 2+ users shared an email address
WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled
WTC was not displaying password expiration reminder on login
While uploading a large file, occasionally received errors when trying to create folders or workspaces
Join with Smartcard button was improperly visible when connecting to CAC enabled site
Download button did not function the Max transfer speed option was enabled at the site level
Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal
Resolved issue of being unable to send files from the iFrame
Outlook Add-In functionality was not working in some instances
Private workspace owner was unable to add additional users to private workspaces
Version 7.3.7
August 01, 2017
New Features
Added template for password reset confirmation email that is sent when user is unauthorized to reset password
Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server
Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site
Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used
Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.
Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.
Added diffie-hellman-group-exchange-sha256 KEX
Added ability to select SFTP KEX algorithms through GUI and COM
Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password
Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
Enhancements
PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled
Now able to login with Admin accounts in AD Universal group in child domains
Configuration Restore dialog has been updated. Backup must be generated from EFT Server 7.3.3 or higher.
Find/Search in EFT doesn't search connection profiles
Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled
Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
Improved responsiveness when browsing directories containing many subfolders.
Updated webclient to version 1.3.0 build 10
(WTC) Updated French translation; Update French translation for word "Language"
(Workspaces) Updated Workspace Invitation Subject line to "You've been added to a workspace"
(Workspaces) On upgrade from 7.2.x, Workspace notifications should be disabled
(Workspaces) Where possible, Workspace owner’s full name is used for WS invites instead of their login name
Fixes
Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.
EFT Password email reminders with AD Site did not trigger
When changing password for user through Admin GUI, force password option was being automatically enabled
EFT forcing users to change their password upon first log in
Renaming folders in VFS causes a loading indicator
EFT Standalone: User's last time connected was only being updated once per day
Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring
During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed
Resolved EFT Admin GUI crash after using the send Email test button
Settings Templates was no longer sorted alphabetically as of 7.3.3.21
Admin GUI did not retain setting for Password Expiration at user level
When changing password in admin interface, force password option was automatically checked
When modifying password expiration "Remind" option Apply button was greyed out.
Settings Template options did not properly display inherited options
LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.
Potential for AS2 settings to be removed after to 7.3.3.21
Auditing and Reporting Module (ARM):
Report is missing filters (Traffic - Protocolwise Connections (Summary))
Executive Summary Report data was being truncated
The text "hmtest" appeared in Event Rules Detailed report after the Description:
Admin Action report Change Originator column was being truncated
Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication
Corrected scenario where certain user accounts were not able to authenticate if the account was renamed Authentication - LDAP:
Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21
Custom password change responses were not working for LDAP sites
"IsFolderVirtual" COM method was no longer functioning in 7.3.5
Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword
ICISite::SetWorkspace failed with MX error 7
Custom Command default execution timeout for newly created Custom Commands should be 30 seconds Event Rules:
User Account Disabled Rule did not function after upgrade to 7.3.3.21
Event Rule using FAST protocol to Download Files would fail if connection profile was used
Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.
Corrected scenario of being unable to import Event Rules caused by unexpected config values
Event rules with comma character ',' in event rule name would fail when load balanced
When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes
Upgrade installer asked to create an admin account instead of "Provide server administrator credentials" Logging:
Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT
SSL/TLS logging for FTPS connections was not working
Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE OpenPGP:
Addressed potential scenario of new PGP key not displaying correct expiration date
EFT responded to a quit command with an additional 0d 0a after version 7
Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file
Trailing spaces in SMTP host address would not resolve the address
User Credentials email had an erroneous = at end of username
WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled
WTC was not displaying password expiration reminder on login
While uploading a large file, occasionally received errors when trying to create folders or workspaces
Join with Smartcard button was improperly visible when connecting to CAC enabled site
Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal
Resolved issue of being unable to send files from the iFrame
Outlook Add-In functionality was not working in some instances
Private workspace owner was unable to add additional users to private workspaces
Version 7.2.10
August 02, 2017
New Features
Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
Enhancements
Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
Fixes:
During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed
Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.
The text "hmtest" appeared in Event Rules Detailed report after the Description:
Admin Action report Change Originator column was being truncated
Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"
May 2017
Version 7.3.6
May 02, 2017
New Features
New Globalscape splash screen logo is displayed
(COM API) Added ICIServer Interface Property SMTPUseImplicitTLS
(COM API) Added ICIServer Interface Function SendTestEmail
Added support for Amazon AWS SNS and SQS as alternative to Multicast for HA clusters
Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.
Added support for Windows 2016
EFT.log entry for SSL version and cipher info as part of successful socket connection for FTPS and HTTPS
EFT.log entry on startup if FIPS is successfully initialized.
EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.
EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.
Added registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms
Added registry override (PGPCompressionMethod) to specify default compression algorithm
Add support for OCSP Stapling in EFT Server HTTPS Listener
Added SMTP over TLS/SSL
Added support for Gmail as an SMTP Server
Added SMTP test function
(Workspaces) Added ability to send (email) files out from within Workspaces
(Workspaces) Added pick-up (download) portal for received files.
Enhancements
F1 help has been updated to reflect new features.
Removed support for Windows 2008
EFT Server Enterprise and Standard:
Upgrade OpenSSL to 1.0.2k
Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747
Now able to add "Universal" Active Directory groups to EFT Administration
Improved WTC CAL warnings to be consistent across EFT.log, Admin GUI, and email
Now able to resize the CTRL+F search window
Updated Server>Security page FIPS controls
(ARM) Exporting reports no longer re-runs the report from the source
(ARM) Event Rules table EventName now allows up to 250 characters
Improved the speed of the CNTAuthManager::GetUser method when pulling users from AD with large amount of users (>50k).
Improved AD group listing algorithm when pulling complex subgroup structure. Time taken to sync listing with 200 subgroups decreased from 240 seconds to 5 seconds.
Remove legacy behavior of caching IP address of last successfully connected host.
Greatly optimized the {FS.*} condition checking mechanism of Event Rule execution. FS condition checks now performed locally when possible instead of going out to file system.
Remote directory browser now works when using DMZ Gateway as a proxy.
Event Rule Import now matches Connection Profiles by NAME, not by GUID
Account Lockout Status now propagates to other HA nodes
Admin Last Login Time for HA is now only propagated to other nodes once per day
Modify PGP Encryption behavior to default to CAST5 encryption if registry override AutoSelectPGPCiphers is Off.
Check passphrase was taking too long. Has been optimized
Update SMTP test warning prompt to exclude '+' from an invalid character
(WTC) Full, unlimited access to WTC during evaluation period
(WTC) HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.
(WTC) Updated Jument webclient to version 1.3.0 build 5
(Workspaces) Tidy up default Workspace invite and verify email messages
(Workspaces) Redesigned view and management of Workspaces
(Workspaces) Support Workspaces unlimited license
(Workspaces) Site> Workspaces Outlook add-in (OAI) has been changed to Workspaces - Send
Fixes
Passwords were expiring based on the "remind x days prior to expiration" value
Used disk space counter was not adjusting properly in some instances
Event Rule Admin couldn’t properly remove site from Assigned to this server list
When creating an SFTP key using the wizard - Use this key pair as the default host key - was not checked by default
AdvancedProperty IgnoreNeverLoggedInLDAPUsers was no longer working after upgrade to 7.3.4.6
WTC Licenses with odd numbers were not converting on CAL upgrade
Fixed being unable to configure same name for Group and Settings template
Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
Fixed rare scenario where configurations carried over from legacy EFT Server versions could cause the Settings template Max connections per user and Max transfer speed that were previously disabled to become enabled and set to 0 on upgrade.
WTC CAL registration was not accurately reported under Help>About
Updated the Help>About text for unlimited WTC licenses
Help -> About cuts off licensing information
User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.
User Account Admin interface window did not scale with the EFT Admin console
Event Rule Admins were denied ability to import event rules.
FIPS compliant SSH checkbox was available (but non-functional) even after EFT trial has expired
Updated all GUI references to FIPS Certified rather than FIPS Compliant
On occasion, when deleting event rules from EFT the EFT GUI would crash.
Trying to browse subfolders in Browse Remote File System dialog cause VFS to freeze.
Fixed scenario of being unable to remove SSL certificates from SSL Certificate Manager
Fixed erroneous message stating that SSL certificate will expire in 30 days if site SSL certificate was cleared out.
Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.
(ARM) Scenario where EFT may crash/hang when PCI Compliance Report was being generated
Client (Outbound): Numerate fails when the initial file is 0KB
(COM API) ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP
(COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP
(COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP
Custom Command "Redirect output to clients" doesn't work properly when triggered by FTP protocol
Folder Monitor reconnection logic does not properly update FM's enabled state
Copy/Move action may not work correctly when custom credentials are used for Local transfers
Mitigated rare scenario where Folder Monitor may remove all worker threads
Fixed scenario where Folder Monitor with Trigger based on folder change notifications could be overwhelmed.
Fixed scenario of SMTP logger failing to record data information
Improved scenario where clients were receiving constant timeout errors when uploading files if event rule condition checks took a long time to complete.
(WTC) When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.
(WTC) WTC is not disabled after EFT trial has expired
(WTC) No feedback was given when permissions are denied to a folder
(WTC) Firefox version 50 uploads would sometimes fail
(WTC) Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions
(WTC) Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name
(WTC) Filter button was not properly highlighted
(WTC) Renaming was causing error in developer console
(Workspaces) When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed
(Workspaces) Workspaces licensing was showing 0 after upgrading to 7.3.4.6
(Workspaces) Workspaces shared folders were disappearing after upgrade from 7.3.0.3
(Workspaces) Renaming Workspace as owner failed to propagate to participants
(Workspaces) Workspace invitee was occasionally receiving 404 error upon logging in
Version 7.2.9
May 02, 2017
New Features
New globalscape splash screen logo is displayed
Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.
EFT.log entry for SSL version and cipher info as part of socket connection for FTPS and HTTPS
EFT.log entry on startup if FIPS is successfully initialized.
EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.
EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.
Add registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms
Add registry override (AutoSelectPGPCompression) to default compression to ZIP
Enhancements
Upgrade OpenSSL to 1.0.2k
Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747
Now able to add "Universal" Active Directory groups to EFT Administration
Trial Extension options are still available in EFT SMB after fully registered
Now able to resize the CTRL+F search window
Updated Server>Security page FIPS controls
Exporting reports no longer re-runs the report from the source
Remote directory browser does not work when using DMZ Gateway as a proxy.
Event Rule Import now matches Connection Profiles by NAME, not by GUID
Modify PGP Encryption behavior to default to CAST5 encryption if registry override
AutoSelectPGPCiphers is Off.
Check passphrase was taking too long. Has been optimized
Update SMTP test warning prompt to exclude '+' from an invalid character
Full, unlimited access to WTC during evaluation period
HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.
Updated Jument webclient to version 1.2.1 build 20
Fixes
Manual Registration for Workspaces with a seat count over 1,000 did show the correct # of licenses.
Used disk space counter was not adjusting properly in some instances
Event Rule Admin couldn’t properly remove site from Assigned to this server list
WTC CAL registration was not accurately reported under Help>About
Updated the Help>About text for unlimited WTC licenses
Help -> About cuts off licensing information
User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.
User Account Admin interface window did not scale with the EFT Admin console
Event Rule Admins were denied ability to import event rules.
FIPS compliant SSH checkbox was available even after EFT trial has expired
Updated all GUI references to FIPS Certified rather than FIPS Compliant
On occasion, when deleting event rules from EFT the EFT GUI will crash.
Scenario where EFT may crash/hang when PCI Compliance Report was being generated
Numerate fails when the intial file is 0KB
ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP
ICIConnectedUser interface member TransferredSize does not return result for SFTP
ICIConnectedUser interface member FileName does not return result for SFTP
Custom command "Redirect output to clients" doesn't work properly when triggered by FTP protocol
Folder Monitor reconnection logic does not properly update FM's enabled state
When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.
WTC is not disabled after EFT trial has expired
No feedback was given when permissions are denied to a folder
Firefox version 50 uploads would sometimes fail
Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions
Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name
Filter button was not properly highlighted
Renaming was causing error in developer console
When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed
Renaming Workspace as owner failed to propagate to participants
February 2017
Version 7.3.5
February 08, 2017
New Features
Added debug level logging setting for PGP through Admin User Interface
Enhancements
Upgraded Web Transfer Client (HTML5) to 1.3.0
Updated SSL certificate manager to use SHA2
Fixes
Fixed comment section when creating a workspace (improperly titled "Message" in prior build)
Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)
Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)
Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)
Fixed change password request to use the pre-configured domain (site connection settings)
Fixed issue when attempting to use SSL cert authentication with a null password
Fixed rolling of EFT.log when running a Command Action and the log size exceeds MaxFileSize
Fixed logging for failed upload/download over SFTP protocol
Fixed issue where EFT would convert a physical folder into a virtual folder when using the Active Directory profile as the users home folder
Fixed potential out-of-memory crash when network folder monitor receives a large number (20,000+) of files
Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
Fixed report "Event Rules - Actions (Summary)" to allow Event Name field to support up to 250 characters
Fixed issue when attempting to change Active Directory passwords through the Web Transfer Client
Fixed GUI error message when using a specific multicast IP address (EFT Enterprise Only)
Fixed reporting of WTC CAL registration under Help>About
Fixed ability to save new password dictionary file when changing site settings
Improved ClientFileSystem locking for more granular FileLocker action
Fixed issue with Workspaces shared folders disappearing after upgrade from 7.3.0.3 to 7.3.3.21
Fixed issue with users unable to login after upgrading to 7.3.3.14
Fixed issue with guest Workspaces user unable to login after upgrade
Version 7.2.8
February 08, 2017
New Features
Added SFTP flow control improvements by RFC 4254
Enhancements
Upgraded Web Transfer Client (HTML5) to 1.2.1
Updated SSL certificate manager to use SHA2
Fixes
Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)
Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)
Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)
Fixed return value of inherit state of CCIClientSettings::GetForcePasswordResetOnInitialLogin
Fixed EX logs to properly report failed uploads for SFTP
Fixed error code in cl*.log to show correct error code when target host is unavailable
Fixed compatibility with Symantec DLP (EFT Enterprise only)
Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
Fixed issue of removing source files after compress action when using ZCompress format
Fixed issue with properly handling WTC licenses over 9,999 users
December 2016
Version 7.3.3
December 6, 2016
New Features
Added EFT Outlook Add-In and browser support for exchanging files in Workspaces
Added controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication - (EFT Enterprise only)
Improved 508-accessibility compliance for web clients
Added the Advanced Authentication module for EFT Enterprise
Added HTTP Strict Transport Security (HSTS)
Added new preconfigured reports
Enhancements
Updated Jquery version to 1.9.1
Updated OpenSSL library to 1.0.2j
Added auditing of the originating IP for load-balanced HTTP(S) connections as an Advanced property
Updated PGP library
Added new COM property that exposes "force password change upon first login" flag
Improved propagation of Advance Workflow Engine tasks to other HA nodes - (EFT Enterprise only)
Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder
Improved processing to reduce wait time for event rule load balanced threads -(EFT Enterprise only)
Improved URL encoding function in ClientFTP
Improved handling of Advance Workflow Tasks when user calls Advance Workflow via COM - (EFT Enterprise only)
Improved performance of Admin UI when populating "Group Membership" tab
Improved password complexity warnings to end user
Added additional logging when debugging
Optimized quick search feature in environments with large amount of users
Added additional logging for CFileSystem object
Improved retry transfer logic over high latency networks
Updated odb version to 2.5.0 a11
Fixes
Fixed memory leak in FIPS SSL
Fixed error when trying to download files containing a comma
Fixed High CPU utilization with large volume of user connections
Fixed issue of having to re-apply permissions when changing the case of the SAMAccountName
Fixed Event rule settings where site paths without wildcards were using physical path vs virtual path
Fixed event timer issue of calculating the next run time at beginning of DST hour
Fixed alphabetically sorting of event rules within folders
Fixed issue where admins could not change event rule comments in HA deployments - (EFT Enterprise only)
Fixed dead lock in FTPS
Fixed issue of not reporting correct PASV port in the ex.log
Fixed issue where Admin GUI incorrectly restores the last selection when refreshing UI
Fixed issue of exporting event rules with stop-action set to "Stop processing this and more rules"
Fixed issue of switching client's two-factor authentication setting on PCI sites via GUI and COM - (EFT Enterprise only)
Fixed EFT HA backup option to only backup the site root folders and not the user data - (EFT Enterprise only)
Fixed issue of downloading EFTClient.txt when using HTTP protocol
Fixed dead lock in EventRuleQueue in clustered EFT - (EFT Enterprise only)
Fixed an EFT service Crash when stopping the service in HA environment -(EFT Enterprise only)
Fixed issue of editing comments at the Event rule folder level
Corrected GUI to properly show the inherited value of Account Security option as "Disable"
Fixed email notification to not truncate passwords that use " <v"
Fixed issue with restoring EFT Workspaces when restoring a backup
Fixed intermittent crash of Admin GUI when creating users from an EFT Admin remote GUI
Fixed compatibility with SFTP authentication and WingFTP 4.6.2 using Public key and Password authentication
Fixed intermittent Admin GUI crash on close
Fixed EFT service crash when site is deleted
Fixed EFT service crash on startup due to mixed HA status tracking -(EFT Enterprise only)
Fixed reset password issue for external participant in LDAP site
Fixed Deadlock in EventRuleQueue in clustered EFT on server startup
Removed using FTP Auto mode for client transfers through DMZ gateway as SOCK5 proxy
Fixed issue of not showing failed event rule downloads using wildcards under the status tab of Admin UI
Fixed "Rest offset" command in FTP sessions
Fixed issue of Advanced Workflow Engine task builder not launching - (EFT Enterprise only)
Fixed issue of accessing Ban IP address when large amount of IP addresses are configured
Fixed unhandled exception when backing up HA site
Fixed Mobile Transfer Client crash when attempting to use custom branded MTC
Fixed crash in HTTP session manager
Fixed deadlock in GSAWE.exe process - (EFT Enterprise only)
Fixed DMZ crash when transferring files by FXP
Fixed folder monitor crash when transitioning back to event rule load balance master
Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition
Fixed EFT upgrade issue where the event rule node references were reset back to High Availability (HA) - (EFT Enterprise only)
Fixed ClientFTP retry logic after SSL_connect error
Fixed dead lock during load balanced event rule startup - (EFT Enterprise only)
Fixed account lockout status to propagate to all other nodes in HA mode - (EFT Enterprise only)
Fixed issue of removing source files after compress action when using ZCompress format
Fixed issue of large file uploads being reported as individual chunks.
Fixed Admin UI crash when working with virtual folder with bad alias name
Fixed issue where changes applied by user level admins did not save after server restart
Fixed change password issue through web client for ODBC sites
Fixed error messaging when user without upload permissions attempts to upload via the web client
Fixed reporting of large file uploads to display only one file entry versus individual chunks
Fixed issue of exporting PGP public keys with spaces between each line of the public key blob
Version 7.2.6
December 06, 2016
New Features
Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder
Added HTTP Strict Transport Security (HSTS)
Enhancements
Updated OpenSSL libraries to 1.0.2j
Update Jquery version to 1.9.1 used in Web Client
Improved handling of Advance Workflow Tasks when user calls Advance Workflow via COM (Enterprise Only)
Improved propagation of Advance Workflow Engine tasks to other HA nodes (Enterprise Only)
Improved retry transfer logic over high latency networks
Removed minimification and hashing from themes.css to allow for persistent customization
Increased timeout value based on file size to allow more time for 3-pass deletions
Replaced left navigation tree to improve performance with thousands of folders and/or subfolders
Fixes
Fixed issue of OpenPGP Encrypt action compressing files when compression is not selected
Fixed DMZ crash when transferring files by FXP
Fixed EFT upgrade issue where the event rule node references were reset back to High Availability (HA) - (Enterprise Only)
Removed extra character return when exporting OpenPGP public key
Fixed rare deadlock when CRC calculation is requested for missing file.
Fixed email notification issue of truncating URLs longer than 76 characters
Fixed password expiration options that were work incorrectly via COM
Fixed error messaging when user without upload permissions attempts to upload via the web client
Fixed possible race condition when client is getting disabled due to invalid login attempts limit
Fixed folder monitor crash when transitioning back to event rule load balance master
Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition
Fixed ClientFTP retry logic after SSL_connect error
Fixed issue in Chrome of not being able to download filenames with ‘,’
Fixed issue of not being able to edit comments when rules are viewed at the event rule folder level
Fixed detection of folders where upload is forbidden
Fixed language on modal dialog buttons
Fixed the move to modal to show only single folders and a breadcrumb instead of the entire tree in web client
Fixed default sort order and natural sort order to file names
Fixed issue of exporting PGP public keys with spaces between each line of the public key blob
August 2016
Version 7.3.2
August 30, 2016
New Features
Admin GUI warns users when they are close to or have exceeded number of CAL users
(ARM) Audit originating IP for load-balanced HTTP(S) connections
(WTC) Changed Web Transfer Client licensing from concurrent base to client access license (CAL)
(WTC) Webclient updated to 1.2.2 build 2
(WTC) Warning Banner added to indicate if CAL is exceeded
Enhancements
Update SSL lib to 1.0.2h
Fixes
EFT log erroneously reports “Error cfg.write can't save server settings”
EFT with DMZ crashes on begin transfer file by FXP
Crash in HTTP session manager
Crash in the CommandAccess internals when saving command execution results to log file
Administrator Interface (AI):
Failed Event Rule downloads using Wildcard do not appear in status tab
Windows 2012 R2: Admin GUI crashes with coredump.
When clicking on a help topic the software posts a script error
Admin GUI may crash on close
Admin GUI hang scenario when attempting to stop an FTPS event rule transfer
GSAWE.exe process deadlock
SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth
EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols
The Test Button on the Connection Profiles does not connect when using DMZ as Proxy
Event timer calculates the incorrect next run time at begin DST hour
"Rename transferred file to"-function is not working when destination file size/crc is equal to the original value
A folder monitor event rule stops invoking events after 1000 files are rejected by condition.
Deadlock in EventRuleQueue in clustered EFT on server startup
Deadlock occurring during load balanced event rule startup
High CPU usage with a lot of user connections
Event Rule Load Balanced threads are blocking for extended periods of time
EFT throws unhandled exception at back up
Cannot change event rule comment by GUI when message size exceeds MSMQ limitation
MTC crashes the EFT Service when attempting to use a custom branding
Clicking on a folder causes scClient to crash
Updating the EFT Server domain should trigger an update to the scClient json config file
July 2016
Version 7.2.4
July 05, 2016
New Features
(ARM) Audit originating IP for load-balanced HTTP(S) connections
Added configurable AdvancedProperties (“AutoSelecPGPCiphers”, “AutoSelectPGPMAC”), default to TRUE.
Added additional logging for CServer::Serialize method
Enhancements
Dramatically reduced the amount of Event Driven Changes that must be versioned and propagated when we handle ClientLoggedIn and ClienLogged events (Date granularity rather than time).
Improved interoperability issue with BouncyCastle
Update SSL lib to 1.0.2h
External participants in LDAP site Workspace are now able to reset password
Fixes
PASV Port utilized being logged incorrectly in ex.log
EFT does not properly log the last invalid login before auto ban via SFTP
Crash when deleting a Folder Monitor rule while event rule is being executed
Crash in the CommandAccess internals when saving command execution results to log file
EFT.log is flooded with an error when an FM folder is not accessible
Crash in HTTP session manager
Admin GUI hangs when attempting to stop an event rule transfer
Inherited value of Account Security setting is not properly displayed in the ST/user level
Remote user admins are running into runtime errors frequently
The EFT Admin interface keeps crashing under specific scenarios. Improved resilience.
If display text size is set to 125% or 150%, some options such as "next" and "finish" are pushed off and no longer visible. There appears to be scaling issue with larger text size enabled.
Cannot access the IP Ban list via remote admin, system locks out and says "Ban IP list not available"
Failed Event Rule downloads using Wildcard do not appear in status tab
Event rules are not alphabetically sorted in the event rule folder
Unable to open AWE task builder if file "EFT" exists in path of installation
GSAWE.exe process has a deadlock
AD/LDAP: Incorrect login names lock EFT up for a long time.
Unable to switch client's two-factor auth setting on PCI site
Complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process was causing a hang when done incorrectly.
Disallow using FTP Auto mode for client transfers through DMZ Gateway as SOCKS proxy
SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth
"Rename transferred file to"-function is not working when destination file size/crc is equal to the original value
EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols.
Unable to switch client's two-factor auth setting on PCI site via COM script
The Test Button on the Connection Profiles does not connect when using DMZ as Proxy
Unable to export event rules with stop-action set to "Stop processing this and more rules"
Cannot edit comments when event rules viewed through event rule folder
Event timer calculate wrong next run time at begin DST hour
EFT may crash when FM rule sweeps a folder and admin edits that rule.
Event Rule Load Balancer threads are blocking for extended periods of time.
High CPU usage with a lot of user connections
Deadlock occurrence during load balanced event rule startup.
Deadlock in EventRuleQueue in clustered EFT
When making changes to event rule comments via AI, the service hangs and the nodes get out of sync
Crash when stopping site on 1 node and trying to log into admin GUI
Crash on startup due to mixed HA status tracking
Event rules are being load balanced when they shouldn’t be
Unhandled exception while performing back up
MTC crashes the EFT Service when attempting to use a custom branding
If the PGP key name is more than ~30 characters it is cut off in the OpenPGP action dialog.
The “Enable Compression” button was non-functional and would always auto-select compression setting from the public key.
SSL FIPS subsystem breaks down disabling users from establishing SSL connections (HTTPS and FTPS)
Unable to download EFTClient.txt when using HTTP protocol
Specific characters are truncating EFT emails
The ChangePassword.htm file is always being served up from the web/public folder instead of the web/custom/<sitename> folder
April 2016
Version 7.3.0
April 25, 2016
New Features
Added FAST protocol to copy/move/download event rule actions for accelerating transfers over high-latency connections between EFT servers.
Added scClient for accelerating client-to-server transfers over high-latency connections.
Enhancements
Provided mechanism for external Workspace participants in LDAP site to reset password.Upgraded PGP library.
Protocols - FTP/S:
Set default FTP "ReplaceBackslash" advanced property to true.
Fixes
Fixed issue where incorrect login names cause EFT to hang.
Fixed a potential EFT Service crash.
Corrected "Enterprise-only" Help references to Folder Monitor, Timer Event, and File Transfer Client.
Fixed display issues for proxy settings on Windows Server 2008 R2.
Fixed display issues for PGP key names greater than ~30 characters in the OpenPGP action dialog.
Relaxed field validation on proxy settings that aren't in use.
Fixed inability to switch client's two-factor auth setting on PCI site.
Fixed inability to switch client's two-factor auth setting on PCI site via COM script.
AD Auth, complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process is causing a hang when done incorrectly.
Fixed event rule prioritization.
Fixed logic flow issues for File offload/download rules using Socks.
Fixed a potential crash associated with FM rule sweeping a folder while admin is editing the same rule.
Fixed a potential crash that occurs when deleting an FM rule while it's executing.
Fixed a deadlock in EventRuleQueue EFT HA.
Corrected erroneous event rule load balancing.
Fixed a potential HA node crash related to conflicting node statuses.
Fixed a potential EFT service crash for HA environments.
February 2016
Version 7.2.1
February 15, 2016
New Features
Added support for RSA-authenticated sites to also request user passwords in a two-step authentication model, enabled via registry
Added support for EFT COM Admin interface connections from 64-bit processes
Added context variables TRANSFER.RATE_KBPS, TRANSFER.BYTES, and TRANSFER.SECONDS to event rule actions
Added per-user, per-file metadata operations to Workspaces
Added expiration to Workspaces
Added administrative option to enable Workspace expiration
Added ability for Workspace creators to set an expiration date on WorkspacesAdded "On Workspace Expired" event
Added detailed auditing of file and folder operations within Workspaces
Added per-user, per-file metadata operations to Workspaces
Allow LDAP and AD Workspace creators to invite external guests
Added ability through Event Rules to notify Workspace owner when a file is uploaded
Added Workspace notification email (templated) when adding participant via Admin console
Added context variable (and condition variable) WORKSPACE.OWNER_EMAIL to WS-related and FS-related events
Added handling for an OnTimer exception which caused the admin console to disconnect from EFT Server
Added support for Workspaces REST API 100-Continue header, per HTTP 1.1 specification
Enhancements
Improved performance with extremely large password dictionaries
Enabled scrolling to view full event rule descriptions
Improved performance of HA mode under high volume of login operations
Updated SSL libraries to latest stable release
Updated SSH HMACs to include SHA-256 and SHA-512
Improved performance of rendering contents of a folder that contains a large number (>500) subfolders.
Improved performance of searching within a folder that contains a large number (>500) subfolders.
Improved auditing and reporting of Workspaces activities
Fixes
Fixed a problem where permissions for a user were lost when changing the case of the SAMAccountName and had to be re-added
Fixed a problem where admin permissions were mistakenly removed
Fixed broken inheritance of permission groups for first logged in clients
Fixed a problem where errors were generated during backup because deleted certificate files were being searched for
Fixed admin console crash occurring when refreshing the VFS tab
Fixed a problem where the admin console crashes upon site creation when the default template home folder setting is discarded
Fixed a problem where the home folder is incorrectly set to the previously used entry during user creation
Fixed an issue where right-clicking user\show VFS is not functioning properly in some environments
Fixed a problem where a user could not be deleted from a site if the server is not located in the first server group
Fixed an issue where, during manual module registration, the wizard becomes unresponsive
Fixed broken AWE task search functionality
Fixed a problem where the ARM connection test generated an error in the Windows Event Log
Fixed a bug where the COM method ICEventRule.SetHASchedulingParams seems to work for any event rule type and non-HA EFT installations
Fixed a problem where the ICIAutobanIPAccessRule.BannedIPs COM property shows as empty when the admin console shows addresses on the IP ban list.
Changed the event rule folder naming convention to follow that of event rules
Event rules are now alphabetically sorted in event rule folders
Fixed a bug where the apply option was not enabled at the event rule folder level when event rules were either enabled or disabled
Fixed an issue where timer rules skipped their scheduled execution time due to delays caused by the retry logic of ClientFTP
Corrected the display of comments for imported event rules
HA secondary nodes now verify that the ftp.cfg file can be found during install
Fixed a case where the backup list got an invalid value.
Disabled option to use local system accounts when in HA mode
No longer backing up all user data from site root for HA installations
Scheduled PGP decrypt/encrypt event rule settings must now be supplied with the full file path instead of just the virtual path
Fixed a problem where PGP private key passphrases were appearing in plain text in EFT.log
Fixed a problem where a site's max concurrent socket connections policy could be broken in high concurrency situations
Corrected an issue where SSL options were not being updated
SSL sessions are now being reused
Fixed the OPTS MLST feature (FTP/S)
Fix a problem where EFT was not returning any type of error When issuing an "ls" command on a non-existent directory
Made return codes for maximum Windows file path exceeded errors consistent in HTTP responses
HTTPS offload transfers always failed when connection timeout set to 0
Now greying out HTTP proxy setting when selecting SFTP protocol in the offload configuration wizard (event rule) since SFTP is only supported through Socks 5 proxies
Fixed a problem where generated SSL key files cannot be assigned as SFTP keys
Unified failure messages returned on failed SFTP authentication attempts to avoid user account enumeration
Disabled default use of diffie-hellman-group1-sha1 key exchange, now enabled only via registry
Fixed the file upload button on the tool bar
Fixed the folder upload button when running in Chrome
Fixed the filter button on the tool bar
Fixed an issue with the refresh button
Resend Workspace invitation will now work as expected
October 2015
Version 7.2.0
October 27, 2015
New Features
Added registry setting ExcludeVFolderInQuotaCalc to exclude virtual folders from quota calculations
Added event rule folders which support one level deep folder organization of event rules
Added connection profiles which allow definitions of host interfaces that can be referenced inside event rules
Added file/folder event rule actions (create, delete, rename)
Added compress/decompress event rule actions
Added "Invoke Web Service" event rule action
Added "If File Exists" event rule condition
Added event rule import/export capability
Added event rule change log to maintain modification history of event rules
Added new role "Event Rule Administrator" that can be granted access to specific event rules, AWE tasks, custom commands, and connection profiles
Added server credential verification in Offload events for validating SSL certs and/or SSH keys of remote servers
Added folder browse control within the offload action builder
Added enhanced event rule logging to allow logging targeting a specific site or rule
Added registry setting ExecuteTransferActionsInParallel enable/disable parallelization of all contiguous offload actions (upload/download/move)
Added restore for HA mode configurations allowing a restore from backup when running in HA mode
Added backup run-on node list for event rule load balancing
Added registry setting DisableEFSChecksForPCIReport to bypass EFS checks when running PCI DSS report
Added support for navigating directories via the browser’s back and forward buttons
Added the ability to be directly deposited into a specified directory via a link
Added support for viewing Workspace invitation statuses in the “Edit Workspace Participants” dialog
Added the ability to resend pending Workspace invitations from the “Edit Workspace Participants” dialog
Added text in the “Edit Workspace Participants” dialog to convey the fact that no users are collaborating in the Workspace for shared folders in which all collaborators have been removed
Added localization mechanisms to facilitate the custom addition of additional languages
Added German and Dutch translations
Added support for WCAG Guideline 1.1
Added a configuration file variable to disable CRC in the event upload verifications are not required
Added configuration file variables to specify custom default Workspace sharing permissions for user-initiated folder sharing
Enhancements
Improved performance of ODBC user synchronization process when there are many new users
(ARM)Improved speed of ARM queries used for time-range based reports
Redesigned WTC interface to enhance usability and aesthetics. All file and folder operations are now displayed in the newly added toolbar
Upgraded OpenSSL to fix a high severity vulnerability
Upgraded OpenPGP library to improve configuration flexibility and compatibility with other implementations
Made SFTP and FTPS logging consistent with previous EFT Server releases
Remove legacy behavior of caching the IP address of the last successfully connected host
Fixes
Fixed improper inheritance of initial password reset option
Fixed a problem where the EFT service hangs at startup and is unable to connect to the EFT console until after a restart
Fixed a problem where EFT was responding with “no such file or directory” when a “cd ..” command was performed on the root directory
Fixed a problem where EFT was not respecting the ReplaceExistingOnRename registry setting
Fixed a problem where negative “days remaining” was being sent to users in the expiration email reminder
Fixed a problem where logging in “change password” administrators are improperly shown the VFS view from the server tab
Fixed a problem where EFT Server crashes when authenticating a user with a DES style password
(AWE)Fixed a problem where the value of %FS.FILE_SIZE% was not maintained after executing an AWE command that deleted or removed the file from the source directory
(AWE)Fixed an issue where the Running AW Task limit was not being respected
(ARM)Fixed a problem where EFT was using an unsupported key length longer than 30 digits when creating an Oracle ARM database
(ARM)Fixed an issue where running reports via an event rule caused extreme memory usage and eventual crash of the EFT service
(ARM)Fixed a problem where relevant information was not being logged by the ARM queue stats logger
Fixed a problem where AD sites do not list the principal name of users if they login before EFT pulls users from the AD server
Fixed an issue where automatically creating a home folder for new LDAP users only worked if the site’s users had been synced
Fixed a problem where a LDAP user’s permissions were lost when the case of the user’s name was changed on the AD server
Fixed a problem where LDAP users can't change their password when a 389 Directory Server is used
Fixed a crash that occurred when removing users from an ODBC site
Fixed a problem where ODBC sites were allowing creation and authentication of usernames containing trailing spaces
Fixed a problem where existing users on an ODBC site could not be moved to a different settings template using either the Admin console or COM API
Fixed an issue where the provisioning of user accounts through EFT Server’s COM API was taking longer than it did in previous releases
Fixed a problem where the CISite.IsFolderVirtual COM method works incorrectly after a call to CISite.GetFolderList
Fixed a problem where the ICIFolderMonitorEventRuleParams::PollIntervalSeconds property could not be set with a value exceeding 9999
Fixed an issue where download actions incorrectly interpret destination paths when the file name is explicitly given using %SOURCE.FILE_NAME%
Removed spurious On User Account Disabled event triggers happening when users were deleted
Fixed an issue in the timer scheduler dialog where if “Every weekday” is selected, “Every X day(s)” will still affect the holiday/runtime calendar
Fixed a problem where the EFT service would crash when removing an event rule
Fixed a problem where folder sweep was crashing the EFT service when the rule was canceled during execution
Fixed an issue where starting nodes in clusters under high load would cause them to become out-of-sync
Fixed a problem where EFT Server deployed in a HA environment had excessive memory usage when experiencing a high user connect/disconnect rate
Fixed the double execution of Folder Monitor event rules under certain conditions when in HA mode
Fixed an issue where EFT Server was experiencing unusually high CPU usage in a clustered environment
Fixed deadlock occurring when EFT is deployed in a clustered environment
Fixed a problem where EFT was returning a zero exit code upon failure to access the shared configuration folder at startup which precluded a periodic restart/retry by the Service Control Manager
Fixed a problem where PGP decryption actions in a folder monitor rule were creating 0 length files if the file was encrypted with a different key
Fixed a problem where files encrypted by EFT Server when compression is enabled could not be decrypted by Ipswitch WS_FTP Professional 12.4.1
Fixed a problem where PGP keyring files were empty after upgrading from EFT 6.4.x/6.5.x
Fixed a problem where PGP encrypted files lack a reference to the original filename in the literal data packet
Fixed a problem where the EPSV command does not complete successfully when a client tries to connect to EFT Server through the DMZ Gateway
Fixed a problem where EFT fails to recognize FTP commands that use a double slash in the path reference
Fixed an issue where files being actively uploaded over SFTP could be viewed on disk over a separate FTP connection
Fixed issues with the FTP PASV port selection algorithm
Fixed a command socket race condition
Fixed a problem where EFT Server should have been reporting an error when attempting to download a file over FTP using an offset greater than the length of the file
Improved consistency of return codes when the maximum Windows file path length is exceeded in the HTTPS interface
Fixed a problem where event rules were creating 0 length files when unsuccessfully downloading over HTTP/S from Oracle and IIS HTTP/S servers
Fixed a problem where the status tab was incorrectly showing 0B and 0bps for files downloaded via HTTP/S event rules
Removed erroneous trailing slashes on folder names in SFTP PWD and CD requests
Fixed a problem where the "Preserve Remote timestamp for downloaded files" setting was not working for SFTP
Fixed a problem where severe memory fragmentation due to heavy SFTP load was causing EFT Server to crash
Fixed a problem where EFT was responding with the error "SFTP21 module was not initialized" for SFTP outbound connections
Fixed a memory leak in SFTP
Fixed an issue with inconsistent file sizes in the EX logs for files download through SFTP
Fixed an issue where SFTP was using local server time instead of UTC
Fixed an access denied error in the SAT send page that occurred when trying to send mail and the adhoc administrator is not a full administrator
Fixed a crash occurring when EFT was validating CSRF tokens
Fixed a problem where attempts to spoof the CSRF token could crash EFT
Fixed a problem where EFT was responding with "HTTP/1.1 412 Precondition Failed" when attempting to open remote files in the Java based WTC
Renamed the “Joined Workspaces” folder tree to “Shared with Me” to facilitate easier user recognition
Extra spaces are trimed from usernames when copying/pasting into the login page username field to avoid login errors
Fixed a problem with the WTC where prepending or appending a slash onto a folder name when creating it caused the listing pane to go blank
Fixed an issue where new workspace invitees were redirected to a 404 error page when the initial password reset option is on
Fixed an issue where renamed Workspace folders failed to display the updated folder name in collaborators’ views
Increased the AJAX timeout limit to 4 minutes to lessen the likelihood of errors during large file uploads
Fixed an issue where the UI would only partially render when logging in under certain conditions
Improved formatting for improperly-handled transfer pane errors
Resolved an issue where users would temporarily see Workspaces elements even when the feature was disabled
Fixed an issue where users removed from a Workspace would still appear in the “Edit Workspace Participants” dialog
Fixed an issue where uploads of 0-byte files failed the verification process
Fixed an issue where spaces in file names where replaced with “%20” encoding when uploading via Safari
Fixed an issue where the sharing banner failed to appear when creating a Workspace from within the directory
Resolved an issue where the transfer pane queue tabs failed to expand and collapse under certain conditions
Fixed an issue where global search terms were retained as a file list filter after disabling global search and failed to show in the search bar
Fixed an issue where uploads interrupted manually or due to a network interruption required manual user intervention upon resume
Fixed an issue where a timeout would occur with an upload in progress
Resolved an issue where the layout would break if the user’s password was nearing expiration
Fixed an issue where the multiple file download feature failed to download all files for selections in excess of approximately 75 items
Addressed a cross-site scripting vulnerability in the folder creation modal
Fixed a problem where IE8 and IE9 were not able to use single click URLs to download or save files
Fixed site specific workspace invitation templates
Version 7.1.5
October 23, 2015
New Features
Added Advanced Property to ignore virtual folders during quota calculation
Enhancements
Improved CPU usage
Restored reference to original filename in literal data packet
Corrected connectivity issue related to port used for data connection in PORT mode
Fixes
Fixed enforcement of running task limit
Fixed key length problem in Oracle database implementation
Removed capability of creating users with trailing spaces following their username (ODBC)
Fixed bug in ODBC that disallowed moving users between Settings Templates
Remediated potential service crash due to corrupted buffers in Folder Monitor
Remediated potential service crash during Event Rule removal
Fixed service crash due to internal race condition
Fixed potential crash upon admin connection related to empty permission list in root site folder
Fixed logging inconsistencies between EFT 6.5 and EFT 7
Fixed broken inheritance from Settings Template to User-level “Force users to change their first-time password…” setting
Fixed EPSV command problems over DMZ Gateway
Restored support for commands preceded by double slash
Fixed occasional data socket failures in PASV mode
Fixed inconsistent file sizes in the EX logs when downloading files
Restored 0 byte upload logging
Fixed bug where local server time was being used instead of UTC
Fixed potential crash during CSRF token evaluation
Fixed server crash related to Opera and other browsers connecting
Fixed UTF8 encoding of filename in uploads from IE11
Fixed browser sticking during upload verification on moved file
Fixed broken page displayed when password expiration was enabled
Improved skip / overwrite prompt
Fixed redirect for 404 on Workspace invitations when initial password reset option is ON
Fixed forwarding when WTC is disabled for a particular user
July 2015
Version 7.1.3
July 22, 2015
Enhancements
Upgraded OpenSSL to mitigate vulnerability CVE-2015-1793: https://www.openssl.org/news/vulnerabilities.html#2015-1793
Improved resilience to loss of HA Mastership
Improved recovery from scenario where no node is master
Updated OpenPGP to latest /n software libraries
Fixes
Decrypting PGP files with folder monitoring created 0kb files if the PGP file was encrypted with a different key
Corrected potential deadlock in clustered environment.
Fixed bug where PGP encryption algorithm was set to AES128 regardless of the public key cipher used.
Fixed a scenario where Ipswitch WS_FTP Professional 12.4.1 failed to decrypt files encrypted by EFT Server 7.0.x with compression enabled.
Alleviated potential for PGP keyring files to become empty after upgrading to EFT 7.x from EFT 6.4.x/6.5.x
Fixed an issue where SSL Compatibility Allowed Versions would be changed during SMB to Enterprise upgrades.
Corrected EFT service crash scenario when specific HTTP/S client connected.
Eliminated memory leak scenario in SFTP.
June 2015
Version 7.1.2
June 24, 2015
New Features
Added registry value for "SFTPProcessThreadStackSize" and changed default stack size to 512Kb
Added a boolean AdvancedProperty to bypass EFS Checks when running PCI DSS report
Added support for SHA-512 passwords over FTP
Enhancements
Improved performance of VFS management
Improved search function in Admin UI
Mitigated hang in Status Viewer when connected to ARM database
Improved performance for ODBC synchronization
Improved Move/Copy action error code accuracy
Reduce CPU utilization with large volume of user connections on HA EFT cluster
Improved startup synchronization for clusters under high load
Improved CPU utilization during CreateWorkspace request
Expand support SHA-512 hashed passwords to HA mode
Fixes
Fixed server hang at startup requiring service restart to connect to Admin UI
Fixed manual registration
Revoked site admin permission to retrieve ARM password via COM
Fixed issues during account creation on AD sites set to use User Principal Name
Automatically create home folder for new users even when LDAP hasn't been synced
Fixed date parsing in ClientFTP LIST command for AS/400-like servers
Corrected ClientFTP port selection in active mode
Addressed client connection failures
Fixed CISite.IsFolderVirtual behavior after call to CISite.GetFolderList
Addressed Folder Monitor double executions
Fixed registry override to replace a folder/file with the same name
Stop caching IP address of last successfully connected host
March 2015
Version 7.1.0
March 02, 2015
New Features
Added EFT Workspaces, a collaboration tool to allow users to easily share files and folders
Added mechanism for importing accounts with SHA-512-hashed passwords
Added advanced property for controlling HTTP request type for CIC actions
Added wildcard support for CIC actions
Added controls for users to share folders as Workspaces and control participants' permissions
Created a registration page for users invited to participate in Workspaces
Added multi-file download option
Added ex logging for HTML5 client uploads
Enhancements
Changed default report type from HTML to PDF
Improved performance of VFS management
Improved feedback on AJAX request problems when they occur
Improved feedback for failed upload verifications
Improved Ctrl+F "Search" function
Improved accuracy of HA node status tab
Fixes
Removed redundant Windows event log error for EFT 7 trial expiration
Fixed bug where email notification reminder is sent despite option being disabled
Resolved a performance issue where the Transfer Engine was requesting too much information when connecting to Admin Interface
Fixed GUI bug where VFS Tab was not jumping to usernames when trying to add a user
Corrected virtual folder display problems in Admin InterfaceFixed broken filters for “AS2 – Transaction Overview” report
Corrected entries for ReportPort and LocalPort in tbl_Authentications
Fixed bug where home folder was created and replaced on first login despite already being configured
(AS2, Enterprise only) Resolved an error generated every time the user DB is refreshed: "Remap user's home directory failed: client home directory is root"
Fixed a bug that occasionally caused EFT 7.0.3.10 to crash when removing users from an ODBC site
Restored COM API change password functionality
Fixed SSHFIPSEnabled COM method, which was interacting with the SSL settings rather than SSH settings
Fixed issue where CIC Report contained truncated x-header information
Cleaned up horizontal scroll appearance mechanism in CIC before it's needed
Fixed a potential EFT crash in event rule execution
Restored event rule e-mail override functionality
Fixed service crash triggered by FM event rule removal during folder sweep
Fixed bug where Folder Monitor always followed synchronous logic flow
Fixed bug where custom commands' "if action failed" block wasn't being triggered
Addressed an issue where HA Folder monitor rules could sometimes runs twice
Fixed loss of custom account details on 6.5 to 7.0 upgrade
Restored population of %FS.PATH% and %FS.VIRTUAL_PATH% context variables from Mail Express transactions
Fixed bug where 0KB files were not deleted in PGP event rules
Corrected change in ex.log entries FTP/S and SFTP paths were no longer relative to the root
Restored trailing slash for FTP PWD
Removed redundant slash from FTP paths
Fixed bug where EFT Client FTP was choosing the wrong port in active mode
Fixed Client FTP parsing issues for "LIST" command on AS/400-like servers
Fixed bug where "local server time" was not being used
Resolved EFT crash related to processing invalid MLST command
Fixed issue where 'SIZE /' returns 501 rather than '550 - File not found'
Made uniform return codes when maximum Windows File Path is exceeded in HTTPS
Fixed vulnerability in SFTP due to out of memory crash
Restored "Preserve Remote timestamp for downloaded files" functionality for SFTP
Removed erroneous "folder not found" SFTP errors from status tab
Fixed a bug preventing generated SSL Key file being assigned as SFTP key
Restored logging for 0 byte uploads over SFTP
Re-enabled use of backslash when changing directories with SFTP
Restored On File Upload event rule trigger for zero byte SFTP uploads
Removed extra comma in SSH_MSG_KEXINIT exchange when last cipher and MAC were not selected
Fixed bug where EFT would disallow HEAD requests for users without Download permission
Re-enabled CRC verification where it wouldn't work with EFS enabled
Web Interfaces – Web Transfer Client (Java)
Fixed WTC Java password change redirection to return to WTC Java instead of HTML5 client
Stopped app from timing out during long uploads
Fixed display issue with UTF-8 characters in Internet Explorer
Restored file upload functionality for WTC Basic in Internet Explorer
October 2014
Version 7.0.3, R2
October 24, 2014
Enhancements
Updated PCI report for PCI DSS by adding SSLv3 protocol checking to section 4.1 that will prompt a warning
Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities
Set SSLv3 to off by default for new installations in response to POODLE vulnerability
Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities
Set SSLv3 to off by default for new installations in response to POODLE vulnerability
Version 7.0.3 R1
Mon, 10/13/2014
New Features
Added Content Integrity Control module and Event Rule action
Added AD and LDAP support in high availability installations
Added default Event Rule load balancing settings for active-active clusters
Added cluster information to Status tab for active-active cluster nodes
Added ability to refresh and keep user logged in
Added an indicator to illustrate that Global Search is "loading" when enabled
Added simple mechanism for issuing a Terms & Conditions acceptance dialog to end users
Enabled the "If Using Web Transfer Client" condition in EFT's Event Rules for the HTML5 WTC
Enabled On File Upload for HTML5 WTC
Enabled On Verified File Upload for HTML5 Advanced WTC
Enabled uploads of large files, with up to 20GB tested
Enhancements
Changed Single-click URLs and single sign-on to use the HTML5 WTC instead of the Java WTC
Created an upgrader to facilitate upgrading the WTC without upgrading EFT
Improved performance of uploads in all supported browsers
Removed notification in "basic" HTML5 WTC that previously alerted users no licenses were available
Improved performance of RESTORE operation
Fixes
Fixed issue where invalid home folder path results in corrupt ftp.cfg when upgrading from 6.5 to 7.x
Fixed a problem where adding users to a newly created Permission Groups fails with a message "Operation Failed"
Fixed an issue where "Show VFS Home folder" command not working for virtual folders
Fixed a problem where EFT 7.0 fails to load a 6.4 configuration on upgrade
Disabled "Create User Group" option for user-level admins
Fixed a problem where config backup wouldn't gracefully disconnect admin during backup
Fixed a problem where EFT logged every connect/disconnect to the server
Fixed a problem where "Browse VFS" dialog returned wrong path results in "Access Denied" message box
Fixed problem where renamed permission group fails to propagate new name to Folder Permissions list in VFS Tab
Fixed a problem where EFT logged that it was serializing the EFT.cfg file upon every client connect
Fixed a problem where SSH Server would not throttle bandwidth for connecting clients
Restored ability to Delete/Modify virtual folder in EFT VFS when physically deleted or inaccessible
Fixed a problem where a “User Admin” or “Change Password Admin” disabling a single account caused EFT to mark all user accounts the admin has access to as Updated
Fixed a problem where a new user's home folder is set to "/" even when "Automatically create a home folder for new users" is not selected
Fixed a GUI crash caused by an admin level "User" being unable to access VFS
Fixed Help> About of MTC Registration where it previously showed 0 licenses
Fixed an issue where under certain conditions expanding a node in the VFS Folder tree displays a persistent hourglass node with the text "Loading" that requires further interaction before going away
Fixed an issue where UI doesn't update properly when switching between settings templates and users
Fixed formatting error in Security Failed Logins report
Fixed a problem where upgrading to EFT 7 caused "Activity - By File Report" to not return files that were uploaded and then processed with "File Uploaded" event rule
Addressed cases where ARM failed to audit the parameters of some event actions
Fixed issue where AD Accounts in a child domain cannot connect to EFT over SFTP, while other protocols worked correctly
Fixed special character handling for AD Auth site's Domain and Group fields
Fixed issue where upgrades involving AD Sites with virtual directories broke user folder permissions
Fixed issue where AD physical home folder assignments had changed in 7.0
Fixed a problem where AD user accounts didn't update on service restart in HA mode
Fixed an issue where AD Password Expiration notifications were sent when corresponding feature was disabled by default
Fixed timeout when creating AD Sites with 150K + users
Fixed LDAP issues when poorly connected/low performance server was in use
Fixed reduction of ODBC synchronization process performance
Fixed a problem where CreateUserEx call for an ODBC site is 3-4x slower on average compared to 6.5
Fixed an issue where site admins could obtain ARM password via COM
Improved usability of event rule function: rule.GetHASchedulingParams()
Removed ability to add a non-existent AWE task to an event rule
Fixed a problem where Download actions did not work if username length is 40 or more characters and used mask in source path.
Fixed a problem where FM failed to move all files in HA configurations
Fixed an issue with "Monthly" and "Yearly" timers not working correctly in 7.0
Addressed a problem where scheduled event rules periodically stop working after upgrading to EFT 7
Fixed an issue where failure to deliver event is not being logged
Fixed a problem where event rules weren't executing on fully qualified domain names
Addressed scenario where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message
Fixed a problem where an event rule couldn't utilise the Settings Template condition
Fixed issue where additional items were added to the registry after a backup & restore
Fixed node name in error message when opening up a 2nd Admin console in an HA environment
Fixed a problem where Certificate Signing Utility returned "Error. Request not signed." error
Corrected issue where literal 'CWD ..' while in the root folder will return 501 syntax error
Added filenames and corrected incorrect port number in u_ex log file
Corrected issue where "ls filename" command responds with a 550 permission denied message
Fixed issue where incorrectly configured FTP port range heavily raised CPU usage and broke passive mode with no errors
Restored ability to use backslash when changing directories with FTP
Fixed a problem where Rename Transferred Files option does not work in event rules over SFTP
Fixed issue where tbl_Protocol_commands does not record creation of Folders from WTC when folders are copied
Restored Web Session Timeout registry override units to minutes (6.5) instead of seconds (7.0)
Fixed a problem where HTTP redirection to built-in pages (login, change password, etc.) failed to work behind NLB or WAF even when X-ORIGINAL-PROTOCOL: https was used
Fixed problem where users are unable to create new folders using PTC upon initial login
August 2014
Version 7.0.1
August 11, 2014
New Features
Added HTTP CRC calculation logging
Enhancements
Improved performance of restore operation
Improved Backup Configuration performance and stability
(WTC/Workspaces) Upgraded Jument to 1.0.1 build 3
New text for login error on Web interface
Fixes
Fixed a bug where EFT would send AD Password Expiration notifications when corresponding feature should be disabled by default
Fixed a problem where EFT logged sensitive information to EFT.log in specific cases
Fixed a memory leak related to FIPS SSL
Fixed a bug where ARM failed to audit the parameters of some event actions
Addressed a scenario that caused a failure to upgrade Oracle database
Fixed a bug related to new user creation, where the home folder for the user was automatically assigned to be / even when "Automatically create a home folder for new users" was not selected.
Addressed a scenario where EFT may crash in high load when ODBC authentication is used.
Refined usability of event rule function: rule.GetHASchedulingParams()
Addressed EFT hang during DMZ use.
Addressed issue where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message.
(AS2, Enterprise only) Fixed issue where testing an AS2 connection via a proxy when a DMZ server is offline would cause the GUI to timeout.
Refined behavior of Restore from Backup button in the new site wizard to operate intuitively.
Corrected issue where EFT incorrectly balanced FM events with long file names
Addressed crash in HA when deleting HA timer rule
Addressed scenarios where EFT 7.0 may fail to upgrade from 6.5 when a client had incorrect home folder
Fixed EFT service memory leak and crash while using literal site command to call custom command via FTP protocol
Fixed EFT service crash when using literal X-CRC command
Fixed bug where SFTP created incorrect folder listing which may cause problems for some SFTP clients.
Fixed bug where Web Services was not accessible via web browser. 404 returned.
Corrected HTTP redirection to built-in pages (login, change password, etc.).
Refined per-Site customization of Web interfaces to work as expected
June 2014
Version 7.0.0
July 03, 2014
New Features
Added High Availability (HA) mode of operation for active-active failover and load balancing without requiring Windows Clustering Services nor Veritas Clustering
Added support for High Availability configuration
Added High Availability reports to group output by cluster node performing the activity
Added support for HA installation mode, including enabling required Windows features to support message queuing
Provided command line installation options for HA configuration
Added support for load balancing Folder Monitor and Timer event rules in HA mode
Added new HTML5-based Web Transfer Client to provide similar functionality to Java applet with fewer deployment problems
Added self-healing ARM connections
Added end time to ARM database to record when an event action stopped in addition to its start time, which had already been recorded
Provided command line installation options for serial number (activation) entry
Enhancements
Updated OpenSSL library to version 0.9.8za
Updated OpenPGP library
Enable Large Address Aware feature so that EFT Service process can access up to 4GB memory
Updated password hashing mechanism to use salted, iterated PBKDF generation to improve security
Updated PCI/DSS module to audit compliance with PCI DSS v3
Improved skipped file handling during Event Rule Offload action
Improved CRC checksum calculations efficiency for files on high latency links to network share
Increased default ARM queue size to 1000
Improved handling of asynchronous Custom Command and AWE Task execution for deterministic, reliable behavior under load
Fixes
Fixed scenario where a Folder Monitor rule set to trigger with both ‘Folder Change Notification’ and 'Folder Sweep' turned on may stop processing new files.
Updated GUID generation to use sequential GUIDs to reduce index page fragmentation
February 2014
Version 6.5.16
February 26, 2014
New Features
Added support for Mobile Transfer Client (MTC) access
Added support for defining MTC security policies
Added support for using SSL certificates for outbound AS2 transfers for cert-based auth
Enhancements
Enhanced send login credentials email to use templating engine for dynamically building content
Fixes
Private patch 6.5.15
Fixed bug where permission groups assigned to the last created user were also assigned to the next created user
Private patch 6.5.14
Fixed a failure to comply with RFC 2616 - message body was being returned for HEAD requests
Fixed a bug where AWE workflows would come up blank if the Site is stopped at server startup
Private patch 6.5.13
Fixed memory leaks in LDAP authentication manager and SSL communications
Private patch 6.5.12
Fixed a socket leak when using DMZ Gateway as an outbound proxy
Fixed crash or hang that would occur on transferring 9GB+ files over AS2
Fixed Java security warning popups that would occur when using WTC and SAT modules
Private patch 6.5.11
Added registry key override to set default upload/download skip behavior
Fixed crash that would occur if an “open file” call was ignored by the target file storage device
Private patch 6.5.10
Fixed problem where some VFS folders were hidden from the administrator interface on upgrade
Private patch 6.5.9
Fixed a Site startup failure on upgrade from EFT 6.4 if the legacy private key had a null passphrase
Fixed upgrade from 6.4 issue where accounts were disabled in error
Private patch 6.5.8
Fixed AS2 file size limitation bug where file size was correlated with available memory
Private patch 6.5.7
Fixed bug that blocked admins from assigning more than one email to new user accounts
Fixed bug that disallowed account modification after upgrading from 6.4 under certain conditions
Fixed event rule error when %email_address% contained multiple emails
Fixed bug where password expiration message wouldn’t work if multiple emails were specified
Private patch 6.5.6
Fixed COM bug with RemoveUserFromPermissionGroup
Fixed COM bug with GetPermissionGroupsOfUser()
July 2013
Version 6.5.5
July 03, 2013
Fixes
Fixed an issue where IE8 and earlier browsers would not allow the Plain Text Client (PTC) to download files because of the caching directives used with the cache control header.
Private patch 6.5.4
Fixed a server crash due to improper handling of binary MDN signatures when logging AS2 transfers.
Fixed an issue where the wrong port was used for inbound AS2 transactions when the client requested an Asynchronous MDN using a different port than that specified by the AS2 partner.
Fixed a memory leak caused by not releasing security token handles before acquiring new handle for authenticated client local transfers.
Fixed an issue where because of changes in Java 7u21 when loading the WTC or SAT Java displayed a "potentially unsafe components" warning dialog prompt.
Private patch 6.5.3
Fixed an issue introduced in version 6.5 that caused the COM method GetVirtualFolderList to return an empty list.
Fixed an issue introduced in version 6.5 where the EFT Server service could stop if the COM method GetPermPathsList was called.
Fixed an issue introduced in version 6.5.1 where if the CISite.GetBlankPermission COM method is called with a group instead of a user an error was returned stating an invalid user was passed in.
Private patch 6.5.2
Security: fixed an issue where the Virtual File System (VFS) group permissions were not properly applied. Depending on configuration this could result in user's being able to see folder's to which they did not have permission. Note that said user would still be prevented actual access to the folder.
Security: fixed an issue where folder permissions were improperly applied to subfolders.
Fixed an issue introduced in version 6.4.14 that caused uploads of files over 2GB in size using the Web Transfer Client to appear to fail with an erroneous status.
Fixed an issue that prevented the Folder Monitor rules that used the "renamed" trigger from functioning.
Private patch 6.5.1
Added the ability to override the default internal HTTP read buffer size to improve HTTP/S upload performance in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server.
Added the ability to override the default reserved memory stack size for HTTP processing threads. This is an experimental feature that is intended for use in combination with increasing the HTTP read buffer size. This functionality provided greater control over memory consumption within the HTTP engine.
Fixed a performance issue where the Web Transfer Client Java Applet was using a 4K buffer when sending over HTTPS. A 16K buffer is now used to take full advantage of the SSL protocol record size.
Fixed a performance issue that could result in slow user provisioning via the COM interface in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server. Specifically, these changes improve the performance of the ICISite GetBlankPermission and SetPermission COM methods.
Fixed an issue introduced in version 6.4.15 that prevented uploading of files whose file size is in excess of 4GB when using the Web Transfer Client.
Fixed an issue in the Secure Ad hoc Transfer (SAT) Module where recipients specified in the CC and/or BCC fields would receive (1) The Password notification email when the email behavior was configured as "UsernameToRecipientAndPasswordToSender" (2) The Username and Password emails when the email behavior was configured as "UsernameAndPasswordInSeperateEmailsToSender".
Fixed an issue where the application would incorrectly provision a new user account if a forward-slash was included in the username within the login process.
Fixed an issue within the Event Rule functionality that prevented the Overwrite option from functioning for the "Download (pull) file from host" and "Copy/Move (push) file to host" Actions.
Fixed an issue that prevented proper expansion of VFS folders within the Administration Interface when working with a large number of folders.
Version 6.4.19
July 02, 2013
Fixes
Fixed an issue where outbound connections through a Gateway/SOCKS proxy were not using the preferred local IP setting from the Advanced settings tab.
Fixed an issue where because of changes in Java 7u21 when loading the WTC or SAT Java displayed a prompt warning of "potentially unsafe components."
Private patch 6.4.18
Fixed an issue introduced in version 6.4.14 that caused uploads of files over 2GB in size using the Web Transfer Client to appear to fail with an erroneous status.
Private patch 6.4.17
Fixed an issue introduced in version 6.4.15 that prevented uploading of files whose file size is in excess of 4GB when using the Web Transfer Client.
Private patch 6.4.16
Added the ability to override the default reserved memory stack size for HTTP processing threads. This is an experimental feature that is intended for use in combination with increasing the HTTP read buffer size. This functionality provided greater control over memory consumption within the HTTP engine.
Fixed a performance issue that could result in slow user provisioning via the COM interface in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server. Specifically, these changes improve the performance of the ICISite GetBlankPermission and SetPermission COM methods.
Private patch 6.4.15
Added the ability to override the default internal HTTP read buffer size to improve HTTP/S upload performance in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server.
Private patch 6.4.14
Fixed a performance issue where the Web Transfer Client Java Applet was using a 4K buffer when sending over HTTPS. A 16K buffer is now used to take full advantage of the SSL protocol record size.
Private patch 6.4.13
Added support for 128 and 256 bit AES CTR mode to the SFTP protocol
Private patch 6.4.12
Fixed DMZ Gateway to use port 20 instead of port 65300 for outgoing PORT mode FTP traffic
Fixed Event Rule MOVE Action to delete source file on resumed transfer
Private patch 6.4.11
Fixed UserDatabaseSynchronizationMode registry key to properly ignore user deletions during synchronization when in LoggingModeOnly
February 2013
Version 6.5
February 15, 2013
New Features
Added comprehensive support for Unicode UTF-8 encoding (see help file for exceptions and special cases)
Added 128 and 256 bit AES CTR (counter mode) ciphers for SFTP (both as server and as client)
Added status viewer controls for stopping in-progress inbound and outbound transfers
Added a progress percent completion indicator for transfers displayed in the status viewer (where applicable)
Added the ability to override the limit on the number of entries in the auto-ban IP list. (KB Article)
Added the ability to override the limit on the number of entries in the IP access rules list. (KB Article)
Added an override for controlling the administrator interface timeout
Added checks for administrator inactivity timeout values that exceed the 15 minutes maximum mandated by PCI DSS 8.5.15
(COM API) Added support for specifying alternate credentials for Folder Monitors
(COM API) Added support for specifying polling settings for Folder Monitors
(COM API) Added additional methods to support management of existing AWE tasks
(COM API) Added additional methods that map to new administrator interface controls, such as setting the administrator interface inactivity timeout values
Added support for use of Virtual Path, Virtual Folder Name, Virtual Destination Path variables and conditions for Folder Monitor events
Added persistent installer log file, located in \Installer.log
Added check of initial EFT Server administrator account password against configured Windows password policy
Added a database upgrader utility to facilitate auditing and reporting module (ARM) upgrades
Added support for renaming after offload for the SFTP, HTTP, and local protocols. Was previously only available for the FTP protocol
Added the ability to obtain (one way synch) various settings from EFT Server
Added event rule triggering in EFT Server for Mail Express initiated transfers
Added auditing and reporting to EFT Server for Mail Express initiated transfers
Added a number of Mail Express specific features as documented in the Mail Express version 3.3 release notes
Added support for IPv6 addressing when operating with Mail Express Server version 3.3 and later
Added support for Unicode strings in the log files and xml-based configuration files
Added support for Unicode strings in communications with EFT Server 6.5 and later
Enhancements
Updated OpenSSL library to version 0.9.8t
Improved administrator interface performance when managing large user bases (up to 150K users)
Improved the administrator interface to make it clear when a setting is inherited from its parent and what the actual value of the setting is
Added support for the AWE "Call Function" action
Modified reporting to limit the report size to 1000 pages due to inherent limitations in the rendering system
Modified auditing of folder monitor event rules so that the "tbl_EventRules" table "ConditionValues" column now contains additional information
Improved cleanup of deprecated files during upgrade process
Improved logging of installer operationsUpdated the SAT applet jar files so that they have been signed with the latest Globalscape digital signing certificate
Bundled Mail Express alongside EFT Server as an alternative to SAT for ad hoc file transfers
Account management page now uses standard login page rather than basic authentication
Updated the WTC applet jar files so that they have been signed with the latest Globalscape digital signing certificate
Upgraded the embedded Java Runtime Environment to Version 1.7.0_09
Fixes
Included fix made in 6.4.13 private patch: Added support for 128 and 256 bit AES CTR mode to the SFTP protocol
Included fix made in 6.4.12 private patch: DMZ Gateway to use port 20 instead of port 65300 for outgoing PORT mode FTP traffic
Included fix made in 6.4.12 private patch: Event Rule MOVE Action to delete source file on resumed transfer
Included fix made in 6.4.11 private patch: UserDatabaseSynchronizationMode registry key to properly ignore user deletions during synchronization when in LoggingModeOnly
Fixed an issue where the "Authority Key Identifier" and "Subject Key Identifier" fields were not included for SSL Certificates generated or signed by the application
Fixed minor stability issues within the applications
Fixed a minor memory leak in SSL certificate management routines
Fixed various performance issues related to working with a large number of user accounts
Fixed various performance issues related to working with a large number of VFS entries
Fixed various inconsistencies in logging configuration file (logging.cfg)
Fixed an issue that could result in a hang if an admin logged in while a backup is in progress
Fixed an issue where all admins would be locked out if a user with a home folder specified as a physical path was deleted
Fixed an issue where some VFS folder rename failures were not reported in the user interface
Fixed minor user interface inconsistencies and formatting issues
Fixed an issue where the Status Viewer failed to open the client log file if the configured EFT Log File path contained a trailing backslash
Fixed an issue that would cause the interface to handle if selecting or hovering over an event rule whose repeat rate was greater than or equal to 24 hours
Fixed an issue where the QuickSearch functionality was not searching Cleanup or Backup action paths
Fixed a potential crash that could occur when clicking Success/Fail links in the Status Viewer
Fixed an issue where the verbose logging setting was not affecting the log verbosity
Fixed an issue where the TextReplace function did not properly handle regex replacement
Fixed an issue where the %FS_FILE_SIZE% event rule variable was not set for AWE tasks run from a folder monitor event rule
Fixed an issue that prevented deletion of sample AWE tasks
Fixed an issue where the following variables were not available to AWE tasks: Folder Monitor Failure Reason, Precise Event Time Stamp, Base File Name, Install Folder
Fixed "No MIME-boundary found" error when operating with Templar server. This issue occurred when the MDN response does did contain the "Content-length" header
Fixed a potential server crash due to failure to handle non-null terminated MDN strings properly
Fixed an failure that would occur if the username+password were longer than 78 characters
Fixed an issue where the configured HTTP Domain setting was not being used for the AS2 asynchronous MDN delivery address
Fixed an issue where the configured AS2 proxy settings were not being used
Fixed an issue where the report filtering configuration was not updated in the interface when switching between reports
Fixed an issue where a stray CR/LF could cause a disconnection from an Oracle database
Fixed an issue that prevented the creation of 5 indexes for Oracle databases
Fixed an issue that caused erroneous error messages when running Oracle database creation scripts manually
Fixed an issue where a null character in an HTTP GET request could cause a disconnection from the database
Fixed an issue where files without an extension were being included in the Folder path column of the "Activity - All Transfers" report
Fixed an issue where transfers though the PTC/WTC were not appearing in the "Activity - By Group (Detailed)" report
Fixed an issue that could prevent reporting on AS2 transactions when running against an Oracle database
Fixed various discrepancies in reporting of paths and filenames in report between different protocols
Fixed an issue where the application would not reconnect to Oracle databases when receiving an ORA-03113 error
Fixed an issue where the application would not reconnect to Oracle databases when receiving an ORA-03135 error
Fixed an issue where the Admin Activity (Summary) report was showing successful admin connections as Denied
Fixed an issue where the Admin Activity (Summary) report was showing the incorrect local IP when connecting via IPv6
Fixed an issue where the custom command name was not included when auditing to the "tbl_ProtocolCommands" table
Fixed an issue where custom commands triggered by a connected client were not auditing to the "tbl_CustomCommands" table
Fixed an issue where the AS2 - Transactions Detailed reports were not order. They are now ordered by the transaction start time
Fixed an issue where the Admin Activity (Summary) report was not included in the set of SQL Server reports
Fixed inconsistencies in auditing of "PhysicalFolderName" and "FileSize" in "tbl_ProtocolCommands" table
Fixed an issue that would prevent import of SQL log files due to failure to properly obtain the identity value of a newly inserted row
Fixed an issue where an unused table "tbl_ResultCodes" was included in the database schema
Fixed an issue where the default size of the internal queue used to process audit events was too small and could result in performance issues on some systems. The default size has been increased
Fixed a performance issue where the "Refresh User Database" functionality was operational for stopped sites
Fixed an issue where a successful password change in the account management page was inaccurately reported as an error
Fixed an issue where the incorrect file path was used to locate custom change password error message files
Fixed an issue where password change requests would fail with "ERROR [0x80640022] Invalid DN Syntax" error. This was due to referencing the "unicodePwd" field rather than the "userPassword" field
Fixed a memory leak that could occur when an ODBC user had an empty home folder
Fixed an issue that prevented outbound PWD command from working with z/OS
Fixed a memory leak in SSL handling for FTPS and HTTPS protocols
Fixed an issue where Copy/Move could fail for filenames containing extended ASCII characters
Fixed an issue where the rename feature of Copy/Move could fail for local LAN
Fixed an issue where a connection failure due to invalid credentials would use the credentials from a valid session and proceed
Fixed an issue where files did not retain the original date modified value for LAN copies or moves
Fixed an issue where filenames containing "[" would fail to transfer
Fixed an issue where downloads would fail when using a wildcard when connecting to a Microsoft IIS FTP server that does UNIX Directory style listing
Fixed an issue where move and download actions did not preserve the file creation time
Fixed an issue where the preferred local IP setting was not being used when using the DMZ Gateway/SOCKS proxy
Fixed minor memory leaks that could occur for SFTP offloads
Fixed an issue where the connection retry limit was not being honored for data channel connections
Fixed an issue where long client operations could prevent the server from stopping in a reasonable amount of time
Fixed an issue where the application was not following RFC 3659. It was using the MDTM command to set the modified time when it should be using the MFMT command
Fixed an issue where out of range values were misinterpreted for the Folder Monitor configuration
Fixed an issue where the Site.DoesUsernameExist always returned false
Fixed an issue where the CITimerEventRuleParams.DateTimeStart was not using the date provided
Fixed an issue where communication failures for the peer notification channel were not being logged
Changed installer so that it now ensures the DMZ Gateway Administration Interface is not running prior to making modifications
Fixed an issue that prevented binding to interfaces if IPv4 or IPv6 support was disabled in the operating system
Fixed an issue that would cause large delays in connection processing if a port mode connection was attempted through the DMZ Gateway and outbound connections were blocked by a firewall
Fixed minor user interface issues in the DMZ Gateway Administration Interface
Fixed an issue where AWE variables were not populated when the event rule is called from Web Services
Fixed an issue where the %USER.LAST_LOGIN% was not returning the expected value when used with the "On User Disabled" event rule type
Fixed an issue where extended ASCII characters were not supported in event rule email notifications
Fixed an issue where %FS.PATH% variable was being allowed as the source file for an AS2 Timer Event rule. Use of this variable is now forbidden as it is not available for Timer Event rules
Fixed a rare issue where the presence of a large number of folder monitors with the health check option enabled could crash the server
Fixed an issue where some event rule variables would not retain their values after a "Move" step
Fixed an issue where the Reason, FileName, VirtualPath variables were not being properly set for "On Upload Failed" events
Fixed an issue where the thread pool used for monitoring folders would not shrink back to the default size over time
Fixed an issue where the application installation directory was used if no working directory was specified for a custom command. Now the directory of the specified executable will be used in this case
Fixed an issue that prevented passing event rule variables with inner spaces to compound custom command parameter
Fixed various PCI reporting issues that were resulting in compensating controls being reported for each user. This could lead to excessively sized reports
Fixed various minor PCI report inconsistencies and text issues
Fixed an issue where the PCI admin interface inactivity timer would incorrectly trigger while a user was working in the AWE task editor
Fixed an issue that prevented proper upgrade of files when the installer was run in silent mode
Fixed an issue that prevented the SQL Server Express database from being installer when the installer was run in silent mode
Fixed an issue where ARM would become enabled when running the installer in Repair mode
Fixed an issue where the "Allow Log on Locally" Windows privilege was required on accounts to log in to the Admin UI when providing an explicit Windows account during the login
Fixed an issue where the cluster installation path in the installer would not ask the user if they were installing the first node for some cases
Fixed an issue where the initial administration user was not created within the server if a node other than the first node was started first in a cluster environment
Fixed an issue where the ARM upgrade option was not provided when upgrading a cluster environment
Fixed an issue that prevented proper operation on files and folders containing percent signs
Fixed an issue that caused some successful decryptions to be reported as errors in the application log file
Security: Fixed an issue where the SSL protocol in the FTPS and HTTPS implementations was susceptible to a client initiated SSL renegotiation denial of service attack
Fixed an issue where the Site level data sanitization setting was not being honored for deletion of files for POST commands
Fixed an issue where accounts whose username or password contained extended ASCII characters could not log in to the application
Fixed an issue where communications threads were reserving more memory than required which could limit the maximum number of concurrent communications threads
Fixed an issue where the application fails to abide by RFC 959 for conversion to NVT-STANDARD of ASCII files
Fixed an issue where an incorrect "Reason" was determined for some disconnection events in the SFTP and HTTP/S protocols
Security: Fixed an issue where insufficient randomness was present in the generated session tokens
Fixed an issue where SSL sessions ids were not being tracked properly which led to inefficient SSL handling
Fixed an issue that caused excessive CPU utilization when downloading from the server while rate limited to a small transfer rate
Fixed a rare crash that could occur when the IP Access policy is set to deny by default and a user who has the "Change password at next login" flag enables attempts to log in
Fixed a memory leak that could occur when using the PFX SSL certificate/key format
Fixed an issue where HEAD and GET requests returned the wrong content length when a range was included in the request
Fixed an issue where the range header was being incorrectly interpreted as being non-inclusive
Fixed an issue where directory listings were incorrect in the presence of a file containing a # character
Fixed an issue where the "Uploads per session" and "Downloads per session" transfer limits were being ignored
Fixed an issue where a 404 error was returned for deletions if a file was currently locked. A more appropriate 503 "service unavailable" error code is now returned
Security: Fixed an issue that allowed Active Directory users to traverse directories for which they did not have permission to access
Security: Fixed an issue where the PASV port was not randomized if a PASV port range was not specified
Fixed an issue where filenames with extended ASCII characters were not handled properly in listings
Fixed an issue that prevented listing the contents of folders with special characters in the folder name
Fixed an issue that prevented folder renames
Fixed an issue where the STOU command failed to work correctly when user account's "Treat home folder as the users' default root folder" setting was enabled
Fixed an issue that caused the auto-ban (DoS/Flood) detection to be too sensitive when applied to invalid FTP login attempts
Fixed an issue where the server may send a "226 Transfer complete" message before the data connection is closed
Fixed an issue where sending FSETSTAT or SETSTAT to the application multiple times would cause a file not found error
Fixed an issue where the user was not being notified when no files had been attached
Fixed an issue where SAT would fail to upload folders if the "Enable WTC" checkbox was disabled
Fixed an issue that prevented the java applet from loading in FireFox or Chrome when using Java 7 on the client machine
Fixed an issue where the unsigned applet jar files were erroneously located in a directory called "Signed". They are now located in a directory called "Unsigned"
Fixed an issue where email delivery failed when operating with FirstClass ESMTP server
Security: Fixed a minor issue where some debug and test comments were included in web application JavaScript and HTML
Security: Fixed an issue where the web applications could be susceptible to reflected Cross Site Scripting (XSS) attacks
Security: Fixed an issue where the machine name was included in the "Location" header for MOVE and COPY responses
Security: Fixed a false positive issue that was causing some security scanners to report that user credentials could be changed using GET. They are in fact only changed using a POST
Security: Fixed cache control directives for various resources to further mitigate potential security concerns
Fixed various minor issues that could result in unexpected messages in browser debugging windows
Fixed an issue that prevented loading of the account management page if the user account had a low transfer rate set
Fixed an issue where users were forced to change their password again after having already changed their password using the "Lost Password" work flow
Fixed an issue where the OpenFolder JSON response did not conform to the JSON specification
Fixed an issue where the "Forgot Password" feature was included for unsupported authentication types: Active Directory, LDAP
Fixed an issue where the Windows "Allow Log on Locally" privilege was required for login when explicitly supplying credentials
Fixed minor user interface inconsistencies and formatting issues
Fixed a file/path name rendering issue when certain special characters were present
Fixed an issue where users were unable to clear the filter after filtering by size
Fixed an issue that prevented files with "%" in the filename from being opened from the remote pane
Fixed an issue where "C:\" drive was included in "My Files and Folders" for Mac operating systems
Fixed an issue that prevented upload of 0-byte files
Fixed an issue where the interface would default to the root folder rather than the user's home folder for initial login
Fixed an issue where the user would be logged out when using the Open File button on a remote file
Fixed an issue where use of the delete key in the Change Password functionality would attempt to delete a file or folder
Fixed an issue where the timeout handling was not functioning for downloads when using the JSE client
Fixed an issue where the retry attempts did not include a sufficient delay and would thus quickly exhaust the number of attempts
Fixed an issue where filtering by date resulted in the user being logged out
Fixed an issue where a transfer could not be stopped using the "Kick User" functionality
Fixed an issue where the user was not taken to a remote folder when it is specified in the url
Security: Fixed an issue where accounts in different Sites with identical user names could potentially access each other's resources
Fixed an issue where sorting by modified date was non-functional
Fixed an issue that prevented deletion or rename of files whose name contained certain special characters
Fixed a memory consumption issue that could occur when an invalid content length was provided by the client. Note that some clients incorrectly overflow the content length for files over 2GB in size.
July 2012
Version 6.4.10
July 31, 2012
Fixes
Fixed minor formatting issue in generation of JSON, which is used internally between EFT Server and WTC
Fixed memory and handle leak in Event Rule client SFTP
Security: Fixed a minor security issue that allowed user accounts with force password change specified to perform some actions such as file upload without first changing their password. This issue applies only to non-browser clients connecting over HTTP/HTTPS.
Fixed AS2 outbound asynchronous MDN receipt URL, which did not contain the proper domain
Security: Fixed thread safety issue in SAT that caused incorrect home folders in EFT Server accounts
June 2012
Version 6.4.7
June 06, 2012
New Features
Added a "User Account Enabled" event trigger
Added a "User Account Deleted" event trigger
Enhancements
Changed "New User Created" event trigger label to "User Account Created" for consistency
Fixes
Fixed performance issues when synchronizing users or applying changes to group permissions when operating against an LDAP source with a large (>80k) number of users
Security: Fixed a medium-high security vulnerability that allowed users to access the Virtual File System with elevated privileges. This only applied to Active Directory authenticated users after being forced to reset their password via the Web Transfer Client or Plain Text Client. (Note that the ability for Active Directory authenticated users to reset their passwords is off by default and can only be enabled via a registry setting).
Security: Fixed a medium level security vulnerability consisting of a memory leak caused by SSL negotiation under certain conditions (affected versions: 6.4.3 - 6.4.5(private))
Fixed an issue where "User Account Disabled" event trigger was not firing for all cases
Fixed issue where some user-related event conditions and event properties were not included for use with the "New User Created" event trigger
Fixed capitalization of the names of the "User Logged In" and "User Logged Out" event triggers
Fixed an issue where the internal IP address of the remote server was being used for outbound FTP/S PASV connections rather than the external IP address
March 2012
Version 6.4.3
March 28, 2012
New Features
Added support for Common Access Card (CAC) authentication
Enhancements
Updated the user experience for Web Transfer Client interface Java Applet load failures
Updated the Legacy Transfer Client interface to display the login page on log out rather than offer to close the browser
Fixes
Fixed a slow memory leak that occurred when using LDAP authentication
Fixed an issue where the application help incorrectly displayed additional scroll bars
Fixed an inconsistency in the documentation concerning behavior of the "Require Active Directory domain trust relationship" Folder Monitor configuration item for upgrades
Fixed a misspelling in the Oracle schema scripts that caused failures when auditing PCI DSS violations
Fixed an issue that caused misalignment of icons in the Plain Text Client and Web Transfer Client interfaces when using Mozilla Firefox version 10 or later
Fixed an issue in the Web Transfer Client interface that prevented the browser from refreshing when clicking "OK" on the session expiration dialog
Fixed an issue that prevented proper operation of the Web Transfer Client interface for Sites using non-standard HTTP or HTTPS ports
Fixed an issue where the Web Transfer Client interface would display the help for an earlier version of the product
Fixed an issue where the Web Transfer Client interface would display an invalid status for timeouts during file downloads
Fixed an issue that prevented download of files from the Plain Text Client interface when using Google Chrome version 16.0.912.63 or later
Fixed an issue that prevented the proper launch of the Legacy Transfer Client interface
Fixed an issue that prevented the use of the change password feature in the Legacy Transfer Client interface
Fixed an issue that prevented the use of the file/folder rename feature in the Legacy Transfer Client interface
Fixed an issue where the Legacy Transfer Client interface would display the Plain Text Client interface after a file upload
February 2012
Version 6.4.3.6
February 29, 2012
New Features
Added support for Common Access Card (CAC) authentication
Enhancements
Updated the user experience for Web Transfer Client interface Java Applet load failures
Updated the Legacy Transfer Client interface to display the login page on log out rather than offer to close the browser
Fixes
Fixed an issue where the application help incorrectly displayed additional scroll bars
Fixed an inconsistency in the documentation concerning behavior of the "Require Active Directory domain trust relationship" Folder Monitor configuration item for upgrades
Fixed a slow memory leak that occurred when using LDAP authentication
Fixed an issue that prevented download of files from the Plain Text Client interface when using Google Chrome version 16.0.912.63 or later
Fixed an issue that caused misalignment of icons in the Plain Text Client and Web Transfer Client interfaces when using Mozilla Firefox version 10 or later
Fixed an issue in the Web Transfer Client interface that prevented the browser from refreshing when clicking "OK" on the session expiration dialog * Fixed a misspelling in the Oracle schema scripts that caused failures when auditing PCI violations
Fixed an issue that prevented proper operation of the Web Transfer Client interface for Sites using non-standard HTTP or HTTPS ports
Fixed an issue that prevented the proper launch of the Legacy Transfer Client interface
Fixed an issue that prevented the use of the change password feature in the Legacy Transfer Client interface
Fixed an issue that prevented the use of the file/folder rename feature in the Legacy Transfer Client interface
Fixed an issue where the Legacy Transfer Client interface would display the Plain Text Client interface after a file upload
Fixed an issue where the Web Transfer Client interface would display the help for an earlier version of the product
Fixed an issue where the Web Transfer Client interface would display an invalid status for timeouts during file downloads
January 2012
Version 6.4.1
January 13, 2012
New Features
Added a registry key (ReportsConnectionString) to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting.
Enhancements
Removed unused, default security credentials from default report definition XML files
Fixes
Fixed an issue that caused IP addresses in the FTP/S configuration and PASV settings for the DMZ Gateway configuration to be reversed when upgrading from releases earlier than 6.4.
Fixed an issue that prevented the proper operation of the LS command when used with a mask over the FTP and FTPS protocols
Version 6.3.16
January 12, 2012
New Features
Added a registry key (ReportsConnectionString) to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting.
(COM API) Added COM method to get/set Folder Monitor Event Rule alternate credentials
(COM API) Added COM method to get/set Site's SFTP protocol state
(COM API) Added COM method to get/set Site's default PGP key
(COM API) Added COM method to get/set Offload/Download Action's "Rename After Transfer"
(COM API) Added COM method to get/set Site->Security->Invalid logins "Count incorrect username" settings
(PGP) Added registry key to control timeout for long running PGP operations
Fixes
Fixed offload COPY of a non-existent file to default to ERROR instead of SUCCESS. Added a toggle to Offload Wizard to allow the selection of ERROR or SUCCESS.
Fixed event rule Copy/Move to support Danish high characters: "æøå"
Fixed event rule Copy/Move to not inherit credentials from a previous Copy/Move Action
Fixed issue locating user in LDAP during Change Password
Fixed event rule variables (%FS.FILE_NAME%) to contain the correct filename after a MOVE Action
Fixed issue that could cause duplicate execution of Timer rule under certain circumstances
Fixed crash when MLSD performed in a folder containing a VFS alias > 14 characters in length
(WTC) Fixed HTTP to properly redirect to a specified folder after entering credentials on login page
Fixed a memory leak in COM CServer::Close and CSite::Close
Fixed COM Allow FXP, Allow COMB, and Allow XCRC getters and setters when using inheritance
Fixed COM FTP "Allow ZLIB compression" toggle
Fixed COM setting of Upload/Download proxy type
(AS2) Fixed inbound AS2 transfers from being redirected to login page when the HTTP User Agent appears to be a browser
(SAT) Fixed SAT to properly populate the FROM email address in multi-domain environments
December 2011
Version 6.4.1
December 19, 2011
EFT Server (standard) and EFT Enterprise
New Features
Added a registry key to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting
Fixes
Removed unused, default security credentials from default report definition XML files
Fixed an issue that prevented the proper operation of the LS command when used with a mask over the FTP and FTPS protocols
Fixed an issue that caused IP addresses in the FTP/S configuration and PASV settings for the DMZ Gateway configuration to be reversed when upgrading from releases earlier than 6.4.0
Version 6.4
December 07, 2011
New Features
Added polling option to Folder Monitor, including ability to sweep the monitored folder on rule startup
Added archive option to Folder Monitor to avoid duplicate processing when polling option is enabled
Added ability to specify Event ID for Write to Windows Event Log action
Added UTF-8 option for Copy/Move and Download Event Rule actions
Added new column (optional) to EFT Server's CL log (Event Rule client log) that returns a success/failure code after the actual result (error) code. To enable: HKLM\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0 value=Enable10ColumnInClientLog DWORD=1 (not present or 0 means disabled)
Added registry override to disable use of LAST SFTP command used to detect for existence of destination folder prior to transfer
Added registry override to aid in connecting to slower SFTP servers
Added registry override that sets the timer thread stack size for cases where lots (300-400) of timers are launching AWE tasks (For information regarding registry settings, refer to the GlobalSCAPE Knowledgebase, keyword: windows registry)
Added comprehensive IPv6 support including support for dual stacks (both IPv4 and IPv6)
Added support for multiple discrete listening IPs per site
Added support for CIDR masking (in addition to current wildcard masking) for IP Access/Ban rule IP definitions
Added option to treat missing source file(s) as success (rather than failure) for Copy/Move action (any protocol) and for Download action (LAN transfers only)
Added support for multiple emails assigned to user account (semicolon delimited)
Added support for using %USER.EMAIL% in the To, CC, and Bcc fields of the Email Notification action
Added toggle to certificate signing manager to automatically add newly signed certificate to certificate store trusted list
Added ability to create Site-specific templates for password reset reminder and required messages, and for login credentials message.
Added registry override for the default (10 minute) PGP timeout
Added registry override for the PGP log file name created by EFT Server
Added "Deep Search" to the quick search feature (search in rules)
Added prompt to apply, discard, or cancel (revert) changes when switching to a different page in the administration interface without having first saved one's changes
Added link to SAT send page from SAT admin page
Added numerous minor usability enhancements
Added full IPv6 support including dual stack (both IP 4 and 6)
Added support for 6to4 and 4to6 translation
Added HttpOnly attribute to cookies (where supported) as a security precaution
Added Secure attribute to all cookies presented over HTTPS (except for special case when an HTTP session is temporarily redirected to HTTPS for the login portion, and then back to HTTP post login)
Added attribute to prevent auto-complete of FORM fill for login and password reset pages as a security precaution
Added X-Frame-Options: "sameorigin" to prevent clickjacking. To override that setting: HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient DWORD value=disable_xframeoptions; DWORD=00000001 (to disable)
Added X-Content-Type-Options: "nosniff" header as a security precaution
Added X-XSS-Protection: "1; mode=block" header as a security precaution (For explanation of various headers)
Added date/time formatter to control how the Plain Text Client (PTC) shows dates, between US and European style date formats
Added several new COM methods and properties to support new functionality
Enhancements
Enhanced SFTP client (Copy/Move and Download) performance significantly
Updated AS2 library component to 8.1.4276.0
Updated PCI DSS coverage to account for PCI DSS 2.0 changes
Updated SSL library to 0.9.8r
Switched to SQL Native Client 2008 R2 API
Enhanced SAT's various templates, including the notification template
Enhanced SAT's transfer engine to use Java SE Runtime v6u26 and JFileUpload version 2.9C
Removed certain GET requests from WTC and PTC definitions to eliminate false positives in security scanners
Fixes
Fixed FTP trace logging that was accidentally removed in EFT 6.3
Fixed AS2 redirection bug introduced in EFT 6.3 that affected AS2 clients that identified themselves as a generic browser
Fixed crash caused by AS2 connections under certain conditions (specifics withheld to prevents DoS attacks on older servers)
Fixed issue where EFT Server's SMTP settings weren't being propagated to the registry for use by the AWE module
Fixed issue connecting to MVS systems. Now if EFT detects MVS using FTP SYST command it avoids use of PWD and CWD commands for overwrite logic
Fixed issue where EFT Server failed to retry offloads when the file was locked by another process and a ERROR_ACCESS_DENIED or ERROR_SHARING_VIOLATION was received
Fixed issue where LAN transfers with credentials override was failing because the Folder Monitor override credentials were being used instead
Fixed issue where LDAP change password attempts failed depending on how the username was constructed
Fixed issue where timer event could trigger twice under certain conditions
Fixed issue where client downloads would fail when downloading from a GXS server
Fixed issue where certain EFT Server context variables were not being passed to AWE
Fixed issue where files with a prefix of "as2" could not be downloaded
Fixed issue where FTP/S client (Copy/Move and Download action) wasn't respecting the ReceiveBufferSize registry override (HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE\TED6\Settings\Transfer\ReceiveBufferSize)
Included all bug fixes made in EFT Server 6.3 private patch versions
Fixed issue with MODE command where certain parameters would cause EFT to return errors
Fixed issue in email notification where URLs exceeding certain length mangled in the HTML
Fixed hang that occurred when in FIPS mode, a certificate with non-FIPS approved algorithms was used for a client offload
Fixed issue where user was placed in root folder if user's home folder exceeded Windows' max_path
Fixed PGP decrypt performance issue introduced in EFT 6.3
Fixed issue where Event Rule comments were truncated if too long
Fixed crash caused in SFTP write operations under certain conditions (specifics withheld to prevents DoS attacks on older servers)
Fixed issue where the registry override to require delete permission for uploads that result in overwritten files wasn't being honored. (Reference)
Fixed issue where EFT Server failed to create a users' home folder if it did not already exist but "create home folder for new users" was enabled (after .AUD import)
Fixed crash that would occur during a trial extension request under certain conditions
Fixed issue where prompt would appear for PGP key that would prevent the user from further navigation, even though PGP was not being used
Fixed issue where file does not exist was returning incorrect FTP error code ("550 Permission denied" instead of "550 File does not exist")
Fixed issue where a failure and error was returned by PGP encryption logic under certain conditions
Fixed issue where duplicate users were reported in the .AUD file
Fixed issue where an On File Upload rule would fail to trigger if a Settings Template was specified as a conditional value
Fixed issue where EFT failed to log when PGP delete operation failed due to file being locked
Fixed issue where upgrade failed to import the entire list of banned IPs; increased threshold from 1,000 to 5,000
Fixed inconsistency between documentation and how ResultID was actually being audited to the ARM database
Fixed issue where SAT module throws an MX Error 45 when changing settings template location
Fixed issue where SAT would incorrectly state that some content was delivered unsecured (only under certain conditions)
Fixed issue where subdirectory could no longer be accessed over HTTP/S directly using a URL
Fixed issue where the WTC would not load if AdBlockPlus was enabled on FireFox
Fixed issue where it was impossible to delete files in the PTC with certain characters in the filename
Fixed memory leak when using COM to query EFT Server repeatedly
Fixed issue where a COM exception would occur if GetVirtualFolderList() was invoked and no virtual folders existed
Fixed issue where GetPhysicalPath returned an error when the bstrFolderAlias passed to the function pointed to a virtual folder with a missing target (physical) path
Fixed issue where CreateVirtualFolder returns an error if bstrTarget doesn't exist on the server
Fixed issue where a small number COM properties worked incorrectly if those values were set to inherit from the Server
November 2011
Version 6.4.0
November 18, 2011
New Features
Added comprehensive IPv6 support including support for dual stacks (both IPv4 and IPv6)
Added support for CIDR masking (in addition to current wildcard masking) for IP Access/Ban rule IP definitions
Added polling option to Folder Monitor, including ability to sweep the monitored folder on rule startup
Added archive option to Folder Monitor to avoid duplicate processing when polling option is enabled
Added ability to specify Event ID for Write to Windows Event Log action
Added option to treat missing source file(s) as success (rather than failure) for Copy/Move action (any protocol) and for Download action (LAN transfers only)
Added UTF-8 option for Copy/Move and Download Event Rule actions
Added support for multiple emails assigned to user account (semicolon delimited)
Added support for using %USER.EMAIL% in the To, CC, and Bcc fields of the Email Notification action
Added toggle to certificate signing manager to automatically add newly signed certificate to certificate store trusted list
Added Site-specific templates for password reset reminder and required messages, and for login credentials message. To implement, append the Site name and an underscore in front of the template name. E.g. MySite_CredentialsTemplate, SiteA_PasswordResetReminderMsg.html, or SiteB_PasswordResetMsg.html)
Added new column (optional) to EFT Server's CL log (Event Rule client log) that returns a success/failure code after the actual result (error) code. To enable: HKLM\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0 value=Enable10ColumnInClientLog DWORD=1 (not present or 0 means disabled)
Added registry override to disable use of LAST SFTP command used to detect for existence of destination folder prior to transfer
Added registry override for the default (10 minute) PGP timeout
Added registry override for the PGP log file name created by EFT Server
Added registry override to aid in connecting to slower SFTP servers
Added registry override that sets the timer thread stack size for cases where lots (300-400) of timers are launching AWE tasks
Added "Deep Search" to the quick search feature (search in rules)
Added prompt to apply, discard, or cancel (revert) changes when switching to a different page in the administration interface without having first saved one's changes
Added link to SAT send page from SAT admin page
Added numerous minor usability enhancements
Added full IPv6 support including dual stack (both IP 4 and 6)
Added support for 6to4 and 4to6 translation
Added HttpOnly attribute to cookies (where supported) as a security precaution
Added Secure attribute to all cookies presented over HTTPS (except for special case when an HTTP session is temporarily redirected to HTTPS for the login portion, and then back to HTTP post login)
Added attribute to prevent auto-complete of FORM fill for login and password reset pages as a security precaution
Added X-Frame-Options: "sameorigin" to prevent clickjacking. To override that setting: HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient DWORD value=disable_xframeoptions; DWORD=00000001 (to disable)
Added X-Content-Type-Options: "nosniff" header as a security precaution
Added X-XSS-Protection: "1; mode=block" header as a security precaution
Added date/time formatter to control how the Plain Text Client (PTC) shows dates, between US and European style date formats
Added several new methods and properties to support new functionality
Enhancements
Enhanced SFTP client (Copy/Move and Download) performance significantly
Updated PCI DSS coverage to account for PCI DSS 2.0 changes
Updated SSL library to 0.9.8r
Updated AS2 library component to 8.1.4276.0
Switched to SQL Native Client 2008 R2 API
Enhanced SAT's various templates, including the notification template
Enhanced SAT's transfer engine to use Java SE Runtime v6u26 and JFileUpload version 2.9C
Removed certain GET requests from WTC and PTC definitions to eliminate false positives in security scanners
Fixes
Fixed issue where subdirectory could no longer be accessed over HTTP/S directly using a URL
Fixed issue with MODE command where certain parameters would cause EFT to return errors
Fixed issue in email notification where href's exceeding certain length mangled in the HTML
Fixed hang that occurred when in FIPS mode, a certificate with non-FIPS approved algorithms was used for a client offload
Fixed issue where user was placed in root folder if user's home folder exceeded Windows' max_path
Fixed memory leak when using COM to query EFT Server repeatedly
Fixed issue where SAT module throws an MX Error 45 when changing settings template location
Fixed PGP decrypt performance issue introduced in EFT 6.3
Fixed FTP trace logging that was accidently removed in EFT 6.3
Fixed inconsistency between documentation and how ResultID was actually being audited to the ARM database
Fixed issue where Event Rule comments were truncated if too long
Fixed AS2 redirection bug introduced in EFT 6.3 that affected AS2 clients that identified themselves as a generic browser
Fixed crash caused by AS2 connections under certain conditions (specifics withheld to prevents DoS attacks on older servers)
Fixed crash caused in SFTP write operations under certain conditions (specifics withheld to prevents DoS attacks on older servers)
Fixed issue where the WTC would not load if AdBlockPlus was enabled on FireFox
Fixed issue where EFT Server's SMTP settings weren't be propagated to the registry for use by the AWE module
Fixed issue connecting to MVS systems. Now if EFT detects MVS using FTP SYST command it avoids use of PWD and CWD commands for overwrite logic
Fixed issue where EFT Server failed to retry offloads when the file was locked by another process and a ERROR_ACCESS_DENIED or ERROR_SHARING_VIOLATION was received
Fixed issue where the registry override to require delete permission for uploads that result in overwritten files wasn't being honored.
Fixed issue where LAN transfers with credentials override was failing because the Folder Monitor override credentials were being used instead
Fixed issue where LDAP change password attempts failed depending on how the username was constructed
Fixed issue where EFT Server failed to create a users' home folder if it did not already exist but "create home folder for new users" was enabled (after .AUD import)
Fixed crash that would occur during a trial extension request under certain conditions
Fixed issue where prompt would appear for PGP key that would prevent the user from further navigation, even though PGP was not being used
Fixed issue where SAT would incorrectly state that some content was delivered unsecured (only under certain conditions)
Fixed issue where file does not exist was returning incorrect FTP error code ("550 Permission denied" instead of "550 File does not exist")
Fixed issue where timer event could trigger twice under certain conditions
Fixed issue where a failure and error was returned by PGP encryption logic under certain conditions
Fixed issue where duplicate users were reported in the .AUD file
Fixed issue where client downloads would fail when downloading from a GXS server
Fixed issue where certain EFT Server context variables were not being passed to AWE
Fixed issue where files with a prefix of "as2" could not be downloaded
Fixed issue where a COM exception would occur if GetVirtualFolderList() was invoked and no virtual folders existed
Fixed issue where FTP/S client (Copy/Move and Download action) wasn't respecting the ReceiveBufferSize registry override
Fixed issue where an On File Upload rule would fail to trigger if a Settings Template was specified as a conditional value
Fixed issue where GetPhysicalPath returned an error when the bstrFolderAlias passed to the function pointed to a virtual folder with a missing target (physical) path
Fixed issue where CreateVirtualFolder returns an error if bstrTarget doesn't exist on the server
Fixed issue where it was impossible to delete files in the PTC with certain characters in the filename
Fixed issue where EFT failed to log when PGP delete operation failed due to file being locked
Fixed issue where upgraded failed to import the entire list of banned IPs. Increased threshold from 1,000 to 5,000
July 2011
Version 6.3.8
July 21, 2011
New Features
(COM API) Added CreateUserEx2() COM call that includes the user's email address so the account creation email can be sent at the time the user is created; all of the user/client details can now be set
(COM API) Added support for hashed passwords to COM CreateUserEx to facilitate user migration from another EFT
(COM API) Added 2 new COM methods to facilitate retrieval of VFS virtual folders and folder permissions
Added registry key to disable HTTP-to-HTTPS redirection
Added support for Unix style -lrt sorted listing to NLST
Added registry value to enable RENAME to overwrite an existing file
Added registry value to enable Clear Command Channel to expect an encrypted response to CCC request. This provides CCC interoperability with Sterling CONNECT Enterprise
Added 2 step save process used by ftp.cfg to AUD files to prevent corruption during save. "*.bak" and "*.corrupted" files are now created as necessary.
Fixes
Fixed installer to properly create the EFT Server administrator account during cluster installs
Fixed Plain Text Client handling of paths that included a space during RENAME and DELETE
Fixed WGET file transfers over HTTP
Fixed invalid data in customer configuration files that could slow down file transfers
Fixed upgrades from EFT Server 5.x to maintain DMZ Gateway as the outbound proxy
Fixed uploads of small files (<100 bytes) from Rebex/Ultimate FTP libraries
Fixed issue in SFTP that would not allow a new Active Directory user to connect until an AD database synchronization or an FTP login occurred
Fixed NLST to once again support listings of filenames that contain special characters > 128
Fixed Site Administrator accounts to control the "Treat Home Folder as Root" setting
Fixed Event Rule LAN operations when paths contained multiple or incorrect slashes ("/", "\")
Fixed upgrades to EFT 6.3 from GSFTPS FIPS
Fixed server restore so all user home folders are restored when backup contains a large number of sites (14)
Fixed FireFox 4 issues in the Plain Text Client
Fixed Plain Text Client 403 and 404 errors when attempting to rename or delete a file from a subfolder if specific permissions were set
Fixed VFS to prevent orphan VFS permissions nodes hidden in ftp.cfg
Fixed a crash that occurred with calling GetFolderPermissions via COM
Fixed COM DisableInheritPermissions method to set child folders to their parents' permissions instead of the root folder permissions
Fixed COM Event Rule enums to include "Greater than" and "Greater than equal to" conditional operators
Fixed COM new 6.3 method names that were inconsistent with the existing API
Secure Ad Hoc Transfer (SAT) module
Fixed SAT for proper handling of non-US date formats
Fixed SAT to not authenticate against NTLM when "no auth" is selected
Fixed SAT Installer to identify 32 vs. 64 bit on same host installs
Fixed SAT Installer to use PCI compliant password complexity rules for admin accounts
Fixed SAT errors which prevent Admin page from loading
Fixed SAT web.config errors when a non-standard HTTPS port was used
Fixed SAT upgrade issues when SAT was not installed on C:
Fixed SAT Installer to not de-register COM
AS Module
Fixed AS2 to support multiple SSL public key certs in a single .crt file
Fixed a crash that occurred when formatting an AS2 synchronous MDN message
Web Transfer Client (WTC)
Fixed Web Transfer Client logout to not affect other open tabs in Internet Explorer (IE)
Fixed Web Transfer Client jars to be signed with a newer cert that doesn't expire until 2015
Fixed Web Transfer Client and Plain Text Client to initially place users in their home folder instead of the site root folder when "Treat Home Folder as Root" is turned off
Fixed IE9 and Chrome drag-n-drop issues in Web Transfer Client
Advanced Workflow Engine (AWE)
Fixed AWE "Stop Task" action to properly return SUCCESS or ERROR to the EFT Server Event Rule
Fixed AWE to support semicolons as a separator in "On Error" tab variables
Fixed AWE to properly display the "Send Email" action when editing the "On Error" tab
Fixed AWE GetTaskName to properly return the name of the task
Fixed AWE crash when a nesting of sub-tasks would ultimately delete the file that triggered an EFT Server folder monitor
Fixed some broken help hooks in the AWE Help
OpenPGP Module
Fixed "8000ffff: Catastrophic Failure" Errors when PGP encrypts multiple or single files
March 2011
Version 6.3.0
March 30, 2011
New Features
Added RSA SecurID and RADIUS 2-factor authentication
Added Status Viewer to monitor in progress and recent file transfers
Added IP Access/IP Ban user interface that supports white listing
Added Event Rule Calendar supports custom calendars and import/export
Added "Write to Windows Event Log" Event Rule Action
Added RSA SecurID and RADIUS 2-factor authentication
Added Event Rule Calendar supports custom calendars and import/export
Added "Write to Windows Event Log" Event Rule Action
Added ability for multi-part transfers to be available in the Event Rule Copy/Move via a registry key
Added Copy/Move Event Rule Action support for alternate set of credentials for remote UNC shares
Added Copy/Move and Event Rule Action support for several overwrite and enumerate options
Added Folder Monitor support for two modes of operation: high throughput or high number of folder monitors
Added "Cleanup logs" action to the "Backup and Cleanup" Timer rule in new installs
Added HTTP and SFTP keyboard interactive login support for RSA and RADIUS pin creation
Added SIZE as a fallback for transfer verification when XCRC is not supported by remote server
Added registry option to use LOGON_NEW_CREDENTIALS instead of LOGON_INTERACTIVE for folder monitor
Added support for SFTP client Copy/Move and Download transfers of files greater than 4 GB
Added ability for user-level admins to unlock user accounts, in addition to enable/disable and change password
Added the AML task name to AWE debug logging
Added UTF-8 filenames support in AWE tasks
Added a warning message if a duplicate folder monitor is created for the same folder
Added TRACE level logging of AS2 HTTP headers
Added Status Viewer to monitor in progress and recent file transfers (requires ARM for historical transactions)
Added IP Access/IP Ban user interface that supports white listing
Added "IP Banned" Event Rule Condition and "Too many invalid commands" Event Reason
Added PGP Event Rule signature verification options
Added Event Rule "precise time stamp" context variable
Added multi-threaded PGP architecture
Added Denial of Service detection to all protocols
Added UTF-8 filenames support over HTTP and SFTP
Added EBCDIC "TYPE E" support
Added SYST value support
Added SFTP support for public key or password authentication
Added support for non-FIPS version of the OpenSSL library to version 0.9.8o
Added detailed logging of SFTP connections to connection log in Status Viewer
Added disable of auto import of ARM text files via a registry key
Added ability to sort objects in the AI left tree pane alphabetically
Added trigger of the "User Disabled" event rule when Users expire
Added ability to apply PGP Event Rule Actions to "On File Download" events
Administration Interface (AI)
Added left pane tree support for up to 100,000 EFT Server users; multi-select enable, unlock, delete, and reset password; and visual identification of EFT Server user accounts without an email address
Added Active Directory sites' ability to not show the domain name
Added PGP keys management from remote AIs
Added AI/EFT Server SSL certificates checks to validate connections
Added DER, PFX, and P7B output formats in addition to PEM for SSL cert export
Added AI upgrades and command line silent install support
Added summary list of folders to be deleted when a user is deleted
Added support to protect key folders (/usr) from deletion when a user is deleted
(AWE) Added sample tasks for demonstrating Expectations, IP black lists, etc.
(AWE) Added Sharepoint Action
(AWE) Added Compression Action: Added 7zip compress/uncompress
(AWE) Added FTP Actions: FXP; synchronize method; FIPS 140 mode; FTPS clear command channel (CCC) mode
Added FTP advanced action file exist; folder exist; get crc; FTP tuning options (UseLargeBuffers)
(AWE) Added FTP ability to get long list dataset shows file attributes
(AWE) Added SFTP validation of server host key; SFTP provide protoversion prior to connection
(AWE) Added Get File Info Action: Added ability to retrieve folder information
(AWE) Added Send/Get email and Exchange Actions: Support for Exchange 2010 and ability to send custom headers
(AWE) Added Send/Get email and Exchange Actions: Improved filter engine based on query for Imap and Webdav
(AWE) Added Service Management: Added remote service install, start, stop, pause, resume
(AWE) Added Web Service Action: Added support for SOAP 1.2 protocol
(AWE) Added Full Unicode support across all Actions
(AWE) Added Start Task and Stop Task Actions
(ARM) Replaced the integrated SQL Server Express 2005 installer with SQL Server Express 2008 R2
(ARM) Added logging to the installer during creation or modification of the SQL schema
(DMZ) Added synchronization of messages with EFT Server to implement enhanced IP Access/IP Ban capabilities
(SAT) Added new architecture that uses Java applet to transfer file directly to EFT Server bypassing IIS
(SAT) Added new web-based administration and configuration
(SAT) Added ability to transfer files larger than 2 GB
(SAT) Added ability to transfer folders
(SAT) Added installer support of upgrades; does not require uninstall
(SAT) Added default SAT Event Rules in EFT Server to automatically send upload notifications, delete expired temporary users, and notify senders of upload(s) received from temporary users.
(WTC) Added form-based login that supports branding and true login/logout sessions, and password reset
(WTC) Added selection of WTC (Java) or Plain Text Client (PTC) from the login page
(WTC) Added new "look" with improved buttons and use of CSS to support branding
(WTC) Added Single Sign On (SSO) support in NTLM environments
(WTC) Added branding process that doesn't require registry overrides
(WTC) Added branding that can be EFT Server site specific
(WTC) Added capabilities and status provided in the WTC transfer queue pane
(WTC) Added requeue counter to the Settings panel for error-prone connections/servers
(WTC) Added option to select Java JSE HTTP client for NTLM v2 proxy authentication
Added numerous COM API methods and properties to mirror the capabilities available in the AI:
Administrators and administrator privileges
LDAP, AD, and ODBC site creation and options
Event Rule Offload/Download Advanced tab
Write To Windows Event Log
Backup and Restore
IP Ban
AS2
FTP options: FXP, Noop, COMB, XCRC
AWE custom variables
Multiple SSH client keys and key export
Fixes
Fixed Email notification file size for Copy/Move events
Fixed Web Services WSDL page accessibility
Fixed "User must change password on first login" with LDAP
Fixed ARM SQL connection details in GUI notifications to lesser privileged admins
Fixed LDAP "change password" implementation via LDAP calls instead of Active Directory
Fixed "Uploads per session" and "Downloads per session" limits for HTTP
Fixed Offload/Download wizard handling of forward and backward slashes
Fixed PGP passwords masking in DEBUG logging
Fixed "Stop Processing" and "If failed Action" listing in the Event Rule preview pane even when inactive
Fixed rejected SSL client cert trigger of the Event Rule "Connect Failed" Condition
Fixed "On User Created" Event Rule is trigger for first login of an AD or LDAP user
Fixed Event Rule client downloads of file with a % in the filename
Fixed Event Rule client traversal of directories with a # or % in the folder name
Fixed Administrator warning regarding outbound PORT mode support through DMZ Gateway
Fixed inconsistency of file paths in CREATE and DELETE lines of ARM reports
Fixed resuming of interrupted WTC transfers
Fixed ARM auditing of SFTP file offset to properly report transferred bytes
Fixed renaming of a group so that all members of the group are not removed from the group
Fixed crashes reported in Microsoft WinQual
Fixed parsing of multi-line HTTP headers
Fixed PGP temporary files creation
Fixed ability to "kick" and delete connected users
Fixed auditing of failed HTTP logins in ARM
Fixed (removed) "EFT Server" identifiable strings where possible to address security audit recommendation
Fixed WTC local pane display of system or hidden files or folders
Fixed 2048 bit SSL signed certs in AS2
Fixed HTTP login support of usernames with embedded spaces (Active Directory Display Name accounts)
Fixed error in ARM report templates that allowed non-admin user account to edit the template
Fixed error in WTC file rename in Safari browser
Fixed/eliminated long delay when uploading files via SFTP to a remote folder containing 100,000+ files
January 2011
Version 6.2.31
January 26, 2011
EFT Server (standard) and EFT Enterprise
New Features
Added the ability to rename virtual folders
Added ERROR logging to Active Directory calls during AD user synchronization
Added a timeout at the SFTP layer to detect hung connections from third-party servers
Added updating of Active Directory user home folders during AD synchronization
Added support for SSL cert settings for Event Rule downloads
Added a registry value to control the Health Check Timeout for slow file servers
Added registry setting to control the ARM report generation timeout
Added the new EULA for EFT Server
Added ability for Template Settings administrators to delete a user's home folder
Added/improved user password and account settings in the COM interface
Added/improved folder permissions inheritance and Encrypting File System (EFS) settings in the COM interface
Added/improved proxy, overwrite, COMB, and FXP transfer options in the COM interface
Added/improved Event Rule PGP options in the COM interface
Added DMZ Gateway support of compressed messages sent from EFT Server
Enhancements
ARM now only audits "On File Upload" rules that perform an Event Rule Action
Active Directory user home folders are now updated during synchronization
Enhanced the COM API methods for specifying EFT Server Administrator privileges
Improved import time when migrating large numbers of users into EFT via COM
Fixes
Corrected the amount of time EFT Server logins were blocked when updating user quotas
Corrected issue that caused "home folder not deleted" error message when deleting a user
Corrected issue in Event Rule SFTP client when sending files larger than 4 GB
Corrected crash that could occur when an SFTP connection failed before a channel was established and EFT Server attempted to clean up the channel
Corrected crash in the EFT Server administration interface that occurred while an external VBS COM script was backing up the VFS
Corrected auditing of invalid transfer data by the Event Rule client for rare cases of failed transfers
Corrected Active Directory and LDAP sites to use standard password change page instead of a hard-coded, AD/LDAP-specific page
Corrected connection error in FTPS when remote folder contained 800+ files
Corrected crash that would result in a user's home folder being set to NULL
Fixed single-click URL construction to resolve file rename issue in the Plain Text Client
Fixed SFTP Event Rule client to honor connection retry settings
Fixed SFTP so 0-byte downloads do not trigger "On File Upload" rules
Fixed SFTP so users with a home folder at the site root do not trigger On File Upload rules upon login
Fixed handling of empty client SSL certificates for FTPS Explicit tranfers
Fixed crash that resulted from corrupt data in VFS permissions
Fixed error in the Event Rule client that would cause the creation of too many session-level debug log files when using a "*" mask
Fixed memory increases that prevented users from connecting to EFT site
Fixed single click download with URL containing .exe or .dll
Corrected crash when the Event Rule client attempts to download 400,000+ files
Corrected crash in remote AI GUI when changing user permissions in the VFS tab
Corrected issue that caused loss of PGP subkeys when upgrading from EFT 5.1 to 5.2 or later
Corrected issue so SFTP transfer limits are now honored
Corrected some timestamp errors in ARM reports generated using Oracle
Corrected error in tracking of Event Rule client transfers that caused EFT Server service to crash
Corrected slowdown that occured when an EFT site has a large number of VFS folders pointing to missing or non-accesible locations
Corrected and issue where auditing and reporting module didn't render certain parameters in a report
Corrected issue where trial extension requests did not behave as expected.
Corrected crash in SFTP occasionally caused by read errors
Corrected issue where OpenSSH client would require private key passphrase when using password authentication
Corrected issue rendering some Windows-1252 extended characters in the Plain Text Client (PTC)
Corrected crash in FTP when consecutive PASV commands were issued
Corrected issue so invalid username attempts will add the IP address to the ban list
Corrected crash when the mail template was less than 7 characters in total size and contained one of the following characters: f, i, l, e, :, /
Corrected issue in SFTP client that caused 0 length files to be created when downloading using a *.* file mask
Corrected crash in the Admin Interface (AI) when expanding site folders and navigating back to the Server tab
Restored ability to blind upload files without requiring LIST privilege
Corrected issue in SFTP upload MDTM that caused incorrect file date stamps
Corrected crash in SFTP caused by far side closing connection during or immediately after connection
Corrected hang in Scheduled Event Rule caused by AWE task crashed
Corrected issue in selected COM methods on Windows 2008
Corrected issue that prevented the custom Manage Account HTTP page from working on Firefox
Corrected two ARM reports that were not displaying the timestamp properly when the EFT Server database was running on Oracle
Corrected issue that caused the Web Transfer Client to stop working if the Site was configured to not allow the download of JavaScript (js) files
Corrected issue that prevented the Trial Extension Request from working on a 64 bit OS if the trial had expired
Corrected issue that caused "425" errors when making 10 or more concurrent FTPS PASV port connections through DMZ Gateway to a defined PASV port range
Corrected DMZ Gateway to correctly return ports to pool on PASV connection attempts
Corrected ERROR logs to display as DEBUG, as they are not Application Errors
Corrected PASV Ports to be assigned randomly instead of sequentially
Corrected connection issues when significant configuration data is passed between the interface and the Server
Corrected issues caused by bad message processing logic for certain network environments
September 2010
Version 6.2.18.3
September 09, 2010
EFT Server (standard) and EFT Enterprise
New Features
Added toggle for HTTP 100-CONTINUE message for interoperability with older AS2 systems that do not support HTTP 1.1
Added Quick Search (Control+F) feature to locate Users, Event Rules, Groups, etc. in the tree
Enhanced the Administrator user interface to support Trial Extension requests without requiring an administrator to login
Added optional directory listing method for customers with large numbers of files in a NAS folder (40,000). This method does not request the associated folder/file permissions during the directory listing. HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\LegacyDirListBehavior DWORD: any non-zero value activates the legacy (no permissions) directory listings
Added several VFS and Administrator methods to COM interface
Added more logging to SFTP and AS2 to provide greater visibility into transfer problems (enable in logging.cfg)
Added an option to the Web Transfer Client to select local time or GMT for the modified time for files in the local pane
Enhancements
Enhanced Web Transfer Client text to use "Current Password" instead of "Old Password" to reduce user confusion
Enhanced Web Transfer Client (WTC) to allow selection of GMT or local time for file timestamps in the remote pane
Fixes
Corrected issue in quota calculation that was sometimes inconsistent for folders on a UNC share
Corrected crash in the administrator interface caused by copying an "if action FAILED" Event Rule statement
Corrected timing related crash if data socket was closed while trying to compute transfer speed
Corrected issue in AWE that caused AWE task that called a subtask to sometimes not complete
Corrected memory leak in LDAP user synchronization
Corrected issue that caused SFTP uploads to time out if a sizable number of On File Upload rules were enabled with email notifications
Corrected issue that caused filter options to be unavailable in Timer Event Rule Report Actions
Corrected issue where some user folders were not being restored from a backup
Corrected issue where the SFTP client’s automatic resume was not working properly
Corrected ASCII conversion issues that would occur during the RESUME once the network error was resolved
Corrected issue where the Cleanup Action was not deleting BAK files. Also added deletion of READONLY and HIDDEN files. The file path no longer has to end in a backslash \
Corrected issue where the EFT Server service/admin interface would hang during the changing of the priority of Event Rules
Corrected issue with memory leaks when adding a user to a permission group and other user-management tasks
Corrected issue where SFTP client keys would not work when upgrading from Secure FTP Server to EFT Server 6.x
Corrected issue where EFT Server created the default permission groups "Administrative" and "Guest" that are not appropriate for an ODBC Site
Corrected issue where the "Allow FXP" (site-to-site transfers) toggle was not being honored
Corrected issue where the Event Rule offload client retry setting was not being honored
Corrected issue that would halt future transfers of files by the Event Rule client for specific types of transfer errors
Corrected crash in the administrator interface that resulted from monitoring a user from other than the first Site
Corrected crash in the administrator interface that resulted from a speed calculation error
Corrected issue caused by improper processing of FTP MKDIR command
Corrected issue when connecting over SFTP using Transmit 3.5.4 client
Corrected issue in FTP directory listing - date sorting was sometimes out of order
Corrected delay that could occur to an FTP authentication while EFT admin was loading folders in the VFS tab
Corrected SFTP and HTTP login issue in Active Directory environments with multiple domains
Corrected issue where AS2 no longer requires the AS2-Version HTTP header for interoperability with older AS2 implementations
Corrected problem related to cleanup of OpenPGP temporary files
Corrected problem where OpenPGP would lockup if destination file already exists
Corrected issue where AWE module would hang related to the improper termination of AWE tasks
Corrected interoperability issue with WS_FTP Server related to large file transfers - other vendors have had to do the same
Corrected MDTM to always return values in GMT, even if EFT Server listings are configured for local time
Corrected parent folder permissions to no longer require SHOW and LIST
Corrected interoperability issue with OpenSSH
Corrected an issue where Event Rule comments were being lost
Corrected XCOPY custom commands errors
Corrected an issue where Event Rule Timer events would trigger 1 second early
Corrected issue with unnecessary SSH_DISCONNECT timeout messages
Corrected a CRC error that prevented Web Transfer Client from being able to successfully resume a download
Corrected issue where resume did not work on filenames > 35 characters when transferring files with the WTC
Corrected issue in SAT that could cause the temporary accounts to not be created on EFT Server
Corrected issue in SAT that caused the previous value of the FROM email address to be used instead of the one supplied by the user
May 2010
Version 6.2.7
May 14, 2010
EFT Server (standard) and EFT Enterprise
New Features
Added new registry override for FTP SYST response. Default is "UNIX Type: L8"; common request is for "Windows_NT"
Enhancements
Enhanced SFTP connection mechanism to work with non-RFC compliant SFTP servers
Fixes
Corrected issue where home folders were being lost for AD users after an upgrade
Corrected crash that would occur under rare condition when corrupted configuration file was present
Corrected problem where EFT Server failed to notify user if site root physical folder was missing
Corrected problem where network errors would cause e-mail notifications to fail
Corrected problem where LDAP authentication would fail when a user was moved to a different OU or CN
Corrected memory leak resulting from COM API operations involving quota checker and folder monitor
Corrected crash that occurred upon manually refreshing user database for LDAP auth types
Corrected issue where user would not appear in EFT Server’s user list if the user connected prior to an AD synchronization event
April 2010
Version 6.2.3
April 5, 2010
EFT Server (standard) and EFT Enterprise
New Features
Multiple administrators can now add objects of the same type (users, event rules, custom commands, and AWE tasks) at the same time
Enhancements
Removed EFT software version number from HTTP headers to address security concern
Modified buffer size on HTTP downloads to achieve comparable file transfer speeds with uploads
Updated SAT tables in ARM to provide better performance and robustness
Fixes
Fixed issue when editing an event rule email action when another administrator had modified the user list in a separate AI GUI
Fixed SAT to log the proper filename, instead of the temporary filename, in ARM when SAT is installed on a server remote from EFT
Corrected issue in SQL files that could inhibit the creation of the ARM indices on MSDE
Fixed a problem where EFT Server Denial of Service updates could block legitimate client connection attempts.
Fixed a resource leak that appears under some environments leading to resource exhaustion.
March 2010
Version 6.2.1
March 9, 2010
EFT Server (standard) and EFT Enterprise
Fixes
Corrected issue where (on new installations) PGP keys could not be created without a service restart
Changed default behavior for PGP signature verification to OFF by default (registry enabled). Search help for "signature verification" for instructions.
Corrected a problem with how DMZ Gateway handled certain error conditions that could affect the peer communication channel
Version 6.2
March 1, 2010
EFT Server (standard) and EFT Enterprise
New Features
Added ODBC Authentication Manager SQL scripts for MS SQL and Oracle
Added a default logging.cfg file to EFT Server.
Plain HTML format can now be selected by appending ?html to the URL
Added Windows Authentication (Active Directory and local Windows accounts) to EFT Server’s administration authentication sub-system. Requires the High Security Module (HSM).
Added ability for EFT Server administrators to login via a desktop shortcut and Windows authentication without supplying credentials
Added ability to query the LDAP server to obtain a listing of all base DNs on the domain specified or the default domain.
Added ability to right-click a user account on the Server tab to open the user's VFS home folder on the VFS tab. You can also launch Windows Explorer from the VFS tree on the VFS tab.
Added ability to see virtual folders when using the FTP MLSD command.
Active Directory accounts can be used for EFT Server administrator accounts
Advanced Workflow module updated with many new actions
SSL certificate support for outbound transfers
Added ability for WTC users to control whether preemptive proxy BASIC authentication credentials are sent.
Added Microsoft Encrypting File System (EFS) to EFT Server basic edition. Requires the High Security Module (HSM).
Added requirement for EFT Server administrator credentials when attempting to delete a Site or Server object in the administration interface.
Added SSL certificate options for EFT Server's client offload/download FTPS and HTTPS event rule actions.
Added support for the PFX format in the EFT Server SSL Certification Manager
Added Windows Event Log entries if long running custom commands or AWE tasks are terminated due to a timeout
Added signature verification to event rule OpenPGP decryption
Added ability to install DMZ Gateway on Unix, Linux, and Solaris operating systems (in addition to Windows). Available on both 32-bit and 64-bit operating systems.
Added more functionality to DMZ Gateway's interface to accommodate multiple profiles and extended communication information.
Added ability to connect up to 15 EFT Server Sites simultaneously.
Added automatic propagation of IP address access policy changes to DMZ Gateway when the policy is modified in EFT Server, whether in the interface or by the auto-ban logic.
Added three new intervals to the Generate Report Action: Today, Yesterday, and Last 24 hours.
Added new EFT Server variables SERVER_PUBLIC_KEYRING_PATH and SERVER_PRIVATE_KEYRING_PATH to pass the location of the public and private key ring to the AWE module.
Added ability to send user-defined (custom) variables from EFT Server to the AWE module.
Added several new AWE actions in these categories: Internet, File, Network, Variable and Cryptography
Added more unique error descriptions
Added ability to configure ad hoc permissions in the web.config file.
Added ability to define the default permissions used for the temporary user's home folder in the web.config file.
Added ability for SAT users to create subfolders in their home folder.
Added a variable in the web.config file to add a specified time delay before sending the password email.
Enhancements
Enhanced Secure Ad Hoc module faster performance and new configuration options
Updated to version 0.9.8l the non-FIPS SSL libraries used by EFT Server for inbound and outbound SSL-based protocols.
Improved SSH key tool; when you rename an SSH key, EFT Server verifies that the name is unique and prompts you to change it if it is not unique.
Improved the remote administration interface installation process; the SFTPCOMInterface.dll and SSL.dll are automatically installed and registered.
Improved the folder monitor and event rule timers; EFT Server will "reset" only the affected (modified) folder monitor/timer when serializing to the configuration file, rather than all folder monitors and timers.
Improved text file auditing of Folder Monitor actions to aid Customer Support when assisting customers with Folder Monitors.
Centralized DMZ licensing to EFT Server to simplify DMZ installation and licensing.
DMZ and EFT Server have been hardened to withstand attack from several Denial of Service (DoS) attack tools
Improved and expanded DMZ Gateway logging.
Upgraded the SQL Server Express 2005 installer to SQL Server Express Edition, service pack 3.
The following methods, properties, parameters, and enumerators were added or modified:
Server Interface (ICIServer) methods: ConnectEx, RemoveServerAdminAccount
Single-Site Interface (ICISite) properties: AllowChangePassword, ForcePasswordResetOnInitialLogin
Client Settings Interface (ICIClientSettings) methods: GetForcePasswordResetOnInitialLogin, SetForcePasswordResetOnInitialLogin
Enumerators and Constants: LoginType, ServerModule, PredefinedReportPeriod, AdminAccountType enumeration, AdminLoginType enumeration
Improved the speed of SAT upload transactions and when SAT is configured for File Copy to EFT Server.
Updated tab sequences in various dialogs for Section 508 compliance.
Fixes
Consolidation of all bug fixes done in 6.1.x patches
Fixed Oracle ODBC Authentication Manager character case problems: user login checks are no longer case sensitive and SQL commands are case consistent.
Event Rule "if using WTC" condition now works properly in all scenarios.
Event Rule "On Server Startup" actions are now performed.
Email notifications are now sent for On Scheduled Timer events.
Access to the Web Services WSDL has been restored.
Fixed layout errors in some PCI Reports.
Fixed the SSH version number displayed in the Admin User Interface to reflect the update to SSH protocol version 4.
Fixed WTC to ensure user's AD credentials are used to access files and folders and not the EFT Server service credentials.
Fixed WTC so uploads are now as fast as downloads
Fixed a vulnerability to tampering in the messaging between the Admin GUI and the EFT Server
Fixed several instances where standard file deletion was being used instead of file sanitization
Fixed a timeout issue that would lead to a blank page being displayed by the plain text HTTP client during extremely large file uploads
Restored the ability to turn on detailed outbound client logging (controlled by registry key)
Version 6.1.10
March 1, 2010
EFT Server (standard) and EFT Enterprise
Enhancements
Improved network error handling and added retry logic to the Web Transfer Client (WTC)
Improved ability to distinguish between SQL connection and non-connection related errors
Improved Installer to ensure SQL stored procedures are upgraded
Improvements to WTC’s proxy authentication capabilities
Improved EFT Server compatibility with WebDrive
Improved CreateUserEx COM method performance
Improved folder deletion performance
Improved configuration file read/write performance
Enhanced WTC so that its help contents are linked to version specific online help pages
Enhanced Auditing and Reporting Module (ARM) reconnection logic by using additional SQL timeout error codes
Fixes
Corrected issue where EFT Server would attempt to send ARM status updates to Admin connections that was disconnecting
Corrected issue where WTC upload speeds wasn’t on par with download speeds
Corrected issue where Multi-site DMZ Gateway used the wrong interface when attempting to connect using PASV mode.
Corrected issue where Multisite DMZ used the wrong interface when performing outbound transfers
Corrected issue where WTC sessions would not retain and honor the user's Active Directory credentials
Corrected server crash in error handling in EFT Server’s authentication sub-system
Corrected issue triggered when ftp command socket was closed as data socket connected
Corrected issue on FTP connection when using NLST
Corrected issue where disabling an event in the "Event Rules" pane would cause the server to crash
Corrected cross site scripting vulnerability reported by QUALSGuard scanner when HTTP to HTTPS redirection was enabled
Corrected intermittent issue when deleting physical or virtual folders
Corrected discrepancy between the timezone used for the FS.FILE_CREATE and FS.FILE_CREATE_TIME event rule variables
Corrected COM script memory leak triggered by the processing of deleted or invalid folders
Corrected issue with %FILE.*% related Event Rule variables
Corrected issues interoperating with servers using SFTP protocol version 4 or greater
Corrected issue where internal SQL commands had inconsistent casing
Corrected issue where some login clients account dates were showing up as Dec 31, 1969
Corrected issue where upgrades could cause system service instability in rare instances
Corrected issue that prevented OpenPGP encryption from signing ASCII armored files
Corrected issue that made user names case sensitive when using Oracle as an authentication source
Corrected issue where UPN style logins didn't find their AD Profile home directory
Corrected issue where Event ACTIONS and GROUPS would trigger errors on SQL text file import
Corrected issue where virtual folders not pointing to the C:\ drive were not visible
Corrected issue during client authentication in SSL
Corrected issue where folder names did not display a '&' properly
Corrected minor GUI layout issue related to Advanced Workflow Engine (AWE) "Create Date" label
November 2009
Version 6.1
November 09, 2009
New Features
Added SSH.com or OpenSSH formatted keys selection to SFTP key creation wizard
Added Message Level Security (MLS) to the AS2 module
Added support for Folder Monitor Event Rule to operate across network shares/forests in Active Directory
Added Windows authentication in addition to SQL authentication for EFT Server ARM connections to SQL Server
Added extensive and configurable text file logging to aid Customer Support in identifying customer environment unique behaviors
Added support for user principal and common name formats for the AD/LDAP user Change Password function
Added ability to email user login credentials from EFT Server
Added Clear Command Channel (CCC) and Clear Data Channel for FTPS
Added ability to import and export Advanced Workflow tasks in the Administrator Interface
Added ability to configure Secure Ad Hoc Transfer (SAT) to prevent "spoofing" by forcing FROM address to match AD before sending the message
Added logging to SAT, which now logs the IP address of the sender to ARM and displays the address in new reports
Added verification of prerequisites in the SAT installer to verify IIS and .NET are installed and have the correct versions
Added IIS role setting to the SAT installer
Added support for installing EFT Server from a command line/with a batch file
Added ability to extend the initial 30-day trial
Added new methods and properties to the COM API and removed deprecated ones
Added support in the Web Transfer Client (WTC) to provide wider character support
Added support in the installer wizard to install EFT Server and DMZ Server in a cluster
Added support for Event Rule client transfers function through ISA and SQUID proxies
Added support for multi-part POST uploads for Event Rule client for compatibility with Tumbleweed Secure Transport Server
Added Advanced Workflow task names to Event Rule reports
Added support for Powershell to Event Rule commands
Added ability for the SFTP SSH_FXP_SETSTAT command to modify the file's accessed, modified, and created timestamps
Added upload and download speed for SFTP connections to the Server's Status tab
Added many additional stability, usability, and user interface improvements and fixes
Added ability to configure inbound only or outbound only AS2 partners (no longer need to configure both)
Provided new controls, notifications, and events regarding users that are locked out due to invalid login attempts
Enhancement
Improved Active Directory user authentication and synchronization to provide better support for foreign domain users and groups
Moved the AD/LDAP test connection from the Administrator Interface to the Server
Updated Move Action context variables %FS.PATH%, %FS.FILE_NAME%, and %FS.FOLDER_NAME% to match the new file location
Improved support for UNC paths to hold the resulting backup file for Event Rule Backup Action
Improved OpenPGP support of the ASCII-armored file format for data files
Improved installer wizard for the setup and upgrade of ARM and the associated SQL database
Upgraded WTC libraries to provide better proxy, cookie, and HTTP compatibility
Upgraded Plain Text Client (PTC) libraries to provide better performance when listing folders with thousands of files and folders
Removed (hid) Change Password button in the WTC when the user account does not have permission to change the password
Updated SFTP client to provide higher performance, compatibility, and FIPS-certified encryption
Included headers from transactions to the AS2 Transaction Detail report
Increased administrator password length from 20 to 99 characters
Increased Group and Settings Template name length to 255 characters
Fixes
Fixed WTC properly supports the Euro symbol in folder and file names
Fixed WTC supports configuration of retries for users transferring large file sets over networks with intermittent errors
Fixed WTC properly throttles bandwidth per the specified limits for both uploads and downloads
Fixed WTC transfer percentages are displayed and updated correctly for resumed transfers
Fixed WTC properly notifies user if a remote folder cannot be created because it already exists on the remote server
Fixed WTC displays a single error dialog if the connection to the remote server is lost while transferring multiple files
Fixed WTC and PTC users are returned to their previous page instead of an error page when selecting CANCEL during login
Fixed PTC properly sorts file listings based on the Modified Date and Size columns
Fixed SAT detects if IIS 7 is installed and extends the maxAllowedContentLength value in the IIS ApplicationHost.config file to 2 GB
Fixed SAT supports semicolon delimiter for multiple email send addresses
Fixed DMZ Single Site now accepts the queued EFT Server connection when the active connection ends
Fixed Turning off SSL FIPS reenables Auto Negotiate
Fixed SSL cert creation wizard ensures a valid ISO country code is selected
Fixed NTLM user authentication renamed to "Local System Accounts"
Fixed Copy/move Action now honors the retry counter instead of trying indefinitely
Fixed On Timer rule supports specifying *.* or *.ext to download files from a remote folder
Fixed Restore places the AUD file in the correct folder
Fixed PCI DSS report is available in the Generate Report selection dropdown
Fixed XCRC now works on files greater than 2GB
Fixed A value in the Description column is not necessary for ODBC user entriesq
Fixed OpenPGP will not create a separate signature file if "Output to target file" is selected
Fixed Removed the Advanced FTP settings that were not relevant to SFTP
Fixed Users reenabled in Active Directory will be reenabled in EFT Server
Fixed AWE and AS2 "not registered" Windows Event Log entries are now INFO instead of ERROR
September 2009
Version 6.0.17
September 03, 2009
New Features
Added the ability to transfer folders containing subfolders.
Enhancements
Improved several prompts and messages in the WTC
Updated the Help files and the copyright date to 2009
Improved various error messages.
Enhanced WTC to provide a <%=client_ip%> token replacement in htm files.
Fixes
Fixed SFTP protocol command validation
Fixed DMZ issue that occurred when two EFT Servers used same IP/port
Fixed WTC to notify user if local folder creation failed due to invalid characters
Set status to "INTEGRITY CHECK FAILURE" only for CRC failures. CRC check failure caused by reasons other than CRC value difference are assigned the "UNABLE TO VALIDATE INTEGRITY" state.
Fixed the occasional missing icon problem.
Changed client SFTP key generation to use ssh.com style keys by default.
Removed spaces from LDAP query strings so comparisons match properly.
Corrected a problem with binary to ASCII conversion over SFTP.
Fixed a crashing issue that could occur when user list was not in sync with authentication provider.
Made permissions checks when switching into a UNC directory consistent with that of switching into a local directory.
Fixed a crashing that occured when a PCI DSS report was generated on an LDAP site.
Fixed issue where files uploaded over HTTP using the PUT method were visibile while being transferred.
Fixed issue where webservices invocation failed because of random data being appended to parameters.
Fixed issue where server inactivity led to ADO errors being recorded to the system application log.
Fixed issue where AS2 would fail MDN verification.
Fixed issue where AS2 hot folder would fire early and send a 0 byte file.
Fixed hang that could occur when deleting a user while system quotas were enabled.
Fixed a crash that could happen when the system bans a user for disconnects.
Increased allowed length of administrator passwords.
Fixed issue that could lead to crash when using COM.
HTTP 401 page now redirects you to previous page in browser history.
Fixed hang that could occur when deleting a user while system quotas were enabled.
Fixed a crash that could happen when the system auto-bans a user.
Increased allowed length of administrator passwords.
Fixed issue that could lead to crash when using COM.
HTTP 401 page now redirects you to previous page in browser history.
COM ClientSettings Get/Set HTTPS/FTPS methods now work.
Version 5.2.21
September 03, 2009
New Features
Added registry entry that will allow wildcard transfers of local files to fail if no files. Are found (legacy behavior is all wildcard operations succeed even if no files are found)
Enhancements
Update to authentication manager to correctly pull domain name in certain instances where it previously failed.
Improved AD support for retrieving a user's domain.
Improved BlueCoat proxy support.
Fixes
Fixed SFTP protocol command validation
Fixed WTC FireFox issue that was introduced when new signing cert was used for jars
Merged 6.0/6.1 LDAP fix for base DN's that contain spaces
Fixed problem with random session expiration/timeouts over HTTP.
Automatic re-queue of file transfers when they fail.
Bug fixes to Web Transfer Client.
Fixed crash upon login caused by use of a special registry key.
Fixed issue with Web Transfer Client only reporting 10 licenses even if more were registered.
May 2009
Version 6.0.6
June 15, 2009
Enhancements
0KB files uploaded via SFTP now trigger events and are reported in logs.
LIST permission is no longer required for a WTC upload.
Plain text web transfers now correctly handle sending files with an octothorpe (#) in the file name.
Opening a Microsoft Office document via the HTML Listing and Upload form in Internet Explorer no longer triggers a reauthentication prompt.
AD accounts in WTC can no longer rename and delete virtual folders.
WTC now allows signing certificate to be accepted.
Version 6.0.4
May 20, 2009
Enhancements
Enhanced ARM performance under load
Enhanced the layout of the User Templates, Groups, and Custom Command dialogs to support longer names
Updated SAT installer to grant permission to EFT /adhoc folder for Vista and Win2K8
Updated SAT installer to properly list/select the IIS web sites
Fixes
Corrected SQL connection timeout handling to ensure ARM auditing of all transactions
Corrected SQL error handling to eliminate repeated email notifications
Corrected issue that occurred if APPEND was disabled and a WTC user attempted to resume a transfer
Corrected database error triggered by AS2 configuration Test button
March 2009
Version 5.2.15
March 18, 2009
Fixes
Fixed Java errors on the change password page
Fixed crash that occurred when there was a high number of user-to-group assignments
HTTPS clients without Java installed are now prompted to install it
Improved EFT Server stability by identifying and removing thread unsafe code
Fixed crash that occurred when logging in via SFTP and connection limit is already reached.
Fixed memory leak when uploading files via HTTP
Resolved issue wherein certain COM scripts would never time out
Resolved issue where custom command parameters would not appear in cmdout.log
Resolved issue where plain text client would not reload when a non-standard port was used
Fixed memory leak in the authentication managers
Fixed EFT Server hang issue caused by administrative users timing out
Fixed memory leak caused under certain circumstances by NLST command
Version 6.0.1
March 8, 2009
Enhancements
Enhanced WTC proxy support for JREs after 1.6.7
Enhanced EFT Server Enterprise installer to provide both the Single Site and Multi-Site DMZ Gateway sub-installers
Enhanced the logic used to complete the removal of a previous version of EFT Server or Secure FTP Server
Enhanced the SAT-related ARM reports to display multiple files if more than one file was sent per transaction
Enhanced the Administrator GUI to support User Setting Templates and Permission Groups with names greater than 20 characters (max of 255)
Enhanced EFT Server (core) with support for operation on 64 bit
Fixes
Corrected issue with WTC Active Directory change password
Corrected issue in plain-text HTTP that required DELETE permission to download files
Corrected issue caused when uploading a file to a folder with a path exceeding 255 characters
Corrected issue with WTC not showing download prompt with Firefox
Corrected issue caused when Web Services interface was disabled but Event Rule invocation was attempted
Corrected logos and formatting issues in SAT and AS2 ARM reports
Corrected issue related to generation of output in Custom Command log files
Corrected EFT Server crash that occurred for Copy/Move Event Rule Actions that did not have a leading “\\”
Replaced HTTP Java update link with HTTPS link to eliminate warnings about "insecure content
Version 6.0
March 02, 2009
Version 6.0 is when EFT Server was first introduced as two different products: "EFT Server Enterprise" and "EFT Server" (later named EFT Standard, EFT SMB, and then EFT Express)
New Features
Compatibility with x64 Windows including Server 2008
Oracle database support added for Auditing & Reporting
Backup and restore wizard for disaster recovery and migration between servers
New Server Administrator role: "Create User" - has ability to create users within designated templates
Optional Advanced Workflow Engine module - extends EFT Server event rules by over 200 additional actions, including send to mainframe, send SNMP traps, query SQL database, parse an XML or Excel file, and hundreds more
New wizards for the Download (Pull) and Copy/Move (Push) Event Rules
DMZ Gateway Enterprise - allows multiple EFT Servers to connect to the gateway.
FIPS certified SSL and SSH libraries as part of High Security Module (HSM).
Comprehensive auditing and reporting of all administrator changes made to the server (requires HSM)
Ability to modify the default messages sent upon account creation and password expiration reminders
Ability to switch between UTC/GMT and server local time for timestamps returned in directory listings
Complete backwards compatibility with Secure FTP Server 3 and EFT Server 5
Enhancements
Setup (installation program) can configure EFT Server’s auditing database on an existing SQL or Oracle server
Complete revamp of EFT Server’s Administrator Interface including dozens of small usability fixes
Support for designating EFT Server's configuration file path
New User setup wizard can now designate a home folder including variable names
Replaced MSDE with SQL Server Express for the bundled database
Updated PCI compliance to match the latest PCI DSS 1.2 specification (requires High Security Module)
Ability to create Custom Commands "on the fly" from within Event Rules
Various visual and usability improvements to the Event Rule builder
Send E-mail Event Rule action now allows multiple "To:" values
Send E-mail Event Rule action now includes an Address Browser to search and insert addresses with ease
Replaced OpenPGP library - provides many more options, including signing options, cipher/hash options, self-decryption archive creation, compression levels, and debug logging
Updated SFTP library - provides import/creation of OpenSSH keys and public key select/export
Ban IP address on invalid account now counts invalid login attempts when a non-existing username is provided.
Plain HTTP interface has been updated and exposed so that it can be completely customized
Web Transfer Client (WTC) interface updated and various minor bugs fixed
Dozens of minor usability and bug fixes in AS2
Password reset and complexity are now part of the core feature set
Fixes
Various defects of varying level of severity
November 2008
Version 5.2.12
November 05, 2008
New Features
Added registry setting that allows OS-selected IP address assignment for outbound client connections (pre-5.2.11 behavior).
Added expiring session cookie for WTC on Chrome browser for logout (fixes the repeated logon issue in Chrome).
Enhancements
Changed PCI report files location to PCI subfolder rather than Reports subfolder.
Provided option (via registry key) to redirect cl*.log output to the Windows Event Log.
EFT Server outbound client now uses site IP address instead of defaulting to OS-selected IP address.
OpenPGP keyrings can now be in a location other than the EFT Server installation folder.
OpenPGP updated to support selection of hashing algorithm.
Fixes
Corrected an issue with WTC logout on Firefox.
Internet Explorer Enhanced Security Window no longer interferes with the Administrator interface.
The Event Rule MailAction::FROM parameter is now exposed so that it can be overridden with an event rule specific value. If the FROM email address is not overridden in the rule, the Server level default value is used for the FROM address.
(SAT) Fixed problem with send upload notification not functioning due to URL format supplied in user description field.
(SAT) Increased logging in send upload notification script.
(SAT) Fixed problem with uploading popup opacity and animated gif not moving in IE7.
(SAT) Fixed problem with “From” cookie storing more than one email address.
(SAT) Updated COM for compatibility with EFT 5.2.12.
September 2008
Version 5.2.6
September 10, 2008
New Enhancements
Added option to log protocol events to the Windows Event Log (activated via registry setting).
Added option to pass client IP address to LDAP server during user authentication (activated via registry setting).
(SAT) Added "one-click authentication"; a hyperlink can be included in the notification e-mail to automatically log the recipient in to the Web Transfer Client.
(SAT) Added configurable notification e-mail options: send one email with one-click authentication, send separate e-mails with username and password to recipient or sender, send username and password in the same e-mail as the link, or send username to recipient and password to sender.
(SAT) Upload notification process now sends one e-mail per transaction instead of one e-mail per file.
(SAT) Added "Smart Email" functionality to pull e-mail address from EFT Server. SAT completes the e-mail address based on first and last name if the user's full name and email fields are populated in EFT Server.
(SAT) Added the ability to show or hide the CC and BCC fields.
(SAT) Added the ability to remove the e-mail logo.
(SAT) Added the ability to add as many files as needed in one send.
(SAT) Added the ability to black list and white list destination domains in the To/Cc/Bcc fields.
(SAT) Added the ability to configure accounts to not expire.
(SAT) Added Virtual Folder support in EFT Server for user settings.
(SAT) Added the ability to use EFT Server's Local File Copy protocol when the User Settings Level is in a remote share.
(SAT) Added the ability to check for and warn on common configuration errors when the application is started.
Enhancements
(SAT) Redesigned the sendmail form with a new layout, more interactivity, and more configurable options.
Fixes
Corrected EFT Server service crash caused by NMAP scan of HTTP and HTTPS listener ports.
Corrected Web Transfer Client issue with Google Chrome beta. (Google Chrome requires Java SE 6 Update 10 RC or later.)
(SAT) Fixed the problem pre-populating the From e-mail address. Subsequent e-mail messages contain the previous From e-mail address. The From address is stored in a cookie for one day after a successful e-mail has been sent.
(SAT) Fixed the problem where concurrent users generates errors.
(SAT) Fixed the problem where spaces in e-mail address list causes error
August 2008
Version 5.2.5
August 26, 2008
New Features
Added GetPhysicalPath (string VirtualPath) function to COM interface.
Added SSL close_notifiy message to ensure support for FileZilla client.
Added ability to change Active Directory password in Web Transfer Client.
Added ability to change expired Active Directory passwords in Web Transfer Client.
Added email notifications for Active Directory and LDAP passwords that are about to expire.
Enhancements
Updated Site Setup Wizard to correctly require SSL certificate passphrase.
Updated Web Transfer Client to be compatible with Firefox 3.0 for Windows and Safari 3.1.1 for OS X.
Improved HTTP POST memory and CPU efficiency and speed.
Fixed
Fixed PGP private key issue with whitespace in passphrases.
Fixed COM method GetUserSettings to be case insensitive.
Resolved ARM connection handling error to MSSQL2005.
Resolved issue where transfer status was not properly displayed in Web Transfer Client.
Version 5.1.34
August 12, 2008
New Features
Added support for NTLM authentication for browser/SAT module connections.
Enhancements
Improved Web Transfer Client proxy connection handling.
Improved Web Transfer Client logout.
Enhanced Web Transfer Client date format options.
Enhanced Web Transfer Client to remember EFT login to reduce login popups when connecting through proxy.
Updated Oracle version of default ARM reports to match SQL.
Fixes
Corrected auditlogger SQL formatting issue when writing to disk file while disconnected from DB (MS SQL or Oracle).
Corrected idle admin port timeout issue.
Corrected Site Creation wizard error when specifying ports for additional network adaptors.
Corrected issue when failed LDAP query would disassociate users from groups.
July 2008
Version 5.2.4
July 22, 2008
Enhancement
Improved refresh rate for AS2 Test GUI
Improved AS2 configuration usability
Version 5.2.3
July 18, 2008
New Features
Added Drummond-Certified AS2 support in compliance with RFC4130
Added support for Web Services invocation of Event Rules
Made SAT compatible with EFT Server 5.2
Enhancements
Enhanced AS2 to include Multiple Attachment support
Enhanced AS2 to comply with the AS2 Reliability specification
Enhanced PGP architecture by upgrading the core PGP libraries
Enhanced the PGP encrypt Event Rule action to automatically ignore files with *.pgp or *.gpg extensions for encrypt operations
Enhanced the PGP decrypt Event Rule action to process files with *.pgp or *.gpg extensions exclusively
Fixes
Corrected issue where loss of LDAP connectivity would disassociate users from groups.
May 2008
Version 5.1.30
May 06, 2008
New Features
Added support for certificate based SSL authentication for Offload and Copy/Move event rule actions – requires registry entries to enable
Added new replacement variables for the FTP login banner (%DATE% and %TIME%)
Added a new context variable (%FS.REPORT_FILENAME%) for report generation, which is just the filename of the report, not the full path, for convenience in copy/move event rule actions
Added field to database to capture login name of users connected to the server's administrator port
Added optional registry setting that improves the internal save process for the server's configuration data - only affects very large configuration files (such as those with hundreds of event rules)
Added support of auditing to an Oracle database – requires a registry entry to enable
Enhancements
Expanded LDAP connection string to support up to 512 characters
Increased the default timeout values for COM
Reduced timeout values for administrator login
Fixed
Corrected a crash that occurred when specifying a non-existent group
Corrected the Send Report event rule action so that only the report output chosen is generated
Corrected a crash that occurred when calling the AddIPAccessRule() method via COM
Corrected problem in which legacy configuration files were designated incorrectly as corrupted
Corrected a problem with Web Transfer Client filter results linking to other folders
Corrected FTP result codes for non-wildcard list command per RFC959 specifications
Corrected multiple GUI and service runtime crash conditions
Corrected an issue in which no error was being reported when the connection was lost while writing to a network resource
Corrected a crash that occurred occasionally at service shut down
Corrected problem with inheritance and resulting folder permissions
Corrected various memory and handle leaks
Performed various stability related improvements to the monitor folder event rule
(SAT) Corrected a problem with accented or special characters not being processed properly in SAT generated e-mails.
(SAT) Corrected a problem where concurrent use may cause SAT to become unresponsive.
(SAT) Corrected a problem with SAT not timing out properly once it has completed a send transaction.
(SAT) Removed an error message that would display when a port value was not supplied even though no protocol was defined.
February 2008
Version 5.1.6
February 28, 2008
New Features
Added SOCKS outbound proxy support (available in Copy/Move Action dialog)
Added registry value that can be used to override default AD Auth Manager behavior of creating home folders that are virtual paths to the AD users home folder value
Added support for "X-ORIGINAL-PROTOCOL" header over HTTP/S to facilitate terminating SSL connections in front of the EFT Server or DMZ Gateway
Enhancements
Enhanced Copy/Move Event Rule to allow the use of context variables as a first entry in the destination path
Allowed system to disable users after multiple invalid login attempts even when PCI DSS HS Module is expired
Fixes
Corrected two memory leaks (folder monitor health check, and when offloading files)
Corrected problem where rules can't be deleted when no actions are defined
Corrected Administrator Interface crash when applying changes to rules under certain conditions
Corrected problem where offload event using SFTP protocol sometimes fails
Corrected rare crash that may occur when multiple administrators are configuring the server simultaneously
Corrected problem where an LDAP site with thousands of groups would hang upon opening the site
Corrected problem where the Timer/Scheduler would not fire under rare conditions
Corrected problem with terminating a rule prematurely if changes are made to that rule while the rule is executing
Corrected problem with apostrophe in filenames not working properly in Web Transfer Client
Corrected problem with Filter button/command not working in Web Transfer Client on rare occasions
Corrected problem with sibling files and folders being transferred (not just selected folder) in Web Transfer Client
(SAT) Moved to ASP.NET technology to overcome file size limits when uploading very large attachments. Now the web page supports file uploads up to 2GB in size.
(SAT) Corrected "Input string was not in a correct format" error.
(SAT) Corrected problem with creating extra folders on the EFT Server file system.
(SAT) Corrected administrator password encoder/decoder problem that resulted in failed connections between SAT and EFT Server.
(SAT) Corrected IIS copy vs. local copy problem where extra '/' would cause an error when trying to copy files between SAT and EFT Server.
(SAT) Corrected a problem where an EFT Server site name in URL format would cause connection problems between SAT and EFT Server.
December 2007
Version 5.1.1
December 19, 2007
New Features
Added the ability to create PCI DSS Sites for all supported authentication types
Added new wizard page to optionally enable Data Sanitization when creating a new site
Added a compliance check for data sanitization per PCI DSS 9.10.2
Added a compliance check for NOOP command and site-to-site transfers per PCI DSS 2.2.3
Added a compliance check for SSL clear command and data channels per PCI DSS 4.1
Added a compliance check for more than one admin with full control over EFT Server per PCI DSS 7.1
Added a compliance check for any expired certificates or keys per PCI DSS 3.6.4.9
Added support for AES-256 cipher (SFTP)
Added SSL certificate chaining to mitigate the problem of expired intermediate keys
Added new COM methods for client account lockout and IP access controls (see help file for details)
Added a new Web Transfer Client "signing" security mechanism to mitigate risk of rouge servers deploying malicious web transfer clients
Added a progress bar and animated graphic to communicate transfer progress in the Web Transfer Client
Added true "logout" for Web Transfer Client (previously you had to close the browser to kill the session)
Added ability to hide files marked with a "hidden" attribute on the local file system (Web Transfer Client)
Added new client (user) context variables including last login time, password expiration date/time, reset password at first login, account expiration date, and whether account is active or not. See help file for details
Added functionality to check for improper PGP passphrases when a new encrypt/decrypt rule is created
Added an error message to the Windows application event log when SSL fails to initialize
Enhancements
Enhanced the sorting algorithms used for users, groups, commands, event rules, etc.
Enhanced EFT Server GUI icons with high-color and XP-color definition
Enhanced usability by setting default values and by improving text throughout the UI
Enhanced PCI DSS reporting to create HTML format reports if a PDF reader not available
Enhanced checksum calculations (incremental CRC32 for improved throughput on transfer verification) for Web Transfer Client
Enhanced Auditing and Reporting module (ARM) database connectivity logic (connection pooling) to provide superior performance when under heavy loads
Increased character limit for the AD user description field from 100 to a limit of 1024 characters
Fixes
Corrected instability issues that caused crashes or hangs under rare situations, due to deadlocks and/or race conditions
Corrected directory listing problems on Mac OS (Web Transfer Client)
Corrected drag and drop within remote pane intermittently failing (Web Transfer Client)
Corrected various instability issues that could cause crashes in the Web Transfer Client
Corrected a potential security vulnerability where a user could change into a directory that they had no permissions to (affects SFTP only)
Corrected issue with Apply button not being disabled once an Event Rule is deleted
Corrected inconsistency with how accounts were shown as enabled/disabled when using AD authentication
Corrected LDAP user authentication issue where an extra comma was being supplied in the bind string
Corrected incompatibility issue with Windows 2000 where EFT would fail to start (EFT 5.1 and above)
Corrected error when calling COM method AddUserToPermissionGroup() under LDAP sites
Corrected problem where new SSH keys were not displaying in the SFTP public key select window
Corrected problem where SFTP login failed Event Rule would trigger twice (or multiple times) rather than just once upon login failure
Corrected problem where newly created SSH keys were not appearing in the SFTP key manager key selection list
Corrected problem where Timer Event Rule triggers where sometimes skipped
Corrected problem where renaming a folder in the VFS or by a connected client no longer causes permissions on all subfolders to reset their permissions to "inherit"
Corrected problem where users would disappear from a group if they were moved to a different User Settings Level template
Corrected problem where users disappeared from a group after being moved from a different group upon site restart (using LDAP authentication)
Corrected problem where the file copy/move Event Rule action would trigger a failure even when the file was moved successfully
Corrected problem where EFT would generate temporary files in the install directory for no apparent reason (.041 extension)
Corrected problem where downloads using wildcards were failing to use the DMZ Gateway as a proxy server (when set to do so)
Corrected problem where allowed/denied IPs weren’t applied until site restart
Corrected problem where an incompletely defined download rule could be saved, possibly corrupting EFT’s configuration file
Corrected problem where reconnecting to the auditing database would result in a near-instant disconnection
Corrected problem where DMZ gateway did not retain its "Client IP" settings on restart (requires update to DMZ Gateway server)
Corrected problem with files re-uploading when Refresh is selected (Web Transfer Client)
Corrected problem with not being able to rename files in Safari over HTTP protocol (Web Transfer Client)
Corrected problem with resume download not working (sometimes resume button not appearing at all, other times it would appear but resume would fail)
Corrected problem with transfer resume under SFTP protocol with some SFTP clients
Corrected problem with large (2 GB+) files over SFTP to certain servers, such as ProAtria SFTP Plus
Corrected problem with not being able to add a user/group to virtual folders or subfolders until Refresh button was clicked
Corrected problem with user account impersonation: files could be renamed over some protocols but not others even when rename permission was provided
Corrected problem with admin console session being lost when testing event rules
Corrected problem with wild cards in a download action not downloading files that matched the mask
Corrected problem with not being able to change the Site Root folder (it would revert back to the previous root folder upon restart)
Corrected problem with the Event Rule Offload action not using the DMZ Gateway Server as an outbound proxy (when set to do so)
Corrected problem with server response code returning 250 instead of expected 230 for successful logins
Corrected problem with %Event Reason% parameter tag always showing "Action Completed Successfully" rather than the appropriate failure reason
Corrected problem with auditing of large (over 2 gig) transfer sizes to the Auditing and Reporting database (SFTP transfers only were affected)
Corrected problem with zero or negative values being stored in identity field in the ARM database after auditing entered failure state.
Corrected problem with the ARM Component One Report Editor help file not displaying
Corrected problem with COM method CreateComplexPassword() not handling VBScript reference parameters
Corrected problem with EFT’s COM functionality not working in 5.1 when called from VB apps. Error received was MX Error 52 (00000034)
(SAT) Corrected SFTPComInterface.dll for EFT 5.1 compatibility.
(SAT) Updated temporary user account creation to use complex passwords according to EFT Server's password security settings.
November 2007
Version 5.1
November 14, 2007
New Features
Added optional high security module to monitor and alert Payment Card Industry Data Security Standard (PCI DSS) violations:
Default password, banner message, or port values in use (PCI DSS 2.1)
Unsecure protocols in use (PCI DSS 2.2.2)
Password length, expiration and complexity violations (PCI DSS 8.5.10,11)
Disk quota not set (PCI DSS 3.1)
Administrator IP address filter not set (PCI DSS 1.3.1, 1.4.1)
Secure remote administration not set (PCI DSS 2.3)
DMZ Gateway not set (PCI DSS 1.3.4)
DoS and flood settings too low (PCI DSS 6.5.9)
Encrypting File System (EFS) in use (PCI DSS 3.4.1)
Check if passwords are being reused for any account (PCI DSS 8.5.12)
Added daily automatic or manually generated report on current PCI DSS compliance status, including all violations, justifications, and compensating controls (PCI DSS 10.6)
Added optional high security module to enforce compliance with Payment Card Industry Data Security Standard (PCI DSS)
Disabling of anonymous account types (PCI DSS 8.5.8)
Disabling of weak SSL versions and ciphers (PCI DSS 4.1)
Disabling of weak keys (PCI DSS 3.6.1)
Disabling ability to reuse prior passwords (PCI DSS 8.5.12)
Added new high security features as part of PCI DSS HS module
Data wiping (sanitization) (PCI DSS 9.10.2)
Removal of old data automatically (PCI DSS 3.1)
Removal of or disabling of inactive accounts (PCI DSS 8.5.5)
Redirecting HTTP to HTTPS port; previously could only be configured in the registry, is now available in EFT Administrator (PCI DSS 2.2)
Forced expiration of user account passwords (PCI DSS 8.5.9)
Forced password reset on initial login (PCI DSS 8.5.3)
Temporarily lockout users if incorrect login attempts limit is exceeded over a specified time (PCI DSS 8.15.13,14 )
Automatically disconnect users after a specified time of inactivity. (PCI DSS 8.5.15)
Audit server configuration changes to database (PCI DSS 10.2.2)
Audit initialization of auditing & reporting system (PCI DSS 10.2.6)
Added SSL certificate-based authentication (in addition to certificate + password)
Added IP filter masking feature at account (user) level
Added support for importing and authentication of multiple SFTP keys stored in a single key file, association of one or more keys to a user account, and assignment of the same key (or keys) to more than one user account
Enhancements
Enhanced the Server, Site, New User, and New Connection wizards
Enhanced one-way encryption applied to all passwords stored in EFT Server’s configuration
July 2007
Version 5.0.1
July 27, 2007
New Features
Added SHA256 based password hashing to stored passwords
Added "%SERVER.NODE_NAME%" to Server Context Variables and Condition builder
Added Event Rule Builder tree line thickening and colorization
Added missing keyboard accelerator under Security tab
Added prompt when password-only administrators queue up multiple actions before applying changes
Added ability to sort by users in Password Management admin GUI
Enhancements
Enhanced Admin connection SSL failure handling
Enhanced Local file system copy/move actions are now logged to the CL log file
Fixes
Corrected issue where auto-assigned home folders failed when specifying an AD group
Corrected issue with renaming a group name
Corrected issue where site administrators could not manage PGP keys
Corrected issue with offloading files through SFTP protocol
Corrected issue where users received GlobalSCAPE EFT Server Administrator crash report after reboot
Corrected issue where users were not able to offload to TitanFTP using SFTP protocol
Corrected issue where Connect to TE button was not available after clicking disconnect from TE
Corrected issue with bandwidth throttle causing FTP upload problems
Corrected problem with the configuration file being read when NT/AD domains were unavailable
Corrected Web nag Issue with DMZ Gateway
Corrected issue where Timer events would execute more often than expected
Corrected duplicate keyboard accelerator for New User Account Setup wizard
Corrected issue where retry logic for SFTP offload reported incorrectly after success
Corrected issue where the server incorrectly returned "Delete selected admin account" prompt
Corrected issue where NTLM/AD full permissions were required to delete or rename
Corrected issue where VFS tab displayed two EFT local servers incorrectly
Corrected issue where "If protocol does equal FTP over TLS" condition could fail
Corrected problem with "Download file from host" condition incorrectly displaying "Source" and "Destination" fields
Corrected issue under Server-Administration tab where focus incorrectly switched after GUI refresh
Corrected issue where Server administrators could delete themselves if logged in with a name that differs from original only in case
Corrected issue where Settings Level admin could remove/rename inaccessible folders in VFS
Corrected issue where Server level sub-administrators could alter their own delegations
Corrected issue where sub administrators could not rename themselves properly
Corrected problem with Admin management confirmation dialog
Corrected issue where validation was not handled properly while deleting super-admin account in EFT
Corrected issue where Site Rename option did not function properly
Corrected issue where "Apply your changes or refresh settings" dialog box appeared twice
Corrected issue where User Login Failed event rule did not run when using SFTP with an invalid account
Corrected issue with ARM losing connection to the SQL database
Corrected issue where EFT did not detect changes to the users home folder in AD
(SAT) Corrected problem where registered module may report that it has run out of transactions.
(SAT) Updated help file instructions for setting up automated maintenance in EFT 5
(SAT) Added e-mail send failure handling: When an e-mail fails to send, the e-mail will be saved to a temp folder (in the SAT install folder) so that the admin can deal with it later.
(SAT) Improved e-mail address validation in sendmail.asp by ignoring whitespace.
(SAT) Modified debug logging levels (set in global.asa): 0 = off, 1 = basic logging, 2 = verbose
(SAT) Corrected problem with installing on an IIS 6.x server with non-sequential web site numbers.
(SAT) Corrected problem of upload notifications including an extra "/" in the URL.
(SAT) Improved file receive message and file download message templates. (e-mail text)
June 2007
Version 5.0.0
June 27, 2007
New Features
Added complex event rule creation supporting multiple actions, simple or compound conditions, else statements and nested logic
Added ability to clone an existing Event Rule
Added multiple settings to the offload/download Event Rule action (connection limit, use proxy, retry, - see help file for complete list)
Added ability to conduct EFT Server offload/download initiated events through the DMZ Gateway
Added auto-heal, polling, and failure notification feature to the Folder Monitor Event Rule trigger
Added a new Folder Clean-up Action to remove old files
Added many more date/time options to the Timer/Scheduler Event Rule trigger
Added new file events, event types, and conditions to the Event Rule system (see help file for details)
Added User customizable SFTP Banner Message
Added SSL cipher selection list and manual specify cipher option
Added HTTP to HTTPS redirection (enabled from registry – see help file)
Added option to choose from one or more SSL versions
Added Password Complexity feature with granular options including min. length, must contain N number of digits, chars, special chars, not in a dictionary forward or backwards, contains username, or has N repeating characters.
Added multiple levels of Delegated Administration including server admin, site admin, settings level admin, and help desk (change password) admin options. Concurrent administration also supported
Added alpha sort to Administrative GUI interface
Added type-ahead functionality to Administrative GUI interface
Added custom user fields to Administrative GUI and COM
Added new LDAP advanced settings – page size, referral chasing, LDAP version choice, timeout, search scope, use server page control, and select attributes
Added LDAP and Active Directory Test Query function for authentication troubleshooting
Added 8bitmime support to SMTP
Initial release of the Secure Ad Hoc Transfer module for EFT
Enhancements
Improved Event Rule sorting, displaying, comments, selecting, and tooltips
Improved Web Transfer Client functionality – folder transfers, logout, change password, and UTF-8 encoding support
Expanded COM API to include more methods and properties (see help file for complete list)
Fixes
Corrected issue IBM z/OS 1.7 using SSL explicit connections
Corrected issue with setup wizard “create home folder” checkbox not taking precedence over default settings
Corrected issue with OnTimer events not triggering as scheduled
Corrected issue where EFT field character limits were shorter than Active Directory limits
Corrected issue where DMZ required a manual restart on IP Access table changes
Corrected issue where DMZ internal communications were not always over EFT Servers Home IP
Corrected issue with certain SFTP clients where file resume did not always work
Removed prompt from VFS when deleting last selected item under Server tab
Corrected timeout issue with specific On Service Start/Stop event rules
Corrected issue where site administrators received operation errors under specific configurations
Corrected problem with ampersand character flagging an email address as invalid
Corrected issue with Timer Rule events improperly handling files with no extension
Corrected issue where the server engine was not properly handling daylight savings time
Corrected problem with Active Directory authentication when pulling from Universal Groups that contain empty global groups
Corrected DMZ issue with irregular PORT reply in multiple IP environments
Corrected hanging issue in SMTP code
Corrected issue where specific changes to the ACL returned a 530 error to the user
Corrected issue where login failure email notifications did not occur under specific conditions
Corrected improper quota handling under HTTP/S protocols
Corrected File Integrity Check issue with Web Transfer Client and large files over HTTPS
April 2007
Version 4.3.4
April 16, 2007
Fixes
Corrected Daylight Savings Time (DST) problem in recurring Timer Events where the server overcompensated for DST changes
Corrected issue with Event Rule's "Download" action causing files to be downloaded as folders when the file lacked an extension
Corrected problem with the EFT Web Transfer Client (WTC) hosted under the latest version of the Java (1.6) Runtime Environment
Corrected a minor security vulnerability (denial of service) when negotiating the data channel for PASSIVE mode transfers in the FTP protocol through the GlobalSCAPE DMZ Gateway product
January 2007
Version 4.3.3
January 30, 2007
New Features
Added error handling for Event Rule SFTP downloads using Public Key Authentication
Added AES-128 option for SFTP connections
Added permissions checking logic to basic HTML interface for Active Directory authentication
Enhancements
Modified MLST command for RFC compliance
Fixes
Corrected problem with user level permissions using Active Directory authentication
Corrected issue with home folder quota calculation over HTTPS connections
Corrected issue with On Timer event logic and daylight savings time
Corrected issue where HTTP engine reported incorrect port to logging
Fixed response parsing for SSH_FX_STAT command
Fixed refresh issue with the SSL Certificate Manager interface
Corrected issue with ARM registration messages
Corrected problem with DMZ Gateway alternating between connected and disconnected states
Corrected problem with reports not generating when clicking on another report while generating an existing one
Fixed crash caused by logging in with wrong admin password
Fixed crash caused by internal integrity checks when external software modifies the server executable
Corrected problem with event rule "stop processing" action not being respected
November 2006
Version 4.3.2
November 07, 2006
New Features
Added auditing module fail-over logic and notification handling
Added support for Active Directory Universal Groups
Added double-click functionality to launch reports
Added a mechanism to stop in-progress reports from loading
Added logic to distinguish between a user-disabled vs. system disabled folder monitor due to a severed UNC resource connection
Added ability for LDAP accounts to authenticate against the LDAP server on demand
Added checks to gracefully decline encryption and decryption of files larger than 2GB
Fixes
Corrected issue where renaming reports could cause the reports to stop working
Removed internal overhead from Operational Failures report
Corrected issue where HTTP/S passwords were not being audited
Corrected Installer so that it won’t proceed without providing an ARM database password
Corrected Installer so that MSDE installation size is reported correctly
Corrected problem where trial serial numbers were not remembered under certain conditions
Corrected truncation problem with renaming files on OpenSSH servers
Corrected problem with performing MLST/MSLD listings on files larger than 2GB
Corrected problem with Web Transfer Client CRC checking of large files transmitted over HTTP/S
Corrected problem where the server would return errors over SFTP when a resume transfer was attempted
August 2006
Version 4.3.0
August 01, 2006
New Features
Added Auditing and Report Module (ARM)
Added support for wildcards "*" and "?" for physical FTP directly listings
Added ability to define proxy settings (via the registry) for Copy/Move (outbound) and download (inbound) Event Rule actions
Enhancements
Improved communications between EFT Server Admin console and the server engine
June 2006
Version 4.2.0
June 27, 2006
New Features
Added the ability to delete the source file after a successful download operation as part of the event rule download action
Enhancements
Optimized EFT Server’s handling of configuration data to support many thousands of event rules
Optimized IP Access list so that IPs are shown in sequential order
Optimized HTML listing to support RFC 1738 guidelines for "special" characters (sec. 2.2)
Optimized quota checker to automatically refresh used disk space value
Fixes
Corrected problem with e-mail notification action message formatting
Corrected problem with stability when transferring huge amounts of data over SFTP protocol via the DMZ Gateway to EFT Server
Corrected problem where authentication via LDAP failed if base DN was not pointing to an OU just below the O
Corrected %FS.VIRTUAL_PATH% context variable for SFTP transactions to be consistent with values shown when other protocols are used
Corrected problem where offload return codes showed as "failed" even if the transfer was successful
Corrected problem where offloading a large file would lockup inbound connections to the server
Corrected problem with OpenPGP key importing that would cause the keyring to become corrupted
Corrected problem with folder monitor event where if a change was made to the event it would not process the change until the server was restarted
Corrected problem with timer event rule sometimes failing to execute
Corrected problem with folder monitor event rule sometimes failing to trigger when files were added to the folder using FTP
Version 4.1.1
June 02, 2006
Fixes
Corrected problem with configuration file message size limits that would prevent the addition of event rules once a large amount of rules were present
Corrected problem with the email action editor dialog to avoid improper CR/LF handling and incorrect display
May 2006
Version 4.1
May 24, 2006
Enhancements
Enhanced the Monitor Folder rule sub-system so that multiple folder monitor rules could execute actions concurrently
Enhanced COM Admin Interface by adding methods for GetAppletEnabled and SetAppletEnabled under ICIClientSettings Interface
Enhanced the "Append" permission in the VFS to apply to all protocols, not just the "APPE" command in FTP
Enhanced the product's Event Rule command error logging to output failed command parameters to CMDOUT.LOG
Enhanced logging to hide passwords for failed logins, rather than show incorrect passwords in plain text
Enhanced Web Transfer Client performance through various internal optimizations
Enhanced FTP Protocol to support a new command "XNOP" to avoid command channel timeouts during long transfers. XNOP is returned as part of the FEAT response so that clients can that support XNOP can take advantage of this command.
Fixes
Corrected SMTP engine to be compliant with RFC 2821 (Simple Mail Transfer Protocol) for end-of-line character sequences
Corrected issue where adding a slash "/" to the path value in the copy/move action would prevent copy/move from offloading data
Corrected loss of NT/AD user settings after service restart where the network was unavailable
Corrected a problem where the port conflict message would appear inappropriately
Corrected Web Transfer Client performance issue when attempting to open a folder containing thousands of files
Corrected problem where addition of new event rules would fail when the size of the event rule configuration grew beyond 32KB
Corrected fault when the event rules list was altered while multiple uploads were occurring that caused event rules to fire
Corrected problem with the "Require certificates from connected clients" feature incorrectly applying to more than one site
Corrected authentication problem with users connecting via SFTP using AD with password-based authentication
Corrected problem with File Upload Failed notification action not being triggered
Corrected problem with Event Rule parameter %FS.FILE_NAME% not being populated when a file was removed from monitored folder
Corrected listing issue with NLST (ls) being unable to produce a directory listing when connecting via PORT mode over the DMZ Gateway
Corrected problem with Event Rules triggering a command that failed causing other Event Rules to stop working
Corrected issue with Event Rules "If Failed" action being executed even when it was unchecked after having been previously checked
Corrected problem with "Monitor Folder" Event Rule that caused EFT Server to stop processing more rules after a period of time
Corrected issue with resumed uploads of 0 bytes causing an "On Upload" even to fire
Corrected problem with VFS when usernames with an underscore caused groups with similar names not to appear in the VFS user list
Corrected internal thread synchronization problem that sporadically caused EFT Server’s service to stop and EASServer.exe to go into a non-responding mode
Corrected problem where NT Auth users were not able to login using logon name i.e (Domain\Username) over sftp protocol on the first attempt
Corrected crash when EFT Server was behind an Alteon switch
Corrected problem where, under certain upgrade paths, all OpenPGP keys created in the prior build displayed a key size of 1024 (affected only the display of this value)
Corrected issue with users being duplicated after successful connection with different login credentials such as('Domain\Username') for the same user
Corrected HTTP such that the realm value shown to connecting HTTP clients when authenticating does not show the internal address
Corrected EFT Server service crash when connecting to AD/NTLM site with an invalid username
Corrected a problem where the home folder setting at the user's settings level was not always being used to set the home folder for a new user
Corrected problem with SFTP Public Key Authentication (PKA) for the Download action of Event Rules that prevented connection to remote SFTP servers
Corrected a display issue in the DMZ Gateway where it was showing a negative number of active connections
Corrected problem where users were unable to connect to EFT Server using .NET 2.0 Framework FTP object
February 2006
Version 4.0.11
February 16, 2006
Enhancements
Enhanced the Monitor Folder rule sub-system so that multiple folder monitor rules could execute actions concurrently.
Enhanced COM Admin Interface by adding methods for GetAppletEnabled and SetAppletEnabled under ICIClientSettings Interface.
Enhanced the "Append" permission in the VFS to apply to all protocols, not just the "APPE" command in FTP.
Enhanced the product's Event Rule command error logging to output failed command parameters to CMDOUT.LOG.
Enhanced logging to hide passwords for failed logins, rather than show incorrect passwords in plain text.
Enhanced Web Transfer Client performance through various internal optimizations.
Enhanced FTP Protocol to support a new command "XNOP" to avoid command channel timeouts during long transfers. XNOP is returned as part of the FEAT response so that clients can that support XNOP can take advantage of this command.
Fixes
Corrected SMTP engine to be compliant with RFC 2821 (Simple Mail Transfer Protocol) for end-of-line character sequences.
Corrected issue where adding a slash "/" to the path value in the copy/move action would prevent copy/move from offloading data.
Corrected loss of NT/AD user settings after service restart where the network was unavailable
Corrected a problem where the port conflict message would appear inappropriately
Corrected Web Transfer Client performance issue when attempting to open a folder containing thousands of files.
Corrected problem where addition of new event rules would fail when the size of the event rule configuration grew beyond 32KB.
Corrected fault when the event rules list was altered while multiple uploads were occurring that caused event rules to fire.
Corrected problem with the "Require certificates from connected clients" feature incorrectly applying to more than one site.
Corrected authentication problem with users connecting via SFTP using AD with password-based authentication.
Corrected problem with File Upload Failed notification action not being triggered.
Corrected problem with Event Rule parameter %FS.FILE_NAME% not being populated when a file was removed from monitored folder.
Corrected listing issue with NLST (ls) being unable to produce a directory listing when connecting via PORT mode over the DMZ Gateway.
Corrected problem with Event Rules triggering a command that failed causing other Event Rules to stop working.
Corrected issue with Event Rules "If Failed" action being executed even when it was unchecked after having been previously checked.
Corrected problem with "Monitor Folder" Event Rule that caused EFT Server to stop processing more rules after a period of time.
Corrected issue with resumed uploads of 0 bytes causing an "On Upload" even to fire.
Corrected problem with VFS when usernames with an underscore caused groups with similar names not to appear in the VFS user list.
Corrected internal thread synchronization problem that sporadically caused EFT’s service to stop and EASServer.exe to go into a non-responding mode.
Corrected problem where NT Auth users were not able to login using logon name i.e (Domain\Username) over sftp protocol on the first attempt.
Corrected crash when EFT Server was behind an Alteon switch.
Corrected problem where, under certain upgrade paths, all OpenPGP keys created in the prior build displayed a key size of 1024 (affected only the display of this value).
Corrected issue with users being duplicated after successful connection with different login credentials such as('Domain\Username') for the same user.
Corrected HTTP such that the realm value shown to connecting HTTP clients when authenticating does not show the internal address.
Corrected EFT Server service crash when connecting to AD/NTLM site with an invalid username.
Corrected a problem where the home folder setting at the user's settings level was not always being used to set the home folder for a new user.
Corrected problem with SFTP Public Key Authentication (PKA) for the Download action of Event Rules that prevented connection to remote SFTP servers.
Corrected a display issue in the DMZ Gateway where it was showing a negative number of active connections.
Corrected problem where users were unable to connect to EFT Server using .NET 2.0 Framework FTP object.
January 2006
Version 4.0.10
January 11, 2006
New Features
Added capability to authenticate using e-mail aliases in Active Directory (requires registry tweak - contact support for instructions if you desire to use this auth method.)
Fixes
Corrected limitation to the amount of event rules that could be created
Corrected a problem where decrypting a file from a Monitor Folder operation could result in a deleted file
Disabled a keyboard shortcut resulting in GUI Administrator close when Enter pressed
Corrected registration information displayed in the Help About box after activation
Corrected a problem where the Create Certificate command not functioning when a certain combination of options enabled.
Corrected OpenPGP key expiration logic
Corrected presentation of certain menus so they would only appear in the right context
Corrected PGPv9 and GnuPGP migration issues
Corrected VFS rename issue that resulted in undesired creation of new folder
Corrected wrong context variable for "local port," "Home IP," and other variables for certain event rule actions
Corrected event rule trigger for https protocol operations when the User Quota Exceeded is used
Corrected "Use Mode Z Compression" toggle under settings so that it can be unchecked
Corrected a minor AD authentication issue with DOMAIN/username sequence
Corrected fringe crash when deleting groups created under certain conditions
Corrected fringe crash when going through a particular menu selection sequence
Corrected an upgrade incompatibility when upgrading from EFT 4.0.5 to 4.0.11
Corrected security problem where blank usernames could be utilized for admin login IDs
Corrected file removal issue under certain fringe conditions
Corrected problem with multiple e-mail notifications being sent under certain event rule triggers
Corrected minor toolbar icon, typos, incorrect prompts, and other small UI issues
Corrected Web Transfer Client folder naming issue when escape codes or brackets were used as part of the folder name
Version 4.0.9
January 05, 2006
New Features
Added context variable placeholders to the PGP Action dialog for Monitor Folder event
Enhancements
Improved Custom On Timer event to allow hour ranges greater than 24 hours
Improved Folder Monitor event rule so that file system context variables are updated to new filenames after PGP operations
Improved wildcard operations (PGP, Move/Copy) so that they do not operate on FOLDERS, only FILES
Fixes
Corrected DMZ Gateway port management for Active Mode FTP connections
Corrected COM interface marshaling problem in Monitor Folder event that caused PGP operations to fail
Corrected issue with encryption of folders when *.* or * is used
December 2005
Version 4.0.8
December 8, 2005
New Features
Added mechanism to API interface to optionally remove folder inheritance
Added mechanism to API interface for LDAP site creation
Enhancements
Improved thread synchronization of OpenPGP library operations
Improvements to Web Transfer Client visualization
Improvements to Web Transfer Client operation on non-Internet Explorer browsers
Improvements to performance on OS X 10.4+. The EFT Web Client requires OS X 10.4 or better.
Encryption of large files over applet uploads now functions as expected.
Fixes
Corrected error that could cause service crash when passing parameters to custom commands
Corrected Web Transfer Client registration status information
Corrected DMZ Gateway to properly close ports when connection is closed
Corrected LDAP Authentication provider to disallow blank passwords on account verification
November 2005
Version 4.0.6
November 9, 2005
New Features
Added manual resume transfer operation for Web Transfer Client
Added memory mechanism for last remote folder location for Web Transfer Client
Added "Passive Mode IP Address" feature to DMZ Gateway Server to better handle use behind NAT
Added "pong" response to EFT Server "ping" message sent to DMZ Gateway Server to keep Peer Notification Channel alive
Enhancements
Updated OpenPGP Libraries to support AES cipher
Improved cookie handling for Web Transfer Client to avoid inactive timeout failures
Updated Web Transfer Client interface for improved Transfer Queue layout
Fixes
Fixed CRC validation issues in Web Transfer Client, including proper impersonation of user account for NT/AD site
Fixed issue with SFTP file operations when user home folder is set as root folder
Fixed issue where stop & start service caused user SSH keys to be forgotten
Fixed issue with ON TIMER event that caused the timer to stop operating when action failed
Fixed issue where DMZ Gateway server incorrectly fragmented FTP responses to client
September 2005
Version 4.0.5
September 20, 2005
New Features
Added captions to web transfer client buttons
Added disable CRC check option to Web transfer client
Added MOVE and COPY feature to the web transfer client
Added auto-resume functionality in the web transfer client
Enhancements
Users without list permission now receive the HTTP/S default page instead of a 403 error
Improved logic for automatically adding quotes to parameters used in Custom Commands via Event Rules
Fixes
Fixed wildcard support for OpenPGP and MOVE/COPY file actions in event rules
Fixed issue when EFT "Block site to site transfers" restriction failed to account for PASV commands coming through the DMZ Gateway
Fixed instability issue from setting up IP Access on EFT while using DMZ
Version 4.0.4
September 6, 2005
Enhancements
Improved display of Trial registration "Evaluation days left" immediately after registration message is received
Improved resuming SFTP uploads when user's home folder is treated as default root
Fixes
Corrected version EFT Server 3.5.1 upgrade issue where On File Download event rule gets renamed to File Rename
Corrected error when modifying user VFS permissions then selecting Refresh
Corrected "Enable time out" option to properly disconnect SFTP sessions
Corrected event rule processing so an On timer event rule with download, move, decrypt actions can process together
Corrected event rule processing so a successful Copy/Move action does not trigger "If action FAILED then" notification email
July 2005
Version 4.0.3
July 29, 2005
Enhancements
Improved reporting of Event Rule variables currently being displayed as N/A
Improved Web Transfer Client functionality by eliminating double login
Improved Event Rule logic so Download Fail events are not processed when loading the Web Transfer Client
Implemented "keep alive" message between EFT Server and Gateway to avoid network devices closing the peer notification channel because it is inactive
Fixes
Corrected manual registration emails addresses
Version 4.0.1
July 15, 2005
New Features
Added loading icon to web applet
Added information popup and login window for proxy authentication via the web applet
Added mechanism to brand the HTML deployed for web transfer applet
Added more branding options to for the deployable web transfer client
Enhancements
Improved security during first install of web applet
Improved use of time control in event rules
Improved reporting of 404 errors when performing XCRC checks via the web applet
Removed "or subnet" text from IP restriction to clarify use
Fixes
Corrected error when restarting the EFT Server service while using remote administration
Corrected error with cmdout.log not being created or written to
Version 4.0
July 7, 2005
Enhancements
Enhanced communication between EFT and Gateway
Fixes
Corrected problem with OpenPGP encryption/decryption speed
June 2005
Version 3.5.1
June 14, 2005
Fixes
Signed jar files added with official certification for EFT Web Transfer Client
Fixed COM connection corrected
Corrected HTTP/S Upload error from other clients
Version 3.5.0
June 13, 2005
New Features
Added LDAP authentication support (LDAP Auth Manager)
Added data integrity support (CRC32) for EFT Web Transfer Client
Fixes
Corrected event rule locked-file errors for HTTP/S form-based file uploads
Corrected browser refresh (F5) issue with expired Web Transfer Client sessions.
May 2005
Version 3.3.0
May 03, 2005
New Features
Added EFT Web Transfer Client
Enhancements
Improved COM interface error reporting by implementing ISupportErrorInfo interface
Updated registration mechanism such that successful registration automatically restarts the service to bring new registration values into effect.
Fixes
Corrected parent path issue in HTTP/S
Corrected NTLM/AD impersonation issues in HTTP/S
Corrected file locking problems that caused some files to not appear after uploads when a user home folder was specified to be the root folder.
Version 3.4.0
May 19, 2005
New Features
Added wildcard support for PGP and MOVE/COPY actions in event rules
Added PGP encrypt/decrypt/sign to OnLogout Event for improved "batch processing"
Enhancements
Modified "Default Settings Level" to have "max connections per user" and "max connections from same IP" to be UNLIMITED, not 10
Fixes
Corrected Web Transfer Client license count validation on server startup
Corrected issue causing HTTP/S to improperly return "503 Service Unavailable" messages to clients under certain conditions
Corrected issue with COM Admin improperly set site values, causing unpredictable behavior
April 2005
Version 3.2.0
April 4, 2005
New Features
Added FORM-based file upload feature
Fixes
Corrected issue so bandwidth limits are now honored by SFTP, HTTP/S
Corrected issue so disk quotas now honored by SFTP, HTTP/S
Corrected issue so transfer quotas now honored by SFTP, HTTP/S
Corrected issue so SSH transfers record file sizes
Corrected issue so all IP addresses are recognized on multi-homed Win2K3 box
Corrected issue so logging records the server port number
Corrected issue for PUT method failing for some uploads: returns "400 Bad Request"
Corrected issue with right-click editing multiple docs
Corrected issue in some instances where On File Upload events not triggered when using SFTP
Corrected issue where some Event Rules did not release handles correctly
March 2005
Version 3.1.0
March 21, 2005
New Features
Added Username/Password Replacement Variables for MOVE/COPY Event Rule Action
Added Admin Delegation
Added support for *nix "shadow" password file formats
Added support for password creation with special characters
January 2005
Version 3.0.1
January 4, 2005
Enhancements
Updated internal account management logic to support large (30,000+) number of users in authentication store
Fixes
Corrected issue with COM Interface communicating with Service
Corrected HTTP(S) authentication against domain controller so that domain name is not required as part of username (DOMAIN\username)
November 2004
Version 3.0
November 17, 2004
The initial public release of Enhanced File Transfer (EFT) Server