EFT

April 2024

v8.2.0.45

Apr 1, 2024

New Features

Advanced Workflow Module (AWM)

• Updated Automate Workflow Module (AWM) to v2024

Context Variables

• Added %EVENT.ACTION_FAILURE_REASON% to return event rule failure reason

• Added %FS.VIRTUAL_DIR_NAME% to return the virtual folder name alias

Connection Profiles

• Added native support for Google Cloud

• Added support for Google Drive

EFT Administration

• Added support for EFT site propagate

• Added support for EFT site artifacts propagate

• Added support for Web Admin Client (WAC)

• Added support for Server Name Indication (SNI)

• Added support for Microsoft 365 OAuth 2.0 email

• Added support for Gmail OAuth 2.0 email

• Added support for Email templates

• Added support for OpenID

Event Rules

• Added support for OpenSSL action

• Added support for User Create action

Event Rules

• Updated the Remote Admin COM API topic

OpenSSL

• Updated OpenSSL library to 3.1.4 (Note: FIPS will continue to use 1.0.2u)

• Updated OpenSAML to 3.2.1

Remote Agent (RAM)

• Added support for proxy

REST API

• Added support for restrict access to REST API to a few traditional admin roles

• Added support to provide updated error codes for Admin password change errors

• Added support to get metrics for all sites in a single reques

• Added support for filtering by group to users endpoint

• Added support for changing admin password on log in

• Added support for sorting to the users endpoint

• Added support for filtering to the users endpoint

• Added support to generate support bundle

• Added support to generate ARM reports

• Added support for user actions

• Added support for event rule counters

EFT SyncTool

• Added support for EFT 8.1

Enhancements

Advanced Properties (AP)

• Added new AP to disable mkcol requests, DisableMKCOLRequest, tunnelNonHttpVerbs

• Added new AP to remove username and domain in shared workspace link, UseIdInWorkspaceLink

• Added new AP to remove links from workspace comment, RemoveLinksFromWorkspaceInvitations

• Added new AP to increase SFTP buffer size, SFTPWinFileReadWriteBufferSizeKB

• Added a new AP to Force Zero Preview for ICAP specific servers, ForceZeroPreview

• Removed the MaxNumberConnectionsPerSite, AP as this is no longer used

Advanced Workflows

• EFT upgrades will export all Automate workflows into a zip file for backup

• Added ability to suppress Automate workflow popups

• Added support for Dataset

• Added support for JSON objects

• Added support for TLS 1.2 in Azure Action

• Removed support for SharePoint 2007 and 2010

• Added SharePoint App Only and Azure AD Only authentication types

• Added support for TLS 1.2 and TLS 1.3 in FTPS connections

• Various User Interface enhancements

• Various SharePoint Action enhancements

• Various Variable Action enhancements

• Various OCR Action enhancements

• Various FTP Action enhancements

• Various File System Action enhancements

• Various Terminal Action enhancements

• Various Image Action enhancements

• Various Compression Action enhancements

• Various HTTP Action enhancements

• Various Exchange Action enhancements

• Various PDF Action enhancements

• Various Email Action enhancements

• Various Dialog Action enhancements

• Added support for TLS 1.2 in Web Service Action

• Updated Automate Task Builder layout

ARM

• Added a new "Result" field in the Actions table

• Removed SAT related tables from ARM database

EFT Administration

• Upgraded all .Net components to .Net 4.8

• Updated Database related help link

• Added a new Automate Service Account section

• Increased Default Minimum Password Length for EFT adminstrator accounts

• Updated branding graphics

• Updated links to module licensing site

• Added better sorting capabilities for SSH user key management

• Updated verbiage and links to reflect Fortra

• Added new link to Fortra Connector Hub

Event Rules

• Added option to compress files older than X to the Compress Action

High Availability (HA)

• Updates to HA Active-Active upgrades by providing a new prompt to determine last node being upgraded

Licensing

• Updated Advanced Workflow Module (AWM) trial period to 15 days

OpenPGP

• Restored legacy support to export all pgp keys into a single set of public and private keys

Remote Agent (RAM)

• Added SFTP logger configuration in the Remote Agent logging

REST API

• Improved REST responses for the authentication endpoint

WTC

• Updated Angular to v16

• Updated branding graphics

• Removed code for deprecated clients

• Added support for redirect to hom epage and login when URL is invalid

Fixes

ARM

• Fixed an issue where AuthenticationsExpired table was missing from the Purge Script

• Fixed an issue where Admin Actions would not log created Event Rules

• Fixed an issue where Activity - Session Lifecycle report had incorrect timestamp format

• Fixed an issue where AS2 Detail reports would not generate when using an Oracle database

• Fixed an issue where EFT administrators could not stop ARM report generation from the GUI

Advanced Workflow Module (AWM)

• Fixed an issue where the help file would fail to launch from the Task Builder

Authentication

• Fixed an issue where a blank RelayState values would cause authentication failures

• Fixed an issue where MFA would bypass Active Directory (AD) expired passwords

• Fixed an issue where reset passwords were not propagating to other nodes in an HA cluster

• Fixed an issue where disabled users would not trigger User Login Failed Event Rule for SFTP and HTTP protocols

• Fixed an issue where Enforcing Strong passwords would not properly honor words from the dictionary.txt

EFT Administration

• Patched CVE-2023-2989

• Patched CVE-2023-2990

• Fixed an issue that under specific configurations could cause EFT to crash on certificate expiration notification

• Fixed an issue where the EFT server could crash when OCSP stapling is enabled

• Fixed an issue where Uploads per Session for HTTP/HTTPs connections would not work as expected

• Fixed an issue where Password Expiration notices were sent on stopped EFT sites

• Fixed an issue where under certain conditions the GUI could crash while attempting to login

• Fixed an issue where the GUI would revert to previous interaction area

• Fixed an issue where the scroll bar would not appear when adding several conditions to the same line

• Fixed an issue where the certain AD user profile details were not being added into EFT's user profile

• Fixed an issue where Max Transfer speed setting was not being honored

• Fixed an issue where LDAP Auth Manager test would limit users to 10k users

• Fixed an issue where EFT could hang under certain conditions during DMZ Gatewaysocket initialization

• Fixed an expired Help link under the File send UI

• Fixed a caching issue when using Test for LDAP site configurations

EFT Event Rules

• Fixed an issue where under certain conditions after an upgrade some EFT event rules could cause EFT to crash

• Improved exception handling for multi-file transfers for AWS S3 upload/download

• Fixed an issue where multipart AWS uploads could crash EFT

• Improved AWS cloud download performance

• Fixed an issue where the Overwrite function would not work as expected

• Fixed an issue where multiple nodes in an HA cluster would trigger an event rule on the same file

• Fixed an issue where Numerate in File actions would not work as expected

• Fixed an issue where Event Rules would not be able to pass /*.* to Advanced Workflows

• Fixed an issue where context variable %FS.BASE_FILE_NAME% would not work after a PGP action

• Fixed an issue where File rename operation would not work after upgrading to EFT 8.1

• Fixed an issue where Event Rules could not be enabled/disabled after being renamed

• Fixed an issue where the User Created Event Rule that triggers an Advanced workflow could cause an EFT admin UI disconnect

• Fixed an issue where Override credentials may not work under certain conditions

• Fixed an issue where File Upload rule with PowerShell action could trigger more than once

• Fixed an issue where exclude file in File Delete operation would not work as expected

• Mitigated Zip Slip vulnerability

• Fixed an issue where Event Rule Daily Run starts on Tuesday instead of Monday

• Fixed an issue where the PowerShell action would share embedded defined context variables with other Event Rules

• Fixed an issue where Failed decompress actions would show as successful in the ARM database

• Fixed a typo in the Report Action UI

• Fixed an issue where the Overwrite option was available under the Import CSV from Dataset UI

High Availability (HA)

• Fixed an issue where LastActiveTime synchronization could cause user login requests to hang

• Fixed an issue where cluster nodes could run out of sync due to a deadlock

Help Documentation

• Fixed our help documentation with updated footer and header

• Fixed an issue where launching a PDF file could cause the EFT admin GUI to crash

• Fixed an issue where script errors were displayed in Advanced Workflow section

• Fixed an issue where the REST API help could cause UI hangs

Logging

• Fixed an issue where an incorrect stat remote file error would be displayed in the TED6 log for SFTP connections

• Fixed an issue where Test button for cloud secrets would not log to the EFT log file

• Fixed an issue where TOS customizations would not properly reference the path being used in the EFT logger

OpenPGP

• Fixed an issue where Decrypt and Verify signature would not work as expected

• Fixed an issue where File Upload event rules with PGP encryption could create a 0kb file after upgrading to EFT 8.1

Outlook Add-in

• Fixed an issue where the Help Guide in the EFT Outlook Add-in would not load

• Fixed an issue where Outlook Add-in would error when using a SharePoint Send link

Proxy Protocol

• Fixed an issue where EFT could crash when using proxy protocol over FTP

Registration

• Updated the EFT Advanced Workflow Module (AWM) trial period to 15 days

Remote Agent

• Updated RAM log to remove authorization agent details

• Fixed an issue where RAM in 8.0.3 could not process rules from EFT 8.1.1

REST API

• Fixed an issue where "The specified template does not exist" would be returned on the Add users endpoint

• Fixed an issue where REST API calls for ARM PDF reports would not return any data

Workspaces

• Fixed an issue where under certain configurations the username and password details were logged in the EFT logger for Workspaces

• Fixed an issue where under certain configurations File links in Workspace emails did not work

• Fixed an issue on how the Dropoff portal quota is updated and verified

WTC

• Fixed an issue where password change did not work as expected

• Fixed an issue where Firefox mobile would fail on uploads

• Fixed an issue where Reset Password does not always work in case of invalid username and email

• Fixed an issue where under certain conditions could not load password complexity details

• Fixed an issue where the Advanced Property (AP) UplReqDel, was no longer supported in EFT 8.1

June 2023

v8.1.0.16

Jun 5, 2023

Fixes

EFT Event Rules

• Fixed an issue where EFT event rules configured with Matching Filenames set to Numerate on local file uploads would not numerate the initial file properly.

EFT Security Updates

• Mitigated a directory traversal vulnerability known as "Zip Slip" when exercising compression or decompression within EFT. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11585/Is-EFT-susceptible-to-the-Zip-Slip-vulnerability.

• Mitigated an EFT administrator authentication out-of-bounds memory read vulnerability. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11586/Is-EFT-susceptible-to-the-Authentication-Bypass-via-Outofbounds-Memory-Read-vulnerability.

• Mitigated an EFT server crash due to vulnerability when sending recursively compressed packet to the administrator port. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11588/Is-EFT-susceptible-to-the-Denial-of-service-via-recursive-Deflate-Stream-vulnerability.

• Setting "Require SSL for remote administration" as default when enabling remote administration to avoid password leak due to insecure defaults. Refer to Globalscape KB article https://kb.globalscape.com/Knowledgebase/11587/Is-EFT-susceptible-to-the-Password-Leak-Due-to-Insecure-Defaults-vulnerability.

April 2023

v8.1.0.14

April 5, 2023

Fixes

EFT Cloud Connector

• Fixed an issue where AWS cloud transfers were slower.

• Fixed an issue where under certain conditions AWS uploads could cause EFT to crash.

• Fixed an issue where under certain conditions Azure uploads could cause EFT to crash.

EFT Event Rules

• Fixed an issue where after upgrade File Rename actions in certain conditions would not rename files.

• Fixed an issue where certain optional custom parameters were not passed to AWE from an Event Rule.

• Fixed an issue where Folder Monitor Event Rules would not move files with filenames that started with a period.

• Fixed an issue where under certain conditions the Overwrite option would not always overwrite an existing file.

• Fixed an issue where Event Rules with AWE actions were incorrectly using virtual paths in context variables.

• Fixed an issue where %FS.PATH% context variable was not being updated after a move offload action.

• Fixed an issue where Overwrite in a download action was not working as expected on a destination virtual path.

EFT Help Updates

• Updated several help topics and broken links.

EFT Logging

• Cleaned up user details on the Workspace log.

EFT Web Transfer Client (WTC)

• Fixed an issue where EFT was not returning the proper error code on invalid username and email in the Forgot Password WTC.

• Fixed an issue where Uploads per Session configuration was not being properly enforced.

EFT Security Updates

• Updated OpenSSL library used in OpenSAML to version 1.1.1t, other features are still using 1.1.1o.

October 2022

Version 8.1.0.11

October 31, 2022

Fixes

EFT Event Rules

• Fixed an issue where Timer Event Rules configured for Daily runs would not trigger on Monday.

August 2022

Version 8.1.0.9

August 5, 2022

New Features

Context Variables

• Added %USER.HOME_FOLDER_PATH% to return user's full home folder path

EFT Administration

• Added support for 64bit

• Added support to create Advanced Workflow folders

• Added support for Upload VFS Quotas

• Added support to map EFT site root folder to the cloud

• Added support for Remote Agent list export to CSV

• Added support for SSL Certificate Rotation Period Notification

Event Rules

• Added support for multi-event rule move to folder

High Availability (HA)

• Added support for upgrade cluster with zero downtime

OpenPGP

• Updated OpenPGP library

OpenSSL

• Updated OpenSSL library to 1.1.1o (Note: FIPS will continue to use 1.0.2u)

Remote Agent (RAM)

• Added support for Compress/Decompress action in RAM

REST API

• Added REST API support for email templates

• Added REST API support to obtain defined users under the /sites/{siteid}/users endpoint

• Added REST API keep-alive endpoint

• Added REST API support to return admin session information

• Added REST API support for User Settings templates

• Added REST API support for Permission Groups

• Added REST API support for AWE

• Added REST API support for Custom Commands

• Added REST API support for Connection Profiles

• Added REST API support for DMZ Gateway

• Added REST API support for VFS cloud

• Added REST API support for Remote Agents

WTC

• Added support for downloading a workspace share folder as a zip file

Enhancements

Advanced Properties (AP)

• Removed "EnableMultiPart" and "MultipartValue" APs

Context Variables

• Expanded support for %FS.VIRTUAL_PATH% in certain event rules

• Expanded support for %WS_OWNER_NAME% in the Send email template

EFT Administration

• Increased Compress/Decompress buffer size for better performance in EFT admin UI and event rules

• Restored the ability to select registration for Single or Multi Site DMZ

• Added WEL and EFT logging for PGP Key Rotation Period Notification

• Added Support for Microsoft Edge WebView2 for ARM report rendering

• Support for Windows Server 2022

Event Rules

• Added AWS Region Asia Pacific, Jakarta

High Availability (HA)

• EFT Templates are now in a single location when configured in a cluster

Licensing

• EFT will now provide 5 free workspace licenses upon activation of the HTTPs module

• Added support to register Advanced Security Module (ASM) license key in Regulatory Compliance Module to unlock both Regulatory Compliance Module and Advanced Authentication Modes Module

• Added support to register Express Security Module (ESM) license key in Regulatory Compliance Module to unlock Regulatory Compliance Module

• Restored EFT registration UI behavior, EFT Server must first be registered before any other module

• Added Advanced option to the EFT registration wizard to help troubleshoot registration issues

REST API

• Added the ability to obtain last password change details in the userId metrics endpoint

Fixes

ARM

• Fixed an issue where data reported in the Traffic - Protocolwise Connections table were not properly reporting the correct bytes

Authentication

• Fixed an issue where LDAP users were getting provisioned without authentication due to an issue with SAML SSO configurations

Custom Commands

• Fixed an issue where modified custom commands would not be saved

• Fixed an issue where context variables to action fields broke legacy behavior

EFT Administration

• Fixed an issue where the EFT Admin UI could hang when disk quota would trigger recalculation

• Fixed an issue where the EFT administrators would not be able to connect via our Admin console remotely when TLS 1.3 was disabled

• Fixed an issue where the EFT administrators could not set large values in custom user profile fields

• Fixed an issue where requests were made to the EFT AppData path on user account login

• Fixed an issue where the RADIUS test button would report a failure even when configured properly

• Fixed an issue where the Automate Workflow logs would reside on the wrong path when configuring EFT remotely

• Fixed an issue where the EFT Admin UI could crash when configured with a specific CIC profile

• Fixed an issue where the Azure Blob SAS token test button would report a failure even when configured properly

• Fixed an issue where the Admin UI stats option would not properly count event rules

• Fixed an issue where EFT Event Rule administrators could not use the browse button in an event rule

• Fixed an issue where copying/pasting event rule conditions/actions would not work as expected

• Fixed an issue where under certain conditions EFT admin UI could hang during backup process

• Fixed an issue where under certain conditions upgrades from EFT Express could fail

• Fixed an issue where EFT would not properly prohibit reuse of previous password minimum value

• Fixed an issue where the EFT admin UI would not always report the correct active session count

• Fixed an issue where under certain conditions EFT would crash after an upgrade

• Fixed an issue where under certain conditions new users were not being forced to change password upon first use

• Fixed an issue where banned file types were still allowed to upload

EFT COM API

• Fixed an issue where site.GetPermPathsList would not properly identify non-existing folders

• Fixed an issue where certain workspaces API endpoints were no longer available

EFT Event Rules

• Fixed an issue where Automate Workflow event rules would not always trigger after an upgrade

• Fixed an issue where under certain conditions Folder Monitor event rules could double trigger

• Fixed an issue where Cloud Upload actions would fail when the name contained a comma

• Fixed an issue where the If Login Name condition would not work under certain conditions

• Fixed an issue where the User Login failed condition would not trigger in the HTTPS protocol

• Fixed an issue where If Virtual Path filter would not work when configured with Starts With

• Fixed an issue where under certain conditions a configured MultiPartUpload could crash EFT

• Fixed an issue where under certain conditions a configured pure sync event could cause EFT to crash

• Fixed an issue where Cloud Monitor object event rules may not properly load balance

• Fixed an issue where uploading to a Azure Blob would fail with permissions lower than Storage Level Access

• Fixed an issue where under certain conditions users were unable to login via CAC when AllowNonCACUsers AP is enabled

FIPS

• Fixed an issue where upon upgrade EFT would not disable non-supported FIPS ciphers

• Fixed an issue where under certain conditions upon upgrade to 8.0.6 FTPS transfers would fail

FTP

• Fixed an issue where FTP would fail to connect to OpenVMS

Logging

• Fixed an issue where TED6logs were not saved on the correct path when configured with an AP

MFA

• Fixed an issue where UserAgentHeaderMustUseOTP Advanced Property (AP) would not properly work with different formatting/configurations

OpenPGP

• Fixed an issue where OpenPGP would fail to decrypt encrypted files with Bouncy Castle

Registration

• Fixed an issue where manual registration for DMZ Single site license would fail

Remote Agent

• Fixed an issue where under certain conditions Remote Agents could experience memory leaks

• Fixed an issue where under certain conditions a Remote Agent could enter an infinite loop when trying to write to the log

• Fixed an issue where UTF-8 characters in remote agent rules were not supported

SFTP

• Fixed an issue where SFTP connections would not handle directly listing correctly with the STAT command

SSL

• Fixed an issue where FTP via SSL connections could cause performance issues with certain clients

Workspaces

• Fixed an issue where guest user Workspaces registration would fail when passwords contained # character

• Fixed an issue where Workspaces users were unable to attach web file request in the reply portal

• Fixed an issue where the WTC page would not display correct error when accessing a workspace invite after workspaces is disabled

WTC

• Fixed an issue where WTC would fail to generate an appropriate error message when a password match a dictionary word

• Fixed an issue where EFT would pass windows reserved paths accessible via WTC

• Fixed an issue where under certain conditions exercising the forgot password option could SPAM a user account

• Fixed an issue where WTC will now provide a prompt when a user account is blocked due to invalid login attempts

• Fixed an issue where password complexity UI would not properly display for guest accounts

• Fixed an issue where WTC users could not change their password when configured with an empty password

December 2021

Version 8.0.7.4

December 04, 2021

Fixes

• Features from EFT Express and EFT Enterprise have been merged into one EFT, with some features part of "EFT core" and others repackaged into new or existing modules. (For example, EFT Express ESM license activates the Advanced Authentication Modes module when upgrading to Continuum.) Refer to Feature Availability in the EFT online help for details. (If you are upgrading from an earlier EFT version, the features you had previously licensed continue to be available.)

• A new Enterprise Actions Module (EAM) is used to activate previous Enterprise-only features, such as executing scripts, performing folder and file operations, compressing/decompressing files, subroutines, dataset actions, and REST invocation

• You can now deregister licenses in EFT. This is used in the event that you are moving EFT to a new computer, the wrong serial number was used on the server, the module was not supposed to be registered on the server or node, or you are moving between perpetual licenses to subscription-based keys.

• Added new ServerModule enums to activate modules

Enhancements

• Updated EFT installer (EFT.exe/EFT-nodb.exe) (TFS 380907)

• The Mobile Transfer Client (MTC) is now part of EFT core.

• The Secrets functionality is now part of the Cloud Connector module (CCM)

• The Upload forms feature (for gathering metadata) is now available in the Secure Forms Module (SFM)

• Each protocol other than FTP requires a separate module (FTPS implicit/explicit is a separate module)

• The features that were in the security modules (ESM/ASM) have been "repackaged" into the Advanced Authentication Modes Module (for CAC, RADIUS/RSA, SAML) and Regulatory Compliance Module (for GDPR and PCI DSS)

• The Event Rules modules that were in EFT Express (CCM, FTC, FMM, PGP, TEM) are now modules in the merged EFT platform and provide the same actions and events as before

• Multifactor authentication (2FA, SMS) has been moved to the HTTPS module

• The Advanced Workflow Engine (AWE) has been renamed the Advanced Workflows Module (AWM)

Fixes

• Fixed an issue where AWE 10 was no longer writing to individual csv logs (TFS 381793, Case 91337)

• Fixed an issue where AWE 10 was unable to connect to SharePoint using TLS 1.0 (TFS 381795, Case 91542)

• Fixed an issue where AWE 10 was logging to automatetasklist.txt (TFS 381794, Case 91337, 91542, 83445)

November 2021

Version 8.0.6.18

November 07, 2021

Fixes

• Fixed an issue where Windows permissions were not used for NT/AD site user created by login via HTTP (TFS 381871, Case 94506)

• Fixed and issue where users were unable to send a workspace share to existing users within a blacklisted domain (TFS 382023)

September 2021

Version 8.0.6.16

September 21, 2021

Enhancements

EFT Administration

• Support block probing attempts in HTTP/S (DoS DDoS Flood) (TFS 380511)

• Added ability to create users in Guest Users template for LDAP or AD configured sites (TFS 380301)

Advanced Properties

• Added ability for Auto-ban to ignore unauthorized (anonymous) access to the defined paths (AutoBanAnonymousUnauthorizedAccessServicePathAllowList). Default value set to None (TFS 380511)

• Added ability for Auto-ban to ban IP address on authorized (anonymous) access to defined paths (AutoBanAnonymousUnauthorizedAccessServicePathBlockList). Default value set to None (TFS 380511)

• Added ability to enable or disable ARM BatchSQL feature so SQL requests can be applied one at a time as previous EFT 7.4 versions (DisableARMBatchSQL). Default set to false (TFS 381135, Case 92284)

• Added ability to use multiple methods for ICAP Services (REQMOD AND RESPMOD) on the same URI (ICAPAllowMultipleMethodsForOneURI ). Default set to false (TFS 381063, Case 90968)

• Added ability for EFT event rules not to intermediate encryption and decryption when transferring files to and from Encrypted Folders (IgnoreEncryptedFoldersInOutboundTransfers). Default set to false (TFS 380358)

• Added ability to get file attributes via SFTP using FSTAT or LSTAT (SFTP2_ForceUseFSTAT). Default set to false (uses LSTAT) (TFS 380786, Case 89420)

• Added ability to set list of user agents that are not allowed to bypass MFA (UserAgentHeaderMustUseOTP). Default set to None (TFS 379921, Case 87357)

• Added ability to limit the number of workspaces that are cleaned up in a single pass so there is minimal EFT operational disruption (WorkspacesCleanupPortionSize). Default set to 1000 (TFS 379954, 380783, 380742, Case 90939, 87849, 91541, 92429)

ARM

• Added support for SQL 2019 (TFS 70411)

COM API Added interfaces:

• Added ICIAbortUserOperationActionParams interface

COM API Added properties:

• Added ICIServer interface "CloseServerService" method

• Added ICISite interface PGP properties:

• PGPSendEmailExpirationCopyToAssociatedUser

• PGPSendEmailPriorExpiration

• PGPSendEmailUponExpiration

• PGPEmailExpirationRecipientsList

• PGPTimePriorExpirationInDays

• Added ICIPGPKeyInfo interface property: UsageFlags

• Added ICIEncryptedFolder properties:

• EncryptionKey

• KeyAlias

COM API enums

• Added EventActionType enum: "AbortUserOperationAction"

• Added Event Type enums:

• OnAS2Test

• OnAS2AsyncResend

• OnWorkspaceExpired

• OnSecureMessageComposed

• OnSecureMessageSent

• OnSecureMessageNotSent

• OnSecureMessageViewed

• OnSecureMessageAttachmentBeforeDownload

• OnSecureMessageAttachmentAfterDownload

• Renamed EventType enum "BeforeWorkspaceDeleted" to "OnWorkspaceBeforeDelete"

Event Rules

• Added new ad hoc (Workspaces) conditions (TFS 369704)

• Added new Abort User Operation action (TFS 379474)

• Added new ad hoc "Message Composed" workspace event (TFS 369702)

• Added new ad hoc "Message Not Sent" workspace event (TFS 369702)

• Added new ad hoc "Message Viewed" workspace event (TFS 369702)

OpenPGP

• Added ability to notify on PGP key rotation period (TFS 365341)

• Added support for OpenPGP key metadata to easily identify PGP keys (TFS 376950)

Remote Agent

• Added ability to import and export RAM rules (TFS 379187)

SSL

• Support for TLS v1.3 (TFS 379224)

VFS

• Added ability to map virtual folders to cloud storage (Beta) (TFS 379854)

Web Transfer Client (WTC) & Workspaces

• Added support for pagination of directory listings (TFS 377878)

June 2021

Version 8.0.5.12

June 06, 2021

• Fixed an issue where certain event rule configurations would fail to upgrade to EFT 8.0.5

April 2021

Version 8.0.5.7

April 30, 2021

New Features

EFT Administration

• Added support for Proxy Protocol (TFS 376808)

• Added a warning when exceeding EFT's specified limits (TFS 376816)

• Added a "Last password change" field under the user's General tab (TFS 379671)

• Added a Secrets Module backup storage location (TFS 376215)

• Added the ability to define SSL and SFTP security settings (ciphers, mac's, etc.) at the Site Level (TFS 370369)

• Added support for Twilio custom verification code (TFS 378823)

• Added a warning for Folder Monitor Rules when monitoring a user's home folder path (TFS 376494)

• Added ability to promote an EFT Server to a new cluster (TFS 377176)

• Added two new Performance Counters: Event Rules Running Async Events, Event Rules Size of Async Events Queue (TFS 341305)

Advanced Properties

• Added ability to ignore sending password reminder emails for expired or disabled user accounts (SendPasswordReminderEmailForDisabledClient). Default set to True (TFS 378128, Case 83175)

• Added ability to set expiration limits on password reset links (PasswordResetLinkExpirationPeriodMinutes). Default set to 30 minutes (TFS 376459, Case 79626)

• Added ability to set AKV Recovery Access Key (AKVRecoveryAccess) (TFS 376215)

• Added ability to set AKV Recovery Host (AKVRecoveryHost) (TFS 376215)

• Added ability to set AKV Recovery Password (AKVRecoveryPassword) (TFS 376215)

• Added ability to set AKV Recovery SiteID (AKVRecoverySiteID) (TFS 376215)

• Added ability to set legacy asynchronously reply (success reply is sent to client after the event rule kicked off), (WaitOnFileUploadEventCompletionBeforeSendingResult). Default set to False (TFS 341305)

• Added ability to control the running rule size thread pool for asynchronous events (RunningAsyncEventsLimit). Default set to 20 (TFS 341305)

• Added ability to control the maximum queued up thread pool for asynchronous events (QueuedAsyncEventsLimit). Default set to unlimited (TFS 341305)

• Added ability to set the max limit in bytes for file action (MaxFileActionReadSize). Default set to 65534 bytes (TFS 376411)

• Added ability to set write limit in bytes for file action (MaxFileActionWriteSize). Default set to 65534 bytes (TFS 376411)

• Added ability to set timeout when receiving Proxy Protocol header after client disconnects (ProxyProtocolHeaderTimeoutInMS). Default set to 6000 ms (TFS 376808)

• Added ability to prioritize SFTP Ciphers (SftpClientCiphers) (TFS 376085)

• Added ability to prioritize SFTP KEX algorithms (SftpClientKexAlgorithms) (TFS 376085)

• Added ability to prioritize SFTP MACs (SftpClientMACs) (TFS 376085)

ARM

• Added support for Oracle 19c (TFS 70411)

• Added support for SQL 2016 (TFS 70411)

COM API interfaces

• ICIFileActionsChecksumParams

• ICIFileActionConcatenateParams

• ICIFileActionDeleteParams

• ICIFileActionFilter

• ICIFileActionReadParams

• ICIFileActionRenameParams

• ICIFileActionWriteParams

• ICISynchronizeActionParams

• ICIRESTInvocationAuthParams

• ICIRESTInvocationVerifyParams

• ICIRESTInvocationEventRuleParams

COM API Properties

• ICIFileActionParams: added GetParams and SetParams, and changed type to Type

• SFTP algorthm-related properties in ICIServer Interface

• ICISite Interface:

• AllowClearCommandChannel

• AllowUnprotectedDataChannel

• Enable the Proxy Protocol

• EncryptionKey

• IsSSLSettingsInherited

• IsSFTPSettingsInherited

• Secrets Module settings

• SSLVersionMask

• SSLCipherList

• WorkspacesOAISecureMessageBodyPolicy

• ICIAWTaskActionParams interface, added WaitUntilCompletes

• ICICommandActionParams Interface, added WaitUntilCompletes

• ICIMailActionParams interface, added WaitUntilCompletes

• ICICallSubroutineActionParams, added WaitUntilCompletes

• ICIContentIntegrityControlProfile Interface, added several new properties

• ICIGDPRSettings Interface, added EncryptionPDKey property

• ICICloudAWSS3DownloadParams interface, added TreatMissingSourceAsSuccess

• ICICloudAzureBlobDownloadParams interface, added TreatMissingSourceAsSuccess

COM API enums

• ChecksumAlgorithm (CRC32, MD5, SHA1, SHA256, SHA384, SAH512)

• FileOperationType, added FileChecksum, FileConcatenate, FileDelete, FileRead, FileRename, FileWrite

• IcapErrorsPolicy

• MatchingFileOption (append, skip, overwrite, numerate, fail)

• RESTInvocation, added to EventType

• RESTInvocationAuthType

• RESTInvocationVerifyType

• SyncDirectionType

• SyncOverwriteType

• SynchronizeAction, added to EventAction Type

Event Rules

• Added REST Invoke trigger (TFS 367340)

• Added Run Now option on any event rule (TFS 376558)

• Added event rule synchronize action that provides sync using EFT's built-in client or Remote Agent (TFS 378435)

• Added File Action operations (Read, Concatenate, Checksum) (TFS 376411)

• Added an option to Event Rules to reply asynchronously (TFS 341305)

• Added checkbox for running event rule actions asynchronously (TFS 375790)

• Added "Treat missing as success" option for Upload Cloud action (TFS 379608)

ICAP (CIC module)

• Added support for reqmod client requests (TFS 377914)

• Added support for respmod ICAP server responses (TFS 377915)

• Added support for OPTIONS method (TFS 377916)

• Added support to allow override of the REQMOD/RESPMOD X-headers sent by EFT (TFS 377974, Case 78915)

• Additional support for Response Handling (TFS 377983)

• Added support to block/allow on HTTP error (TFS 378265)

EFT Outlook Add-In

• Added support to handle duplicate recipients more gracefully (TFS 367839, Case 79773)

• Added authentication failure logic to prevent accidental DoS (TFS 375400, Case 77391)

• Added additional debug logging (TFS 379285)

Web Transfer Client (WTC) & Workspaces

• Added support to give EFT administrators control over Send Secure (mandated, allowed or sender's choice) (TFS 376825)

• Added default settings for all WTC's settings via the Admin-configuration.json (TFS 377004)

• Added WTC language support for: Italian, Japanese, Chinese simplified and Chinese traditional (TFS 377300)

• Added support to display a count for total files/folders or a count of selected files in the current directory (TFS 377689)

• Added the ability to send to self via the Send Portal (TFS 370060)

• Added support for character input validation (TFS 375466, Case 78321)

• Added support for the web client to remember the last state (open/closed) of the Activity and/or History panel (TFS 377875)

• Added easy access to re-brand commonly branded elements in our WTC (Web Transfer Client) (TFS 376830)

Enhancements

EFT Admin UI

• Modified UI/UX for Event Rules (TFS 370698)

• Modified the Default Template Path for new users (TFS 372234)

• Modified EFT's DNS routing process (TFS 375531, 73644)

• Updated cluster web files path to the cluster share path (TFS 376137)

• Updated the SAML error prompt when detecting an incompatible setting (TFS 379426)

Advanced Properties

• Increased Auto-ban Limit default from 10000 to 50000. Additionally, increased the maximum value to 4294967295 from 60000 (TFS 378197)

• Extended filter for all protocols in AuditUnimportantCommands (TFS 378041, Case 82475)

• Extended AuditUnimportantCommands to control logging to the EX logs (TFS 379460, Case 82475)

• Set Max limit for ICAPConnectionTimeoutInMS from 4294967295 to 2147483647 (TFS 378290, Case 83356)

• Removed (FMRunActionsAsynchronously) due to new asynchronous functionality (TFS 375790)

• Removed (applet_only) as this is no longer valid (TFS 375039)

Event Rules

• Context variables are available to action fields (TFS 370855, Case 80765)

• Various Event Rules UI changes (TFS 376444)

• Removed Text in ICAP response headers and body text fields in the EFT UI (TFS 377983)

• Optimization for EFT configurations that contain a large number of Folder Monitors (TFS 376791, 376409, Case 79954)

COM API

• ICIFileActionParams​ properties: Contents, Encoding, ExclusionMasks, IncludeSubdirsFlag, NewNameMask, Operation, Path, OverwriteOption, UseExclusionMasksFlag (functionality moved to new File Action interfaces, listed below)

Web Transfer Client (WTC) & Workspaces

• Removed obsolete web clients (TFS 375039, Case 76747)

• Removed MKCOL call on folder creation (TFS 370399, Case 65468)

• Improvements to the WTC Activity Panel to better identify ongoing transfers (TFS 377501)

• Improvements to Timezone adjustments for file listings (TFS 377502)

• Removal of jQuery in EFT (TFS 378206)

ARM

• Updated a stored procedure for fact table generation to improve performance (TFS 378964)

Fixes

EFT Administration

• Fixed an issue where the UI did not reference HTTPs 2FA as a dependent module (TFS 378250)

• Fixed an issue where commas in multi-string upload forms reported an error when saved (TFS 379606)

• Fixed an issue where the EFT Admin GUI could hang due to listings in the TED transfers (TFS 379004, TFS 378831, Case 84862)

• Fixed an issue where EFT could experience a memory leak when the Admin UI was refreshed multiple times (TFS 378233, Case 84432)

Advanced Properties

• Fixed an issue where (UserAgentHeaderSkipOTP) did not allow multiple user agents (TFS 378135)

ARM

• Fixed an issue where the EFT report "Most Active Users - Connections" would display an entry for a user 'blank' (TFS 379465)

• Fixed an issue where on SQL schema upgrade, sbo assignment on a stored procedure could be skipped (TFS 379454, Case 86556)

• Fixed an issue where a connection string value would be automatically added to an ARM report using the report editor (TFS 376876, Case 79602)

DMZ Gateway

• Fixed an issue where a deadlock between singlegateway and pncsocket could exists (no new DMZ required) (TFS 377892, Case 81076)

• Fixed an issue where DMZ would not listen to FTPS Explicit only (no new DMZ required) (TFS 377458, Case 82367)

COM API

• Fixed an issue where COM GetUserSettings was returning random values for users who had not connected to the server (TFS 378436, Case 84395)

Event Rules

• Fixed an issue where sweep operations or Time event rules would not log Cloud download actions in AWS (TFS 379690)

• Fixed an issue where an extra slash was added to the URL for Azure blob storage (TFS 378023, Case 82692)

• Fixed an issue where a deadlock could exist on server startup (TFS 378114, Case 83274)

• Fixed an issue where an event rule import that contained a large body would fail to import (TFS 377444, Case 82215)

• Fixed an issue where an ORA-01858 error was reported with an Event Rule that contained a generate report action (TFS 378818, Case 84953)

• Fixed an issue where EFT administrators were unable to create Event Rules when using a non-default server group (TFS 378832, Case 84877)

• Fixed an issue where Export/Import of Event Rules that contained AWE actions in EFT 8.0.4 would fail (TFS 379117, Case 85706)

• Fixed an issue where out of memory issues could be experienced when uploading large files to the cloud (TFS 379080, Case 88213)

• Fixed an issue where Azure blob connection profile fails to connect to Storagev2 configurations (TFS 378913)

• Fixed an issue where a Test connection in the Connection Profiles to AWS could cause the Admin UI to timeout (TFS 378821, Case 84987)

• Fixed an issue where S3 cloud monitor could not get a proper listing with 1000+ files (TFS 377324, Case 81642)

• Fixed an issue where EFT could run low on memory when performing multipart uploads via Cloud Upload actions (TFS 378144, Case 82545)

• Fixed an issue where masked variables in Event Rules were not masked in the EFT log (TFS 378239, Case 81686)

Encrypted Folders

• Fixed an issue where virtual folders mapped to a network share could not be added to EFT's Encrypted Folders (TFS 379074)

HA (High Availability)

• Fixed an issue where the EFT service could crash due to corruption in the MSMQ (TFS 378331, Case 84775)

ICAP (CIC)

• Fixed an issue where EFT could crash when ICAPConnectionTimeoutInMS was set above 2147483647 (TFS 378290, Case 83356)

• Fixed an issue where EFT could crash during certain ICAP operations (TFS 379116, Case 85743)

Logging

• Fixed an issue where the Administrator Permissions logger was not logging (TFS 379052, Case 85623)

• Fixed an issue where improper logger configuration could cause the EFT service to crash (TFS 376134, Case 79299)

EFT Outlook Add-in

• Fixed an issue where the OAI would fail to validate proper EFT polices (TFS 380051)

• Fixed an issue where a connection to OAI would prevent the deletion of the user in the EFT Admin UI (TFS 376624, Case 80389)

• Fixed an issue where OAI emails would conflict with encrypted emails (TFS 379325, Case 86222)

OpenPGP module

• Fixed an issue where PGP encryption action would fail on NetApp network folders (TFS 378119, Case 82925)

Remote Agent (RAM)

• Fixed an issue where dataset functionality would be available under Remote Agent rules (TFS 378252)

• Fixed an issue where EFT admins would be unable to edit the Remote Agent IP access list (TFS 378249, Case 84506)

SSH/SFTP

• Fixed an issue where 0KB files were downloaded from Linux servers with 640 permissions (TFS 378518, Case 84208)

VFS

• Fixed an issue where modifying the VFS permissions could crash the EFT service (TFS 377497, Case 82487)

Web Transfer Client (WTC) & Workspaces

• Fixed an issue where Received Items folder was hidden (TFS 378508)

• Fixed an issue where existing users were unable to access shared workspaces when Terms of Service or Privacy Policy were enabled but not previously accepted (TFS 378896)

• Fixed an issue where password resets would generate two email notifications (TFS 379095)

• Fixed an issue where a 508 Violation was identified in the landing page (TFS 378066)

• Fixed an issue where a 508 Violation was identified in the WTC Send portal (TFS 378068)

• Fixed an issue where Collaborative workspace participants could not access the workspaces via SFTP (TFS 379270, Case 86495)

• Fixed an issue where AD users needed permissions to the shared config when sending a Transactional Workspace (TFS 377988, Case 82589)

• Fixed an issue where AD account search was too slow when sharing a workspace (TFS 378212, Case 83122)

• Fixed an issue where workspace daily digest notifications were not being sent (TFS 378922, Case 83759)

• Fixed an issue where the WTC page would send the default PasswordRestConfirm.html template even when customized (TFS 379053, Case 85655)

• Fixed an issue where WTC users were not able to overwrite existing files (TFS 378220, Case 84333)

• Fixed an issue where WTC users were not able to Share a file larger than 5GB via the Send Portal (TFS 378517, Case 83932)

• Fixed an issue where Base64 encoded WTC credentials failed to login to WTC (TFS 378147)

• Fixed an issue where WTC users were not able to login after changing their password if it contained a + (TFS 377265, Case 80991)

• Fixed an issue where a sender's or recipients email was displayed in the invitation link URL (TFS 376994)

February 2021

Version 8.0.4.32

February 02, 2021

New Features

• Added support for Twilio custom verification code (TFS 378823)

• Updated PGP library (TFS 378983, Case 85355)

• Various Bug fixes

November 2020

Version 8.0.4.27

November 1, 2020

New Features

EFT Administration

• Added support for runtime templating, a means of setting reusable variables for paths and similar resources to facilitate DR and migrations (TFS 373679)

• Added support for Datasets, which are easier to use and more powerful than arrays, a variable type that can hold tabular data (TFS 373163)

• Added a new Event Rule action that will download a remote file listing and store the results in a Dataset (TFS 373167)

• Added a new Event Rule action to loop through each element in a Dataset (TFS 373169)

• Added support for break from loop for datasets in Event Rules (TFS 373170)

• Added a new Event Rule action to read the contents of a Dataset and output those to a .CSV file (TFS 374260)

• Added a new Event Rule action to store the contents of a .CSV file into a Dataset (TFS 374261)

• Added an option to output PowerShell debug logging to a separate file, independent of EFT's primary log file (TFS 374313)

• Added two additional AWS regions (EU (Milan) and Africa (Cape Town)) to EFT's AWS cloud actions (TFS 375029)

• Added a customizable upload forms feature for collecting metadata from users prior to uploading files, which can be utilized by Event Rules (TFS 374804)

• Added a prompt to the EFT Admin GUI that will warn administrators when enabling cipher suites that may be vulnerable to Raccoon (TFS 377846)

Advanced Properties

• Added ability to default HTTP socket timeout (HTTPSocketDefaultTimeout) (TFS 375327, Case 77746)

• Added ability to set sub-folder Remote listings in Datasets to parse recursively. The default value is 10 (GetListingActionMaxRecursion) (TFS 373167)

• Added ability to set the number of records to display in the WTC Sent items view (outbox) and Received items view (inbox). The default value is 50. (BigCollectionsPageSize) (TFS 370374, 370375)

• Added ability to restore legacy Dictionary password complexity functionality. The default value is False (DictionaryLegacyCheckIncludeSpecialDigits) (TFS 374099)

• Added ability to enable/disable cipher aes128-gcm@openssh.com. The default value is Enabled (SFTP2_AES128_GCM_AT_OPENSSH_COM) (TFS 372451)

• Added ability to enable/disable cipher aes192. The default value is Enabled (SFTP2_AES192) (TFS 372451)

• Added ability to enable/disable cipher aes192-ctr. The default value is Enabled (SFTP2_AES192CTR ) (TFS 372451)

• Added ability to enable/disable cipher aes256-gcm@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

• Added ability to enable/disable cipher chacha20-poly1305@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

• Added ability to enable/disable cipher rijndael-cbc@lysator.liu.se. The default value is Enabled (SFTP2_RIJNDAEL_CBC_AT_LYSATOR_LIU_SE) (TFS 372451)

• Added ability to enable/disable MAC hmac-sha1-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA1_ETM_AT_OPENSSH_COM) (TFS 375033)

• Added ability to enable/disable MAC hmac-sha2-256-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_256_ETM_AT_OPENSSH_COM) (TFS 375033)

• Added ability to enable/disable MAC hmac-sha2-512-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_512_ETM_AT_OPENSSH_COM) (TFS 375033)

• Added ability to enable/disable MAC umac-64@openssh.com. The default value is Enabled (SFTP2_UMAC_64_AT_OPENSSH_COM) (TFS 375033)

• Added ability to enable/disable MAC umac-64-etm@openssh.com. The default value is Enabled (SFTP2_UMAC_64_ETM_AT_OPENSSH_COM) (TFS 375033)

• Added ability to allow user-agent to skip 2FA/MFA (UserAgentHeaderSkipOTP) (TFS 374817)

• Added a new advanced property that would allow admins to export AWE tasks from EFT's database to their legacy file paths (AutoExportAllAWTasksToFiles) (TFS 374755)

AS2

• Added the ability to allow values that exceed 600 seconds for the response and message send timeout setting (TFS 374078, Case 69531)

COM API

• ICIServer, CreateSSHKey and CreateSSHKeyRemotely; changed nKeyBits to nKeyParams

• ICISite, CreateSSHKeyPair, changed changed KeyBits to KeyParams

• Added the following methods to ICISite:

  • AddUploadForm

  • DeleteUploadForm

  • EnableUsers

  • GetUploadForm

  • UpdateUploadForm

• Added the following properties:

  • EnableMfa

  • MfaType

  • SmsProviderProfile

  • UploadFormsList

  • WebSSORedirectToSsoServiceBypassingLoginPage

  • WorkspacesMfaType

  • WorkspacesOAIMfaType

• ICIClientSettingInterface, added the following functions:

  • GetRequireMfa

  • SetRequireMfa

  • ICIEventRule, added the AddLoopDatasetStatement method

• ICIActionStatements, added the following methods:

  • AddActionStatement

  • AddIfStatement

  • AddLoopDatasetStatement

• Added the ICILoopDatasetStatement interface, with the following methods:

  • AddActionStatement

  • AddIfStatement

  • AddLoopDatasetStatement

  • DeleteStatement

  • GetParams and SetParams

  • StatementsCount

  • Statement

• Added ICICsvExportActionParams and ICICsvImportActionParams

• Added ICIGetListingActionParams Interface

• Added ICILoopDatasetStatement Interface

• Added ICILoopDatasetStatementParams Interface

• Added ICIUploadForm interface

• Added ICIUploadFormElement interface

• Added ICITwilioSmsProviderProfile interface

• In the ICISimpleCondition interface, added the UseRegex property.

• Enums added:

  • MFA type to specify whether to use email, SMS or either for second authentication

  • LoopDatasetStatement to EventRuleStatementType enum

  • LoopOrderType, used in the ICILoopDatasetStatementParams LoopOrder property

  • GetListingAction, LoopBreakAction, CsvImportAction, and CsvExportAction to EventActionType

  • FileDateFormat

  • UploadFormComType

  • UploadFormElementComType

REST API

• Added underlying support for RESTful APIs in accordance with JSON:API principles (TFS 374144)

• Added the ability to assign REST permissions to EFT administrator accounts (TFS 375336)

• Added RESTful API endpoints for user account and VFS management configuration (TFS 374152)

• Added the ability to create granular permissions for RESTful access to end points, down to the individual element (TFS 375337)

• Added support for REST which allows EFT admins to create users and read all their settings but not delete them [users] or update them [users](TFS 375337)

• Added support for REST which allows EFT admins to create users except for a user name matching "Administrator"(TFS 375337)

• Added support for REST which allows EFT admins to read all the configuration for all users for a given site named (TFS 375337)

• Added support for REST which allows EFT admins to read the AllowSecureFolderSharing value for users in the Guest template, but cannot read any other values or do anything else (TFS 375337)

• Added support for REST which allows EFT admins to read the configuration to find out everything about all users in Site under template "Guest Users" but not make any changes to those users (TFS 375337)

• Added support for REST which allows EFT admins to update everything about any user (TFS 375337)

• Added support for REST which allows EFT admins to update everything about any user except for changing their SFTP key (TFS 375337)

• Added support for REST which allows EFT admins to update all users except for a user matching a specific name (TFS 375337)

• Added support for REST which allows EFT admins to update users but not create them or delete them (TFS 375337)

• Added support for REST which allows EFT admins to delete users (TFS 375337)

• Added support for REST which allows EFT admins to delete all users except for a specific user name (TFS 375337)

• Added support for REST which allows EFT admins to execute the Generate pass function for all users (TFS 375337)

SAML

• Added the ability to leverage federated authentication for Guest users, including SSO and JIT, where desirable (TFS 374120)

SSH/SFTP

• Added support for aes256-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

• Added support for rijndael-cbc@lysator.liu.se SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

• Added support for aes192-ctr SSH cipher in Non-FIPS mode (TFS 372451)

• Added support for aes192-cbc SSH cipher in Non-FIPS mode (TFS 372451)

• Added support for aes128-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

• Added support for chacha20-poly1305@openssh.com SSH cipher in Non-FIPS mode (TFS 372451)

• Added legacy support for cast128-cbc SSH cipher in Non-FIPS mode (TFS 372451)

• Added legacy support for blowfish-cbc SSH cipher in Non-FIPS mode (TFS 372451)

• Added legacy support for arcfour SSH cipher in Non-FIPS mode (TFS 372451)

• Added new advanced properties to enable/disable certain ciphers for client outbound (TFS 372451)

• Added support for hmac-sha2-512-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

• Added support for hmac-sha2-256-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

• Added support for hmac-sha1-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

• Added support for umac-64-etm@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

• Added support for umac-64@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

• Added new advanced properties to enable/disable certain MACs for client outbound (TFS 375033)

• Added the ability to choose SFTP key type upon creation (TFS 370229)

• Added backward compatibility for DSS keys (TFS 372452)

• Added support for ecdh-sha2-nistp521 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

• Added support for ecdh-sha2-nistp384 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

• Added support for ecdh-sha2-nistp256 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

• Added support for diffie-hellman-group18-sha512 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

• Added support for curve25519-sha256 SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

• Added support for curve25519-sha256@libssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

• Added support for sntrup4591761x25519-sha512@tinyssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

• Added back the ability to see negotiated SFTP cipher suites to EFT's client (outbound) logs (TFS 373618)

Web Transfer Client (WTC) & Workspaces Changes

• Added support for SMS 2nd factor validation for guest account enrollment (registration) and for normal authentication (TFS 374817)

• Added a new shared folder (Workspaces) history section to the Web Transfer Client for owners and participants (TFS 374884)

• Added a Received items (inbox) section to the Web Transfer Client for users to see messages and files sent to them (TFS 370375)

• Added a Sent items (outbox) section to the Web Transfer Client for users to see messages and files they've sent to others (TFS 370374)

Enhancements

EFT Administration

• Enhanced the password dictionary validation feature so that dictionary words surrounded by non-alphabet characters are detected and blocked (TFS 374099, Case 75599)

• Updated the text under the Logs tab to reflect "Audit event rule client outbound transfer" instead of "Diagnostic Logging Settings" (TFS 376313)

• Optimized EFT's folder monitor polling so that it wouldn't attempt to open file hands for files matching extension exclusion conditions (TFS 373182)

• Modified EFT's import/export of Event Rules to match the json format supported by EFT's RESTful APIs (TFS 374054)

• Modified the 'Variable' action so that it uses only a single line, making it easier to visually parse (TFS 374308)

• Modified encrypted folder and personal data secrets so they are randomized by default and can be viewed or overridden by admins (TFS 373411)

Advanced Properties

• Updated default value for Advanced Property SFTP2_ARCFOUR to False (TFS 372451)

• Updated default value for Advanced Property SFTP2_Blowfish to False (TFS 372451)

• Updated default value for Advanced Property SFTP2_CAST128 to False (TFS 372451)

• Updated default value for Advanced Property SFTP2_MD5 to False (TFS 375033)

• Updated default value for Advanced Property SFTP2_MD5_96 to False (TFS 375033)

• Updated default value for Advanced Property SFTP2_SHA1_96 to False (TFS 375033)

Outlook Add-in (OAI)

• Modified the Outlook Add-in to avoid message preparation when the add-in is not being used to handle attachments (TFS 377131, Case 80889)

REST API

• Modified EFT's existing RESTful APIs for Server and Site endpoints to adhere to JSON:API (TFS 374361)

SSH/SFTP

• Prohibit the ability to generate rsa SSH keys less than 2048 bit in FIPS mode (TFS 375076)

• Prohibit the ability to use SSH keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

• Prohibit the use of "diffie-hellman-group1-sha1" SSH KEX (for both client and server) in FIPS mode (TFS 375076)

• Prohibit the use of "hmac-sha1-96" SSH MAC (for both client and server) in FIPS mode (TFS 375076)

• Enabled by default "hmac-sha1" SSH MAC (for client) in both FIPS and non-FIPS mode (TFS 375076)

• Prohibit the ability to generate rsa SSH keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

• Ciphers are now ordered by strength, favoring FIPS approved ciphers, with only FIPS approved ciphers enabled by default (TFS 372451)

• EFT admins will now be warned if they enable insecure ciphers (3des-cbc, cast128-cbc, blowfish-cbc, arcfour) in Non-FIPS mode (TFS 372451)

• EFT admins will now be warned if they enable insecure cipher 3des-cbc in FIPS mode (TFS 372451)

• The following ciphers are now enabled by default (due to FIPS-compliance): aes256-gcm@openssh.com, aes256-ctr, aes256-cbc, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc, aes128-gcm@openssh, aes128-ctr, aes128-cbc (TFS 372451)

• The following ciphers are now enabled on upgrade: aes256-gcm@openssh.com, aes128-gcm@openssh, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc (TFS 372451)

• Improved TED6 log verbosity with newer SSH library (TFS 373819, Case 72767)

• The following MACs are now enabled by default (due to FIPS-compliance): hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

• The following MACs are now enabled on upgrade: hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

• KEX ciphers are now ordered by strength, favoring FIPS approved KEXes, with only FIPS approved KEXes enabled by default (TFS 372613, Case 77147)

• The following KEX ciphers are now enabled by default (due to FIPS-compliance): ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 (TFS 372613, Case 77147)

• KEX cipher diffie-hellman-group18-sha512 will not be enabled by default (despite the fact that its FIPS-compliance) due to its poor performance behavior (TFS 372613, Case 77147)

• The following KEX ciphers are now enabled on upgrade: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256 (TFS 372613, Case 77147)

• The following KEX ciphers are enabled by default for Client connections in both FIPS and Non-FIPS mode: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group18-sha512, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

• The following KEX ciphers are enabled by default for Client connections in Non-FIPS mode: curve25519-sha256, curve25519-sha256@libssh.org, sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

SSL

• Updated SSL Library to 1.0.2u (TFS 375029)

• Prohibit the ability to generate rsa SSL keys less than 2048 bit in FIPS mode (TFS 375076)

• Prohibit the ability to use SSL keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

• Prohibit the ability to generate rsa SSL keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

WTC/Workspaces

• Updated jQuery to v3.5.1 (TFS 376501, Case 80133)

Fixes

EFT Administration

• Fixed an issue where EFT could hang after applying a change to the group and domain for an AD site (TFS 369730, Case 65993)

• Fixed an issue where EFT would fail to create a GSAuth account when RSA manage password is enabled (TFS 375388, Case 78173)

• Fixed an issue where a deadlock could be exhibited when stopping the EFT service via the Service Manager (TFS 371230, Case 70079)

• Fixed an issue where the quick search produced incorrect results for connection profiles in upload/download actions (TFS 375328, Case 77625)

• Fixed an issue where LDAP users could no longer login after changing the OU (TFS 374566, Case 75760)

• Fixed an issue where the AWE mail registry SMTP Password would be overwritten when the EFT Admin GUI's SMTP settings were modified (TFS 376198, Case 78079)

• Fixed an issue where a potential deadlock could cause a hang on the EFT Admin GUI (TFS 376222,376433,376389, Case 78656,79826, 80385, 80914)

• Fixed an issue where a potential deadlock could cause HTTPs connections to fail (TFS 377021, Case 81348)

• Fixed an issue where FTP listing on chrome would list an empty directory (TFS 377050, Case 80506)

• Fixed an issue where plain FTP via DMZ would not work (TFS 376912, Case 78948)

• Fixed an issue where upgrades to EFT 8.0 could fail when duplicate Event Rule folder names existed (TFS 377445, Case 82273)

• Fixed an issue where upgrades to EFT 8.0 could fail when duplicate ssh public existed (TFS 377002, Case 80370)

• Fixed an issue where upgrades to EFT 8.0 could fail when workspaces included duplicate names in upper and lowercase (TFS 376973, Case 80443)

• Fixed an issue where server admin permissions could disappear after upgrading to EFT 8.0 (TFS 377672, Case 81472)

• Fixed an issue where upgrades to EFT 8.0 could fail when a certificate resided in both the pending and trusted list (TFS 376153, Case 79408)

• Fixed an issue where upgrades to EFT 8.0 could fail when an Event Rule contained Mail action (TFS 377457, Case 82232)

• Fixed an issue where the EFT Admin GUI could run out of memory with heavy configurations (TFS 377338, Case 82025)

• Fixed an issue where EFT Admins would receive an error when specifying remote SSH keys in Event Rules (TFS 376118)

ARM

• Fixed an issue where the Activity - by Users reports were misleading with the data being pulled. (TFS 374125)

• Fixed an issue where the reports using fact tables would group several lines for each group. (TFS 374454)

• Fixed an issue where EFT would audit 0kb when AS2 transactions are successful (TFS 376257, Case 79486)

AWE

• Fixed an issue where a race condition was seen when running GSAWE.exe that caused an AWE licensing error (TFS 372374, 71032)

• Fixed an issue where the AWE OCR action would not work (TFS 375343, Case 76553)

COM API

• Fixed an issue where user admins could not enable a user account via COM (TFS 373315, Case 74441)

Event Rules

• Fixed an issue where Timer Event Rules - Exclude UK Holidays had missing days (TFS 376875, Case 78879)

• Fixed an issue where the Event Rule change log would not properly update after clicking Apply (TFS 376277, Case 79465)

HA (High Availability)

• Fixed an issue where Event Rule master would send MSMQ tasking message to itself when it shouldn't be (TFS 376320)

ICAP/CIC

• Fixed an issue where the host header in a CIC request would send a request to http.example.com (TFS 377358, Case 81443)

Installer

• Fixed an issue where EFT would fail installation when CWDIllegalInDllSearch registry is configured (TFS 373910, Case 70840)

Logging

• Changed log level to ERROR for AML export errors (TFS 376480)

• Fixed an issue where the wrong log level for Folder Monitor reconnect events was used (TFS 375800, Case 78333)

Outlook Add-in

• Fixed an issue where duplicate email stuck in outbox when encrypted with zed mail (TFS 374623, Case 75460)

PCI DSS

• Fixed an issue where PCI compliance reports would report failures due to password security for remote agents (TFS 377808, Case 82083)

Remote Agent (RAM)

• Fixed an issue where a remote agent could crash when the source path is configured with a virtual local path (TFS 376602, Case 80300)

SAML SSO

• Fixed an issue where the SAML SSO JIT user template pulldown can set incorrect user setting template (TFS 375614)

• Fixed an issue where the SAML SSO JIT user email attribute taken from username attribute, not email attribute (TFS 375677)

• Fixed an issue where users were presented with a 404 on the reply portal when using SSO (TFS 374791, Case 76465)

SSH/SFTP

• Fixed an issue where EFT could crash when opening a file/folder (TFS 375556, Case 78436)

VFS

• Fixed an issue where EFT startup performance would be affected by large number of virtual folders (TFS 374893, Case 76483)

Web Transfer Client (WTC) & Workspaces

• Fixed an issue where "Expires:" headers were sent twice via our WTC page (TFS 375389)

• Fixed an issue where Workspaces participants could not share their root folder (TFS 376164)

• Fixed an issue where the From field in Send requests did not enforce server side validation (TFS 376091)

• Fixed an issue where password resets were treated as successful but actually failed (TFS 375161, Case 76747)

• Fixed an issue where customization changes in theme.json were not properly applied (TFS 374598)

• Fixed an issue when viewing a workspace (as invitee) the update is active but would not display a progress bar (TFS 376221)

• Fixed an issue where session tokens were not properly randomized (TFS 376419, Case 79654)

• Fixed an issue where default datetime format was not defaulted to US (TFS 376870)

• Fixed an issue where passwords with trailing spaces would get trimmed (TFS 375354, Case 77494)

• Fixed an issue where Workspace invitation acceptance would fail if user already had a session open (TFS 377040, Case 81196)

• Fixed an issue where duplicate file uploads to WTC could break upload functionality in the current session (TFS 377266, Case 80852)

• Fixed an issue where copy/paste function when inviting someone to a workspace would fail in IE11 (TFS 376708, Case 80348)

• Fixed an issue where a folder with "#" in the name would cause an error in WTC (TFS 375243, Case 77426)

• Fixed an issue where EFT's Terms of Service and forced password reset would cause a permission denied error (TFS 376510, Case 79430)

• Fixed an issue where WTC retry would fail with error 406 on Firefox (TFS 376199, Case 78233)

June 2020

Version 8.0.2.23

June 14, 2020

New Features

• Added subscription licensing for EFT and most modules

• Restored ability to customize default values for Workspaces permissions (TFS 376117, Case 78957)

• Restored ability to customize default values for Workspaces participant limits (TFS 376121, Case 78957)

May 2020

Version 8.0.2.19

May 10, 2020

New Features

Advanced Properties

• EFT now provides the ability to override the port used in all workspace email notifications. This is useful when the DMZ Gateway is on a non-default port (e.g., 4443) and differs from the site port (i.e., 443). When enabled, all workspace emails (Send/Share/Request/etc.) will now use and append the PORT defined via the Advanced Property regardless of the Send Settings URL:PORT or Site DMZ port configuration. This property is disabled by default (ExternalLinkPortOverride) (TFS 371388)

• Ability for WTC reserved file/folder caching for HTTP(S) requests to cache based on file size instead of an entire directory. This property is disabled by default. (MaxCachedReservedFileSizeKB) (TFS 373650)

Enhancements

• Ability to cache WTC reserved files/folders located under .../EFT Server Enterprise/web/public/EFTClient/wtc/lib/, this property is enabled by default (CacheReservedFiles) (TFS 373650)

Fixes

Web Transfer Client (WTC) & Workspaces

• Fixed an issue where the WTC page failed to load for external domains when EFT is configured with both Internal (with SAML SSO) and External domains (TFS 375093)

• Fixed an issue where WTC customization failed when configured with multiple sites (TFS 375253)

• Fixed an issue where upgrades to EFT 8.0 could fail because of duplicated workspaces (TFS 375535)

• Fixed an issue where EFT may crash on rare instances when configured with AD and authenticating with Internal/External workspace users (TFS 375040)

• Fixed an issue where upgrades to EFT Express 8.0 could fail due to incorrect data in the local db files (TFS 375555)

• Fixed an issue where ignored logging to the authentication and protocols tables were not being honored (TFS 375543)

• Fixed an issue where upgrades to EFT 8.0 could fail because of non-existing workspaces (TFS 375497)

• Fixed an issue where upgrades to EFT 8.0 could fail because of missing permissions or non-unique connection profiles (TFS 375683)

• Fixed an issue where upgrades to EFT 8.0.2 could cause Remote Agents Event Rule downloads to fail (TFS 375750)

March 2020

Version 8.0.2.10

March 25, 2020

New Features

EFT Administration Changes

• Added option to schedule FACT table updates (TFS 373489)

Advanced Properties

• By default, EFT uses non-exclusive file-sharing mode when processing file uploads. With this advanced property (UseExclusiveSharingModeForUploads) (TFS 374129), EFT can be configured to use exclusive sharing mode for uploads (i.e., file locking)

COM API

• Added enums and a Site interface property to support the Out-of-Band passcode to pick-up files in EFT. (Please refer to the EFT administration help contents.)

• WorkspacesOAIPasscodeProtectionType enum, used in the ICISite property, WorkspacesOAIPasscodeProtection to specify whether the EFT administrator requires a passcode, does not require, or is chosen by the email sender.

Web Transfer Client (WTC) & Workspaces Changes

• Added ability to Secure Send without attachment (Send portal and Outlook Add-in) (TFS 370270)

• Added ability to request passcode for file pick-up (TFS 361146)

• Added ability to redirect to login page instead of registration page for internal domains (TFS 373043)

Enhancements

Web Transfer Client (WTC) & Workspaces Changes

• Re-wrote our web application based on more modern frameworks, refactoring it completely to emphasize performance while maintaining the same functionality as before. The net result is faster, more streamlined operations on the client side, with reduced performance impact on the server side. (TFS 373849)

• Removed our legacy Jument WTC from the EFT installer (TFS 374773)

Fixes

EFT Admin GUI

• Fixed an issue where EFT would allow AD admins to authenticate when not permitted (TFS 374195)

• Fixed an issue where EFT would not respect server-level permissions (TFS 374330)

• Fixed an issue where the Admin GUI may crash due to nested workspaces (TFS 374281)

• Fixed an issue where enabling Encryption folders would cause open windows on the background to be displayed in the forefront (TFS 374831)

• Fixed an issue where remote admin GUI would fail to display the GDPR report (TFS 374567)

• Fixed an issue where a memory leak may exist in SSL_AES256_CBC_Encrypt (TFS 374865)

ARM

• Fixed an issue where the Traffic-Average Transfer Rates by User would report groups by protocol instead of site (TFS 374441)

• Fixed an issue where the report "Activity - File Scanned Data Results" was missing in EFT Express (TFS 374150)

Event Rules

• Fixed an issue where the GUI may not display Else condition after saving and refreshing an event rule (TFS 374154)

• Fixed an issue where the Virtual Path condition may not work properly (TFS 374139)

• Fixed an issue where the EFT service may crash when trying to delete user while "On User Account Deleted" event rule is active (TFS 370599)

• Fixed an issue where the Event Scheduler may crash on service stop (TFS 371951)

Installer

• Fixed an issue where some upgrades to EFT 8.0 would fail during the copy serialization (TFS 374421)

• Fixed an issue where some upgrades to EFT 8.0 would fail when custom calendar selectors contained duplicated case sensitive entries (TFS 374565)

• Fixed an issue during upgrade from EFT Express to EFT Enterprise while changing the configuration path would lead to duplicate config and binaries of EFT folders (TFS 368531)

• Fixed an issue where upon upgrade to EFT 8.0 poor loading performance was experienced on the FileAudit.db (TFS 374194)

• Fixed an issue where an upgrade to EFT 8.0 could fail due to a deleted workspace (TFS 374280)

• Fixed an issue where an upgrade to EFT 8.0 could fail when a Remote Agent template is in the Awaiting Approval state (TFS 374258)

• Fixed an issue where on an HA install, selecting Modify and changing the ARM server to a different SQL server was not saved (TFS 374238)

• Fixed an issue where an upgrade to EFT 8.0 could fail when incorrect values exist in Client IP access (TFS 374846)

• Fixed an issue where an upgrade to EFT 8.0 could fail when an incorrect participation value exists in the workspaces.db (TFS 374845)

Outlook Add-in

• Fixed an issue where the Outlook Add-in was treated as an untrusted publisher (TFS 374635)

• Fixed an issue where files sent via the OAI (Outlook Add-in) that contain # in the filename were not available in the pick-up portal (TFS 374077)

• Fixed an issue where emails can become stuck in the outbox when the Outlook Add-in is configured with Zedmail add-in (TFS 374053)

• Fixed the copyright dates on the Outlook Add-in UI (TFS 372700)

PCI DSS

• Fixed an issue where some users may be disabled every night on a PCI site (TFS 374577)

• Fixed an issue where server admins were not required to use complex passwords when PCI is enabled (TFS 374807)

REST API

• Fixed an issue where the EFT Express would allow folder creation via REST (TFS 374113)

SAML

• Fixed an issue where SAML JIT password fail password complexity when enabled(TFS 374357)

Web Services

• Fixed an issue where InvokeWebService action works wrong with Location Header (TFS 373928)

Web Transfer Client (WTC) & Workspaces

• Fixed an issue when sharing a workspace with # the recipient could not register for access (TFS 373156)

• Fixed an issue in which an expected error message that should be presented when trying to share a workspace with an external user is not being presented (TFS 374100)

• Fixed an issue where authenticated external users were unable to reply to send requests without access to their home folder (TFS 374777)

• Fixed an issue where the TOS (Terms of Service) and Privacy policy prompts were not working on the various portals (TFS 371808)

• Fixed an issue where workspaces fails to redirect new external participants to their workspace when taking less than 60 minutes between registration and verification (TFS 371972)

February 2020

Version 8.0.1.4

February 09, 2020

New Features

EFT Administration Changes

• EFT now provides a "Secrets module" under the Security tab, which provides the ability to encrypt certain EFT passwords locally or via Azure's Key Vault (AKV) (TFS 372081)

• EFT now supports Azure's Data Lake Storage Gen2 (ADLSg2) (TFS 372082)

• EFT now provides the ability to override VFS credentials (TFS 372229)

• EFT now supports REST API for Event Rules (TFS 372230)

Fixes

EFT Admin GUI

• Fixed an issue where an LDAP site failed to pull users in the UI but would allow authentication (TFS 369709)

• Fixed an issue where the Admin GUI would truncate virtual folder paths larger than 260 characters (TFS 371035)

• Fixed an issue where the Admin GUI did not properly apply the certificate to the Administration Service (TFS 373685)

• Fixed an issue where the EFT Site Wizard UI would not follow the proper flow after pressing the back button (TFS 373735)

• Fixed an issue where user login authentications may fail after SSL options at the user level are modified (TFS 374027)

• Fixed an issue where the Admin GUI displayed the wrong CIC profile when editing an event rule for a SCAN file action (TFS 374051)

• Fixed an issue where the EFT Admin GUI could crash when pressing refresh while viewing a report (TFS 374089)

Auth AD

• Fixed where EFT was unable to authenticate an AD user (with UPN) on EFT Express (TFS 373552)

AWE

• Fixed an issue where concurrent EFT Admins may use the same tmp file for editing AWE tasks (TFS 373762)

Event Rules

• Fixed an issue where the focus in the Admin GUI was lost when adding variables to the subject field in an email action (TFS 374065)

• Fixed an issue where the Event Rules "Stop Processing Rule" was always enabled (TFS 373879)

• Fixed an issue where EFT would change the date modified timestamp in copy/move action changes on the destination file (TFS 373600)

FTP

• Fixed an issue where the EFT service could crash via FTP (TFS 373856)

• Fixed an issue where EFT failed to connect in FTP PASV mode when using DMZ as a proxy (TFS 371118)

GDPR

• Fixed an issue where GDPR Article 32:(4) would not follow proper logic (TFS 373712)

• Fixed an issue where DPIA Report logic for Article 32:(4) would not follow proper logic (TFS 374063)

Installer

• Fixed an issue where some upgrades to EFT 8.0 would fail when upgrading from a large FTP.cfg file (TFS 373712)

• Fixed an issue where some upgrades to EFT 8.0 would fail when certain EFT admins had misconfigured permissions (TFS 374116)

SFTP

• Fixed an issue where the EFT could be flooded by network connections (TFS 373683)

Web Transfer Client (WTC)

• Fixed an issue where the PowerShell script to customize WTC failed to run (TFS 37458)

• Fixed an issue where the EFT would report a status code of 200 when failing to log on (TFS 373101)

COM API

• Added enums, properties, and methods to support the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality in EFT. (For details of the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality, please refer to the EFT help contents.)

Enums:

• SecretsModuleType

• CloudProviderType_AzureDataLakeStorageGen2

• Properties in ICISiteInterface:

• OverrideVFSCredentialsEnable

• OverrideVFSCredentialsLogin

• OverrideVFSCredentialsPassword

• SecretsModuleClientID

• SecretsModuleClientSecret

• SecretsModuleType

• SecretsModuleURL

• Methods in ICICloudStorageMonitorEventRuleParams:

• GetAzureDLSgen2GeneralParams

• SetAzureDLSgen2GeneralParams

January 2020

Version 8.0.0.38

January 13, 2020

New Features

EFT Administration

• The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)

• EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)

• The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)

• Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)

• Added a separate control the Request File page/portal URL (TFS 371245)

• Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)

• Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)

• A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)

• Added SAML assertion map attribute to email field (TFS 369964)

• Added new Site-Level Counters

• User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users

• User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections

• User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

• Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32

• Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory

• Templates – number of templates defined for this site. Updated infrequently

• User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently

• User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently

• User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

• User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections

• User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users

• Workspaces Drop-offs – number of drop-off requests active and not expired

• Workspaces File Sends – number of file send operations that are active and have not yet expired

• Workspaces Folders Shared – number of folder shares that are active and have not yet expired

• Updated the Amazon S3 Region list (TFS 373493)

• Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)

• Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)

• SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)

• Each site has its own set of SSH keys

• Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db

• The SSH creation and management GUIs were changed accordingly

• OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)

• Workspaces tabs have been consolidated into the Site > Web tab

Advanced Properties

• Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).

• To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

• To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)

• To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)

• To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)

• To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)

• To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)

• To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)

• To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)

• To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)

• To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

• To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)

• Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)

• Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

• Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)

• Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

• Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)

• Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)

• To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)

• To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)

• To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)

• To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)

• To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)

• To disable cache for DN Type in Active Directory sites (TFS 367876)

• Added to skip auditing of:

  • Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)

  • Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)

  • Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)

  • Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);

  • Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)

  • Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)

  • Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)

  • RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)

  • User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)

  • All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)

  • ‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)

  • Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete

  • Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)

Auditing and Reporting

• Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)

  • Provided the ability to control what EFT Audits within the following tables (TFS 369778):

  • tbl_SocketConnections

  • tbl_ProtocolCommands

  • tbl_AS2Transactions

• Improved error messages logged when failing to connect tOracle databases (TFS 369217)

• ARM schema tables added:

  • AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)

  • AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)

  • NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)

  • NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)

  • PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)

  • PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)

  • ScanDataAction to contain list of scanned files and scan results (TFS 365254)

  • PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)

• Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)

• Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)

• Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)

• Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)

• Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)

• Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)

• Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)

• Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)

• Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)

• Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)

• Added ARM reports:

  • “Workspaces – Folders Unshared”

  • “Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)

  • “Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)

  • “Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)

  • “Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)

  • “Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)

  • “Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)

  • “Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)

  • “Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)

  • “Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)

Workspaces

• Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)

COM API

• In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)

• UTF8Logs property

• In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)

• PGP Key properties and methods:

  • CreatePGPKey

  • ExportPGPKey, ImportPGPKey

  • PGPKeys

  • RemovePGPKey

  • Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.

• SSH Key properties and methods:

  • CreateSSHKeyPair

  • ExportSSHPrivateKey, ImportSSHPrivateKey

  • ExportSSHPublicKey, ImportSSHPublicKey

  • GetSSHKeyForSFTP, SetSSHKeyForSFTP

  • RemoveSSHKey

  • RenameSSHKey

  • SSHKeys

• Privacy-related changes:

  • GetClientDataField, SetClientDataField

  • GetPrivacyPolicy, SetPrivacyPolicy

  • GetTermsOfService, SetTermsOfService

  • GetGDPRSettings, SetGDPRSettings

• Workspaces Properties:

  • WorkspacesDomainsToForbidInviteeAddresses

  • WorkspacesEnableDomainsToForbidInviteeAddresses

  • WorkspacesOAIDomainsToForbidInviteeAddresses

  • WorkspacesOAIEnableDomainsToForbidInviteeAddresses

  • WorkspacesOAIEnableDomainsToLimitInviteeAddresses

  • WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute

• Content Integrity Control profile management methods and properties

• GetVirtualFolderList Properties (TFS 368492):

  • Calls with empty parameters work as previous behavior

  • Improvements with data returns of virtual folders that are inside the folder

• In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId

• In the ICISSHKeyInfo interface, added HasPrivate property

• In the ICIManualIPAccessRule interface, added Reason property

• Interfaces added for new Event Rule Actions:

  • ICICallSubroutineActionParams interface

  • ICIDefineVariableActionParams interface

  • ICIRunPowerShellScriptActionParams interface

  • Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):

  • ICIClientDataField interface

  • ICIGDPRSettings Interface

  • ICIPrivacyPolicy interface

  • ICITermsOfService interface

• Enums:

  • In the AdminAccountType enum, added ADGroupAccount

  • In the AdminPermissionsPolicy enum, added ManagePersonalData

  • In the EventType enum, added EventRuleSubroutine

  • In the EventActionTypeenum, added:

    • DefineVariableAction

    • RunPowerShellScriptAction

    • CallSubroutineAction

  • In the EventProperty enum, added:

    • FileExtension

    • ClientGDPRSubjectStatus

    • ClientGDPRConsentStatus

    • ClientGDPRReason

    • ClientGDPRRightExercised

    • New ClientDataField enum

    • New GDPRTermsofServiceMode enum

    • New GDPRPrivacyPolicyMode enum

    • New GDPRSubjectStatus enum

    • New GDPRPrivacyPolicyConsentStatus enum

    • New GDPRTermsOfServiceConsentStatus enum

  • In UserAccountActionType enum, added:

    • EnableAccount

    • PersonalDataDeleteFields

    • PersonalDataResetToDefaults

    • PersonalDataSetEnabled

    • PersonalDataSetModifiable

    • PersonalDataSetVisible

    • SetEUDataSubjectStatus

    • SetPrivacyPolicyConsent

    • SetTermsOfServiceConsent

March 2019

Version 7.4.13

March 14, 2019

Security fixes

• Added security patch updates for potential vulnerabilities:

These updates address recently identified potential security vulnerabilities that affect system availability. They do not indicate data security risk. While there are no known exploitation of these vulnerabilities, we recommend upgrading as soon as possible to avoid potential risk.

Patches are available for the following versions here:

• 7.4.13.14 (Enterprise and Express)

• 7.4.11.34 (Enterprise and Express)

• 7.4.10.6 (Enterprise and Express)

• 7.4.9.11 (Enterprise and Express)

• 7.4.7.18 (Enterprise and Express)

• 7.4.7.15 (Enterprise and Express)

• 7.4.5.8 (Enterprise and Express)

• 7.4.5.7 (Enterprise and Express)

• 7.4.5.6 (Enterprise and Express)

Further information about these vulnerabilities is available here.

Original release, February 13, 2019

New Features

• Added Encrypted Folders, an EFT-managed feature to encrypt/decrypt data at rest in a transparent, streaming fashion

• Added support for Just-in-Time (JIT) user account provisioning for SAML initiated logins

• Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)

• Added automatic file download to the DirectDownload.htm template

• Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.

• Added a User Account Action to allow administrators to effect changes to accounts in an automated fashion

• Added logs to alert administrator when an IP address has been banned

• Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance

• Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked port

Enhancements

• Optimized disk quota calculations so that they occur on user account logon rather than upon service start

• Enhanced usability during initial account registration and change password requests by showing password complexity requirements

• Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols

• Updated OpenSSL library to 1.0.2q

• Updated OpenSSH derived library to latest version 7.9.0.0

• Updated Web Transfer Client login page and localization features

• Removed direct download links from workspace's email template

Fixes

• Numerous bug fixes were released in this version of EFT.

February 2019

Version 7.4.13

February 13, 2019

New Features

• Added Encrypted Folders, an EFT-managed feature to encrypt/decrypt data at rest in a transparent, streaming fashion

• Added support for Just-in-Time (JIT) user account provisioning for SAML initiated logins

• Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)

• Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance

• Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked port

• Added logs to alert administrator when an IP address has been banned

• Added a User Account Action to allow administrators to effect changes to accounts in an automated fashion

• Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.

• Added automatic file download to the DirectDownload.htm template

Enhancements

• Optimized disk quota calculations so that they occur on user account logon rather than upon service start

• Enhanced usability during initial account registration and change password requests by showing password complexity requirements

• Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols

• Updated OpenSSL library to 1.0.2q

• Updated OpenSSH derived library to latest version 7.9.0.0

• Updated Web Transfer Client login page and localization features

• Removed direct download links from workspace's email template

Fixes

• Numerous bug fixes were released in this version of EFT.

October 2018

Version 7.4.11

October 24, 2018

New Features

• Added support for IdP initiated SAML SSO Logins

• Added override to relax SAML assertion on signing requirements

• Added support for Active Directory + RSA SecurID® chaining (login AD, then RSA)

• Added ability to hide forgot (reset) password for LDAP authenticated users

• Added option to disallow LDAP login for guest users originating from DMZ Gateway

• Added option to force LDAP authentication for users connecting directly to EFT

• Changed the default refresh interval for LDAP to 30 minutes

• Added ability to map a Settings template to LDAP attributes

• Added support to SAML auth for looking up not-yet sync’d users in LDAP

• Added Event Rule Download Action: Option to treat missing remote file(s) as success

• Added ability to inject passwords into exported rules xml, for event rule import

• Added an advanced property (registry override) to all configuration of HSTS max-age value

• Added an advanced property (registry override) to manage CSP Content Security Policy header

• Added an advanced property (registry override) to disallow support for Basic Auth for HTTP/S

• Updated AS2 to latest libraries including choice of ciphers

• Added custom header support for AS2 send action

• Added support GZIP payloads for MDN responses (AS2)

• Added support for asynchronous MDNs (AS2)

• Added support for specifying allowed signing algorithms (AS2)

• Added support for specifying allowed MDN MIC algorithm for inbound transactions (AS2)

• Added over a dozen Windows Performance Counters associated with EFT

• Added support for multiple group filtering under AD

• Added username to AuthManager login ‘failed login’ eft.log

• Added a registry option to disable basic authentication

• Added Azure shared access signatures (SAS) support to cloud connector module

• Added ability to inject passwords into exported rules xml, for event rule import

• Added support for accelerated, parallel cloud transfers to Azure (8X speed increase)

• Added the ability to capture the reason behind a manual IP ban

• Added more context variables, such as SITE.DMZ_ADDRESS or PORT

• Added option in EFT to select whether to do DNS lookups on the local EFT Server or DMZ Server

• Added the ability for users to download entire folders from the WTC

• Added the ability for users to move folders in the WTC

• Added a domain whitelist property for greater control over the send file feature

• Added an advanced property (registry override) to display full name rather than login name in WTC

• Added more granular variables to Workspaces invite messages

• Added ability to provision LDAP users when a workspace is shared with them

Enhancements

• Improved usability by instructing users on how to properly activate the acceleration module

• Updated SFTP library in line with current FIPS compliance standards

• Hid the disk quota feature by default as it remains experimental

• Decoupled Workspaces sending from sharing permissions: A user may not have permission to share but can send, and vice versa.

• Provided controls for treating connections differently depending on their origination

• Enhanced the WTC to display an error on next login if a background transfer failed

• Updated language support for French, German, Spanish and Dutch

• Improved SFTP logging to capture algorithms used

• Updated OpenSSL to 1.0.2p

• Improved auditing of expired module licenses in EFT.log

• Removed optional recording of contact details and IP to better comply with GDPR

• Changed EFT Enterprise installer file name from eftserver-ent.exe to EFT-Enterprise.exe

• Changed EFT Enterprise without SQL Express installer file name from eftserver-nodb.exe to EFT-Enterprise-nodb.exe

Fixes

• Numerous bug fixes

August 2018

Version 7.4.10

August 21, 2018

New Features

• Added option to show full name vs. logon name in WTC profile

• AD Site: Added option to authenticate users via Active Directory while managing permissions internally in EFT

• LDAP Site: Added option to hide Forgot Password link for internal/external facing domains

• LDAP Site: Added option to not allow LDAP logins for external facing domains

Fixes

• Various bug fixes and improvements

July 2018

Version 7.4.9

July 17, 2018

New Features

• Added ability to construct internal URL hyperlinks in notification emails based on recipient domain

• Added ability to specify internal domain certificate in instance where direct connection is made that bypasses DMZ Gateway

• Added ability for AD sites to automatically remove accounts after X days of inactivity

Enhancements

• Agents can now perform client transfers to any server you designate, rather than only back to the home EFT Server

• Shorter update intervals (real-time (every 15 seconds), once a minute, every 5 minutes, every 30 minutes)

• New options for when an agent fails

• System environment variables in remote agent rules

• Remote Agent Condition for relevant File System triggers in event rules

• “Run on links” option has been removed when you create remote agent rules

• LDAP Site: Automatically remove/disable account after X days of inactivity

• Option to specify custom LDAP attributes that are configured at the site level and map to those in the user template level

• Internal (LDAP) users must not authenticate when visiting external URL

Fixes

• Various bug fixes and improvements

May 2018

Version 7.47

May 15, 2018

Enhancements

• EFT Server (SMB) has been renamed to EFT Express

• EFT Server Enterprise has been renamed to EFT Enterprise

• High Security Module (HSM) is now Advanced Security Module (ASM) in EFT Enterprise

• High Security Module (HSM) is now Express Security Module (ESM) in EFT Express

• Update AWE to version 10

• AWE rebranding

• Migrate and convert AM8 tasks to AM10 as part of the EFT upgrade process

• Better support in AWE for EFT Insight

• New context variables available which are populated upon AWE task completion

• New option to specify location of AWE debug logs

• AWE debug Task log name update to include AWE {Node Name}_{AML File Name}_yyyy-MM-DD-HH-mm-ss.csv

• New option to retain task debug logs by Success/Failure

• Audit the AWE execution details to ARM database

• When AWE logging is disabled, ARM will report N/A

• New AWE actions

  • Amazon DynamoDB

  • Amazon EC2

  • Amazon RDS

  • Amazon S3

  • Amazon SES

  • Amazon SimpleDB

  • Amazon SQS

  • Azure Storage

  • Dynamics CRM

  • Image

  • OCR

  • OpenDocument Spreadsheet

  • PDF

  • VMware Guest

  • VMware Host

  • WMI

• New support for AWS and Azure context variables

• SQL Express 2017 is now bundled with the EFT installer (64bit support only)

• Only EFT 7.4 has been rebranded to new logos and title (this includes most if not all UI related Items, including ARM Reporting but excludes the installer)

• New splash screens

• New globalscape logo

• Updated Admin GUI wizard pages

• Event Rule Action – Send email notification action with attachments

• New Cloud Object Monitor will allow users to monitor Amazon S3 or Azure blob storage for file triggers including ability to execute an action based on a trigger

• New AWS S3 compatible metadata support (support outside of AWS S3 or Azure blob)

• Limited support for Google Cloud and Caringo

• Allow S3 bucket URL override

• Allow EFT admin to specify outbound IP address in Event Rule Advanced option in HA environment

• CCM and MTC are now part of EFT Core

• AAM and CIC are now part of Advanced Security Module (ASM)

• OAI now provides a Secure Message Delivery Option

• Microsoft Outlook Digital Signature is now supported with EFT OAI

• Microsoft Outlook Encryption is now supported with EFT OAI

• Agent/Account coexistence

• Agents can be created on same site as standard user account

• New Diffie-Hellman key exchange security between EFT and Remote Agent

• Remote Agents will now Auto-update when required

• EFT Admins can now enable/disable the Reply portal

• Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled

• EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal

• Request file options will now provide ability to require authentication

• EFT Email recipients can now access the reply/reply all page from the pickup portal

• Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha

• Workspace invites are now restricted to whitelisted domains (if configured)

• EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace

• The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share

• EFT will now restrict guests to their shared workspace

• External users will no longer be granted by default a home folder of their own

• Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account

• Add Spanish language to WTC

• Rebranding of the WTC including all portals

• SQL Express 2008 is now removed from the EFT Installer

• Mail Express is now removed from the EFT Installer

• Certificate creation for a RAM template is no longer required when configuring a new Remote Agent

• AutoMate action has now been removed from AWE

• Increased Workspace trial license count to 100 seats

• EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating

• Improved the account registration and verification process

• After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace

• Support strong KEX algorithms for Incoming SFTP

  • diffie-hellman-group16-sha512

  • diffie-hellman-group14-sha256

  • diffie-hellman-group-exchange-sha256

  • diffie-hellman-group14-sha1

  • diffie-hellman-group-exchange-sha1

  • diffie-hellman-group1-sha1

• Update to SSL security compatibility to reflect “Minimum Protocol Version”

• Update to the generic Welcome FTP banner message on new installs

• EFT Login - %Date% %Time% - Please enter valid credentials to continue

• SMTP Implicit TLS option is now exposed via the new server setup wizard under the SMTP Server settings wizard page

• Removed the personal data registration page on a new install, under the Globalscape EFT Server Registration wizard page

• EFT user’s home folder will now sync with their AD profile folder

• Ability to type a value for toggle “Auto-attach files in Outlook when they exceed:”

• More descriptive error message when workspaces license count has exceeded

• Admin will now be presented with a prompt that Request files will be disabled when Reply portal is disabled

• The EFT full version is now displayed in the title bar

• Updated JRE to version 1.8.0.162

• Updated supported Linux distros

• RHEL 7.3 64-bit Kernel: 3.10.0-514

• SuSE Linux Enterprise Server 12.2 64-bit (SP2)

• Ubuntu Ubuntu 16.04.3 LTS

• Amazon Linux AMI 2017.03.1 64-bit

• EnableConnFloodProtection feature is now disabled by default

• Ensure S3 regions list is up-to-date

• Changed from “Active’ to “Enrolled” in the agent status list

• Expose MTC registration status via COM

• Expose CIC registration status via COM

• Add-in readme file now explains the difference between the .exe and .msi installer

• Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors

• Updated the security tab typo to reflect “FIPS-certified”

Fixes

• Fixed “CTRL+F” search function

• Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled

• EFS icon was not displaying when a VFS folder was encrypted

• EFT admin GUI crashed when a CIC profile was renamed

• Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7

• Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option

• EFT UI will not accept configuration change when renaming CIC connection profile

• Statistics box on “My Site” general tab needs to be adjusted

• Stopped site does not have the red X on the MySite under VFS tab

• Enterprise option to reset passwords for multiple users is greyed out

• Cannot enter letters in zip code field in registration wizard

• Admin UI: visual artifact in the UG tree

• Web Service – Invoke Event Rules (Detailed) report no longer returns data

• Outlook Send Report column (Recipient) is not populating

• PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint

• Admin console is hanging when login and also when trying to clone rules

• Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth

• Passwords not syncing with EFT AD site

• Service hang - users can't connect

• EFT Memory is growing gradually

• Anonymous authentication bug since 7.3.3.21

• Service crashing intermittently

• After upgrade and applying hotfix, Permission groups no longer present

• GUI Crashes with new ODBC site when creating new user

• EFT Event Action S3 region list is incomplete

• EFT S3 Region list is outdated

• Browse Remote File System causes Error and GUI Crash

• Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently

• When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination

• Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6

• ER: An unencrypted user password can be written to WEL when using User Event Rules

• Event Rule: The reason for not being able to delete a file (move) is not provided to the user

• EFT’s copy/move does not appear to honor the “Retries” value

• EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4

• Source file name.ext not pre-populating in the source field after clicking OK

• Source file name.ext not pre-populating in the source field after double clicking

• UI does not refresh after deleting an Event Rule

• File/Folder actions leak handle

• Scheduled event rule not running at expected scheduled times after 12am

• Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files

• Connection Profile – Connection Details form disappears when the admin user hits the enter Key

• Broken upgrade from pre 1M for custom command

• Admin console hangs on login

• EFT Server Ent 7.4.2.4 randomly crashes

• High CPU Utilization and Hangs

• DMZ Gateway Caches IPs for host names until service is restarted

• Registered DMZ Gateway crashes when using FAST with expired DEI trial license

• FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path

• HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified

• HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods

• During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure

• EFT Upgrade progress dialog is blank

• Automatic service startup is not consistent

• Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version

• Modify install change stops EFT service from working

• Upgrade -- ERROR AuthManager - Could not create client object already persistent

• FTP.cfg is corrupted upon upgrade

• Installer hangs and stops responding when ORCL credential used have expired

• When modifying the start menu, the default value Globalscape still is the one that is used

• Administrator Account Configuration screen - Text box line disappears

• Installer allows upgrade from 7.1 directly to 7.4

• Installer.log file contains admin user and password

• Folder monitor override credentials being used when writing to log file

• IPAccess logging is broken

• EFT - Can't delete a file because Outlook is accessing it

• PCI Invalid logins differ at the site and server level

• EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate

• Remote Agent Service executable has bad description

• Agent Install URL returns 404 for HA installations

• Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template

• Remote Agent Template window, tab order not going left to right, top to bottom

• Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."

• Remote Agent Template can be selected for new administrator accounts

• SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled

• SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia

• ClientFTP: CSocksSocket checks timeout wrong

• Listing fails on remote server in EFT, but not Filezilla

• SMTP to Exchange fails with TLS 1.1 and 1.2

• EFT Admin: Status screen is not refreshing statistics

• Cannot remove "All Users" group from a folder in VFS

• Unable to configure streaming repository encryption when site root is a share

• Show VFS home folder then setting permissions is broken again

• VFS manipulation is slow

• Refresh required when an unacceptable character is entered in Maximum message size

• Banned file types appear to be sent from Drop-off and Send Portal

• User isn't routed to the workspace (shared) folder upon login to WTC

• Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending

• Selected user background turns from 'blue' to 'gray' after the action

• OAI body message is not visible when accessing the contents via WTC

• Workspaces license limit email is being sent incorrectly

• Workspaces guest template defaults to allow creation of workspaces

• Http/1.1 404 Object Not Found error when clicking on Workspace link from email

• Customizations.js executing before the UI is rendered, preventing customizations to the WTC

• WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers

• Embedded link downloads no longer working as of 7.4.x

• WTC translation does not persist after clicking request file option

• WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users

Version 7.3.9

May 15, 2018

Fixes

• Updated the security tab typo to reflect “FIPS-certified”

• EFS icon was not displaying when a VFS folder was encrypted

• EFT admin GUI crashed when a CIC profile was renamed

• Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7

• Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option

• EFT UI will not accept configuration change when renaming CIC connection profile

• Statistics box on “My Site” general tab needs to be adjusted

• Stopped site does not have the red X on the MySite under VFS tab

• Enterprise option to reset passwords for multiple users is greyed out

• Cannot enter letters in zip code field in registration wizard

• Admin UI: visual artifact in the UG tree

• Web Service – Invoke Event Rules (Detailed) report no longer returns data

• Outlook Send Report column (Recipient) is not populating

• PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraintAdmin console is hanging when login and also when trying to clone rules

• Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth

• Passwords not syncing with EFT AD site

• Service hang - users can't connect

• EFT Memory is growing gradually

• Anonymous authentication bug since 7.3.3.21

• Service crashing intermittently

• After upgrade and applying hotfix, Permission groups no longer present

• GUI Crashes with new ODBC site when creating new user

• EFT Event Action S3 region list is incomplete

• EFT S3 Region list is outdated

• Browse Remote File System causes Error and GUI Crash

• Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently

• When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination

• Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6

• ER: An unencrypted user password can be written to WEL when using User Event Rules

• Event Rule: The reason for not being able to delete a file (move) is not provided to the user

• EFT’s copy/move does not appear to honor the “Retries” value

• EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4

• Source file name.ext not pre-populating in the source field after clicking OK

• Source file name.ext not pre-populating in the source field after double clicking

• UI does not refresh after deleting an Event Rule

• File/Folder actions leak handle

• Scheduled event rule not running at expected scheduled times after 12am

• Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files Connection Profiles

• Connection Profile – Connection Details form disappears when the admin user hits the enter Key

• Broken upgrade from pre 1M for custom command

• Admin console hangs on login

• EFT Server Ent 7.4.2.4 randomly crashes

• High CPU Utilization and Hangs

• DMZ Gateway Caches IPs for host names until service is restarted

• Registered DMZ Gateway crashes when using FAST with expired DEI trial license

• FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path

• HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified

• HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods

• During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure

• EFT Upgrade progress dialog is blank

• Automatic service startup is not consistent

• Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version

• Modify install change stops EFT service from working

• Upgrade -- ERROR AuthManager - Could not create client object already persistent

• FTP.cfg is corrupted upon upgrade

• Installer hangs and stops responding when ORCL credential used have expired

• When modifying the start menu, the default value Globalscape still is the one that is used

• Administrator Account Configuration screen - Text box line disappears

• Installer allows upgrade from 7.1 directly to 7.4

• Installer.log file contains admin user and password

• Folder monitor override credentials being used when writing to log file

• IPAccess logging is broken

• EFT - Can't delete a file because Outlook is accessing it

• PCI Invalid logins differ at the site and server level

• EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate Settings window

• Remote Agent Service executable has bad description

• Agent Install URL returns 404 for HA installations

• Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template

• Remote Agent Template window, tab order not going left to right, top to bottom

• Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."

• Remote Agent Template can be selected for new administrator accounts

• SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled

• SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia Server

• ClientFTP: CSocksSocket checks timeout wrong

• Listing fails on remote server in EFT, but not Filezilla

• SMTP to Exchange fails with TLS 1.1 and 1.2

• EFT Admin: Status screen is not refreshing statistics

• Cannot remove "All Users" group from a folder in VFS

• Unable to configure streaming repository encryption when site root is a share

• Show VFS home folder then setting permissions is broken again

• VFS manipulation is slow

• Refresh required when an unacceptable character is entered in Maximum message size

• Banned file types appear to be sent from Drop-off and Send Portal

• User isn't routed to the workspace (shared) folder upon login to WTC

• Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending

• Selected user background turns from 'blue' to 'gray' after the action

• OAI body message is not visible when accessing the contents via WTC

• Workspaces license limit email is being sent incorrectly

• Workspaces guest template defaults to allow creation of workspaces

• Http/1.1 404 Object Not Found error when clicking on Workspace link from email

• Customizations.js executing before the UI is rendered, preventing customizations to the WTC

• WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers

• Embedded link downloads no longer working as of 7.4.x

• WTC translation does not persist after clicking request file option

• WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users

• Fixed “CTRL+F” search function

• Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled

March 2018

Version 7.4.5 R2

March 20, 2018

New Features

• Added Cloud Connector Module

• Added EFT REST endpoint for querying administrative info and server status

• Added Remote Agent Module

• Added capability to Download and Copy/Move from AWS S3 storage

• Added capability to Download and Copy/Move from Azure blob storage

• Added ability to create Connection Profile to AWS S3 and Azure blob storage

• Added new context variables related to Remote Agent functionality; %Agent.Name%, %Agent.Version%, %Agent.Last_Update_Timestamp%, %Agent.Next_Update_Timestamp%, %Agent.Computer_Name%, %Agent.Template%, %Agent.Status%

• Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #

• Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields

• Added logging for AWS S3 and Azure blob storage to EFT.log

• Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast

• Added provisioning and management of Remote Agents

• Added Remote Agent Event Rule Triggers - Folder Monitor, Folder Monitor Failed, and Timer

• Added Remote Agent Event Rule Actions - Copy/Move (push) file to host, Download (pull) file from host, Stop processing

• Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab

• Added robots.txt so that Web Transfer Client does not appear in web search

• Added feature to Request Files

• Added option to Secure Message Body

Enhancements

• Removed local notes.txt file (version history). Please see website for up to date version history and change notes.

• Remove Java Option code from Login.htm file

• Improved efficiency of Purge script

• Defaulted log file appender to include computer name

• Pick-up Portal now has “download all” option

Fixes

• Fixed scenario of Event Rule delegation to non-existent node that could result in failure to execute Folder Monitor event rules

• Fixed scenario of Event Rule delegation to non-existent node that could result in server crash

November 2017

Version 7.4.5 R1

November 21, 2017

New Features

• Added Cloud Connector Module

• Added EFT REST endpoint for querying administrative info and server status

• Added Remote Agent Module

• Added capability to Download and Copy/Move from AWS S3 storage

• Added capability to Download and Copy/Move from Azure blob storage

• Added ability to create Connection Profile to AWS S3 and Azure blob storage

• Added new context variables related to Remote Agent functionality; %Agent.Name%, %Agent.Version%, %Agent.Last_Update_Timestamp%, %Agent.Next_Update_Timestamp%, %Agent.Computer_Name%, %Agent.Template%, %Agent.Status%

• Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #

• Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields

• Added logging for AWS S3 and Azure blob storage to EFT.log

• Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast

• Added provisioning and management of Remote Agents

• Added Remote Agent Event Rule Triggers - Folder Monitor, Folder Monitor Failed, and Timer

• Added Remote Agent Event Rule Actions - Copy/Move (push) file to host, Download (pull) file from host, Stop processing

• Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab

• (WTC) Implement robots.txt so that Web Transfer Client does not appear in web search

• (WTC) Added feature to Request Files

• (WTC) Added option to Secure Message Body

• (WTC) Removed local notes.txt file (version history). Please see website for up to date version history and change notes.

• (WTC) Remove Java Option code from Login.htm file

Enhancements

• Improved efficiency of Purge script

• Defaulted log file appender to include computer name

• Pick-up Portal now has “download all” option

Fixes

• EFT service crashing randomly 7.3.5.4

• Login attempts fail with "Precondition failed"

• Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires

• "If settings template equals" condition is now properly converted after upgrade.

• AS2 setup wizard's "Test Connection" results in a GUI crash

• AS2 Outbound setup wizard results in a GUI crash

• Admin GUI crash when expanding workspaces under the VFS tab

• Folder monitors are not updating enabled status icon when reconnecting after a failed health check

• HA: Phantom node appears in Status tab.

• Mouse pointer spinning in VFS when expanding Site root folders

• EFS icon not displaying on encrypted VFS folder

• Connection profile Test button outcome shows up as failed when in reality it does connect successfully

• Server level TLS/SSL settings are being disregarded when using Connection Profile Test

• Event Rule level backup nodes not recognized in the Status tab.

• After adding a child domain group, a member of that group couldn’t login to admin console

• Auditing and Reporting Module (ARM): Outlook Send Activity Report data truncated

• EFT Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions

• Event Rules: EFT is hanging and needs to be restarted to restore functionality

• PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0

• (WTC/Workspaces)The global search on Jument is throwing 404 error

• (WTC/Workspaces)Creating a new workspace while uploading a large file will cancel the upload

• (WTC/Workspaces)Unable to access WTC using CAC Authentication on an LDAP site

• (WTC/Workspaces)Fixed issue of workspaces expiring immediately after upgrade

• (WTC/Workspaces)Workspace link created from outlook add-in has the incorrect url

• (WTC/Workspaces)Workspace Outlook add-in auto disables when using Integrated Windows Auth

• (WTC/Workspaces)Workspaces Send breaks with IWA SSO

Version 7.3.8

November 21, 2017

New Features

• Added a COM API method to retrieve the GUID using the site name

• Added EFT Silent Installer parameter for Advanced Authentication Module

Enhancements

• Removed local notes.txt file (version history). Please see website for up to date version history and change notes.

• (WTC) Remove Java Option code from Login.htm file

• Change default key length (in bits) from 1024 to 2048 in Create SSL Certificate Wizard

• (ARM) Improved efficiency of Purge script

• Defaulted log file appender to include computer name

• Workspaces invitation and verify email messages customized per site

Fixes

• Login attempts fail with "Precondition failed"

• Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires

• "If settings template equals" condition is now properly converted after upgrade

• Server crashes when running vulnerability scanner Greenbone Security Assistant

• EFT crashed due to OOM exception caused by excessive ScClientBundler::BundleThreadProc threads

• Server hangs for 25-30 seconds when making config changes

• AS2 setup wizard's "Test Connection" results in a GUI crash

• AS2 Outbound setup wizard results in a GUI crash

• Admin GUI crash when expanding workspaces under the VFS tab

• Folder monitors are not updating enabled status icon when reconnecting after a failed health check

• HA: Phantom node appears in Status tab.

• Mouse pointer spinning in VFS when expanding Site root folders

• EFS icon not displaying on encrypted VFS folder

• Connection profile Test button outcome shows up as failed when in reality it does connect successfully

• Server level TLS/SSL settings are being disregarded when using Connection Profile Test

• Event Rule level backup nodes not recognized in the Status tab.

• After adding a child domain group, a member of that group couldn’t login to admin console

• Hang when accessing SSH public key manager

• Auditing and Reporting Module (ARM): Outlook Send Activity Report data truncated

• EFT Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions

• Event Rules: EFT is hanging and needs to be restarted to restore functionality

• High Availability (HA): Server not displaying that HA cluster is being administered on another node as expected

• PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0

• (WTC/Workspaces) The global search on Jument is throwing 404 error

• (WTC/Workspaces) Creating a new workspace while uploading a large file will cancel the upload

• (WTC/Workspaces) Unable to access WTC using CAC Authentication on an LDAP site

• (WTC/Workspaces) Fixed issue of workspaces expiring immediately after upgrade

• (WTC/Workspaces) Workspace link created from outlook add-in has the incorrect url

• (WTC/Workspaces) Workspace Outlook add-in auto disables when using Integrated Windows Auth

• (WTC/Workspaces) Workspaces Send breaks with IWA SSO

August 2017

Version 7.4.2

August 29, 2017

New Features

Administration interface

• Added template for password reset confirmation email that is sent when user is unauthorized to reset password

Auditing and Reporting Module (ARM):

• Add new option in EFT to log TED6 logs to the new table - default new option to false/off

COM Interface:

• Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

• Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

• New COM APIs for Drop-Off controls

High Availability (HA):

• Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.

• Added support for Autoscaling in AWS

• Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast

• Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time

Logging:

• Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

Protocols - FTP/S:

• Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

Protocols - SFTP:

• Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

• Added diffie-hellman-group-exchange-sha256 KEX

• Added ability to select SFTP KEX algorithms through GUI and COM

SMTP:

• Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

Web Interfaces

• Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)

• Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

• Added administrative option to place newly invited Workspace participants in specific settings template

• Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile

• Users can now reply to a message from Send/Drop-Off

Enhancements

• PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

• Now able to login with Admin accounts in AD Universal group in child domains

• Configuration Restore dialog has been updated. Backup must be generated from EFT 7.3.3 or higher.

• Find/Search in EFT doesn't search connection profiles

• Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

• Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

• More clearly show the configuration state and current flag value of change password on first login

• Clarified user Password Expiration, Reminder, and Notification Options

• On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.

• Improved responsiveness when browsing directories containing many subfolders.

• Removed SAT install files from EFT 7.4 Installer

Web Interfaces – Web Transfer Client (HTML5):

• Updated French translation

• Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces

• Updated Workspace Invitation Subject line to "You've been added to a workspace"

• On upgrade from 7.2.x, Workspace notifications should be disabled

• Where possible, Workspace owner’s full name is used for WS invites instead of their login name

• Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them

• New participant of a workspace now lands to that particular shared folder and not at the home page of WTC

• Workspace owner can now add additional participant(s) to a private workspace

Fixes

• Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

• EFT Password email reminders with AD Site did not trigger

• When changing password for user through Admin GUI, force password option was being automatically enabled

• EFT forcing users to change their password upon first log in

• Renaming folders in VFS causes a loading indicator

• EFT Standalone: User's last time connected was only being updated once per day

• Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

• Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant

• During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed

• Resolved EFT Admin GUI crash after using the send Email test button

• Settings Templates was no longer sorted alphabetically as of 7.3.3.21

• Admin GUI did not retain setting for Password Expiration at user level

• When changing password in admin interface, force password option was automatically checked

• When modifying password expiration "Remind" option Apply button was greyed out.

• Settings Template options did not properly display inherited options

• LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.

• Potential for AS2 settings to be removed after to 7.3.3.21

• Report is missing filters (Traffic - Protocolwise Connections (Summary)

• Executive Summary Report data was being truncated

• The text "hmtest" appeared in Event Rules Detailed report after the Description:

• Admin Action report Change Originator column was being truncated

• Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

• Corrected scenario where certain user accounts were not able to authenticate if the account was renamedCouldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21

• Custom password change responses were not working for LDAP sites

• "IsFolderVirtual" COM method was no longer functioning in 7.3.5

• Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

• ICISite::SetWorkspace failed with MX error 7

• Custom Command default execution timeout for newly created Custom Commands should be 30 seconds

• User Account Disabled Rule did not function after upgrade to 7.3.3.21

• Event Rule using FAST protocol to Download Files would fail if connection profile was used

• Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

• Corrected scenario of being unable to import Event Rules caused by unexpected config values

• Event rules with comma character ',' in event rule name would fail when load balanced

• When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

• Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"

• Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

• SSL/TLS logging for FTPS connections was not working

• Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE

• Addressed potential scenario of new PGP key not displaying correct expiration date

• EFT responded to a quit command with an additional 0d 0a after version 7

• Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file

• Trailing spaces in SMTP host address would not resolve the address

• User Credentials email had an erroneous = at end of username

• Email notification for credentials contained an erroneous trailing =

• Forgot password in WTC didn’t work if 2+ users shared an email address

• WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled

• WTC was not displaying password expiration reminder on login

• While uploading a large file, occasionally received errors when trying to create folders or workspaces

• Join with Smartcard button was improperly visible when connecting to CAC enabled site

• Download button did not function the Max transfer speed option was enabled at the site level

• Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal

• Resolved issue of being unable to send files from the iFrame

• Outlook Add-In functionality was not working in some instances

• Private workspace owner was unable to add additional users to private workspaces

Version 7.3.7

August 01, 2017

New Features

• Added template for password reset confirmation email that is sent when user is unauthorized to reset password

• Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

• Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

• Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

• Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

• Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

• Added diffie-hellman-group-exchange-sha256 KEX

• Added ability to select SFTP KEX algorithms through GUI and COM

• Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

• Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

Enhancements

• PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

• Now able to login with Admin accounts in AD Universal group in child domains

• Configuration Restore dialog has been updated. Backup must be generated from EFT Server 7.3.3 or higher.

• Find/Search in EFT doesn't search connection profiles

• Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

• Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

• Improved responsiveness when browsing directories containing many subfolders.

• Updated webclient to version 1.3.0 build 10

• (WTC) Updated French translation; Update French translation for word "Language"

• (Workspaces) Updated Workspace Invitation Subject line to "You've been added to a workspace"

• (Workspaces) On upgrade from 7.2.x, Workspace notifications should be disabled

• (Workspaces) Where possible, Workspace owner’s full name is used for WS invites instead of their login name

Fixes

• Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

• EFT Password email reminders with AD Site did not trigger

• When changing password for user through Admin GUI, force password option was being automatically enabled

• EFT forcing users to change their password upon first log in

• Renaming folders in VFS causes a loading indicator

• EFT Standalone: User's last time connected was only being updated once per day

• Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

• During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed

• Resolved EFT Admin GUI crash after using the send Email test button

• Settings Templates was no longer sorted alphabetically as of 7.3.3.21

• Admin GUI did not retain setting for Password Expiration at user level

• When changing password in admin interface, force password option was automatically checked

• When modifying password expiration "Remind" option Apply button was greyed out.

• Settings Template options did not properly display inherited options

• LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.

• Potential for AS2 settings to be removed after to 7.3.3.21

• Auditing and Reporting Module (ARM):

• Report is missing filters (Traffic - Protocolwise Connections (Summary))

• Executive Summary Report data was being truncated

• The text "hmtest" appeared in Event Rules Detailed report after the Description:

• Admin Action report Change Originator column was being truncated

• Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

• Corrected scenario where certain user accounts were not able to authenticate if the account was renamed Authentication - LDAP:

• Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21

• Custom password change responses were not working for LDAP sites

• "IsFolderVirtual" COM method was no longer functioning in 7.3.5

• Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

• ICISite::SetWorkspace failed with MX error 7

• Custom Command default execution timeout for newly created Custom Commands should be 30 seconds Event Rules:

• User Account Disabled Rule did not function after upgrade to 7.3.3.21

• Event Rule using FAST protocol to Download Files would fail if connection profile was used

• Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

• Corrected scenario of being unable to import Event Rules caused by unexpected config values

• Event rules with comma character ',' in event rule name would fail when load balanced

• When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

• Upgrade installer asked to create an admin account instead of "Provide server administrator credentials" Logging:

• Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

• SSL/TLS logging for FTPS connections was not working

• Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE OpenPGP:

• Addressed potential scenario of new PGP key not displaying correct expiration date

• EFT responded to a quit command with an additional 0d 0a after version 7

• Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file

• Trailing spaces in SMTP host address would not resolve the address

• User Credentials email had an erroneous = at end of username

• WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled

• WTC was not displaying password expiration reminder on login

• While uploading a large file, occasionally received errors when trying to create folders or workspaces

• Join with Smartcard button was improperly visible when connecting to CAC enabled site

• Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal

• Resolved issue of being unable to send files from the iFrame

• Outlook Add-In functionality was not working in some instances

• Private workspace owner was unable to add additional users to private workspaces

Version 7.2.10

August 02, 2017

New Features

• Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

Enhancements

• Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

Fixes:

• During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed

• Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.

• The text "hmtest" appeared in Event Rules Detailed report after the Description:

• Admin Action report Change Originator column was being truncated

• Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"

May 2017

Version 7.3.6

May 02, 2017

New Features

• New Globalscape splash screen logo is displayed

• (COM API) Added ICIServer Interface Property SMTPUseImplicitTLS

• (COM API) Added ICIServer Interface Function SendTestEmail

• Added support for Amazon AWS SNS and SQS as alternative to Multicast for HA clusters

• Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.

• Added support for Windows 2016

• EFT.log entry for SSL version and cipher info as part of successful socket connection for FTPS and HTTPS

• EFT.log entry on startup if FIPS is successfully initialized.

• EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.

• EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.

• Added registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms

• Added registry override (PGPCompressionMethod) to specify default compression algorithm

• Add support for OCSP Stapling in EFT Server HTTPS Listener

• Added SMTP over TLS/SSL

• Added support for Gmail as an SMTP Server

• Added SMTP test function

• (Workspaces) Added ability to send (email) files out from within Workspaces

• (Workspaces) Added pick-up (download) portal for received files.

Enhancements

• F1 help has been updated to reflect new features.

• Removed support for Windows 2008

• EFT Server Enterprise and Standard:

• Upgrade OpenSSL to 1.0.2k

• Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747

• Now able to add "Universal" Active Directory groups to EFT Administration

• Improved WTC CAL warnings to be consistent across EFT.log, Admin GUI, and email

• Now able to resize the CTRL+F search window

• Updated Server>Security page FIPS controls

• (ARM) Exporting reports no longer re-runs the report from the source

• (ARM) Event Rules table EventName now allows up to 250 characters

• Improved the speed of the CNTAuthManager::GetUser method when pulling users from AD with large amount of users (>50k).

• Improved AD group listing algorithm when pulling complex subgroup structure. Time taken to sync listing with 200 subgroups decreased from 240 seconds to 5 seconds.

• Remove legacy behavior of caching IP address of last successfully connected host.

• Greatly optimized the {FS.*} condition checking mechanism of Event Rule execution. FS condition checks now performed locally when possible instead of going out to file system.

• Remote directory browser now works when using DMZ Gateway as a proxy.

• Event Rule Import now matches Connection Profiles by NAME, not by GUID

• Account Lockout Status now propagates to other HA nodes

• Admin Last Login Time for HA is now only propagated to other nodes once per day

• Modify PGP Encryption behavior to default to CAST5 encryption if registry override AutoSelectPGPCiphers is Off.

• Check passphrase was taking too long. Has been optimized

• Update SMTP test warning prompt to exclude '+' from an invalid character

• (WTC) Full, unlimited access to WTC during evaluation period

• (WTC) HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.

• (WTC) Updated Jument webclient to version 1.3.0 build 5

• (Workspaces) Tidy up default Workspace invite and verify email messages

• (Workspaces) Redesigned view and management of Workspaces

• (Workspaces) Support Workspaces unlimited license

• (Workspaces) Site> Workspaces Outlook add-in (OAI) has been changed to Workspaces - Send

Fixes

• Passwords were expiring based on the "remind x days prior to expiration" value

• Used disk space counter was not adjusting properly in some instances

• Event Rule Admin couldn’t properly remove site from Assigned to this server list

• When creating an SFTP key using the wizard - Use this key pair as the default host key - was not checked by default

• AdvancedProperty IgnoreNeverLoggedInLDAPUsers was no longer working after upgrade to 7.3.4.6

• WTC Licenses with odd numbers were not converting on CAL upgrade

• Fixed being unable to configure same name for Group and Settings template

• Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)

• Fixed rare scenario where configurations carried over from legacy EFT Server versions could cause the Settings template Max connections per user and Max transfer speed that were previously disabled to become enabled and set to 0 on upgrade.

• WTC CAL registration was not accurately reported under Help>About

• Updated the Help>About text for unlimited WTC licenses

• Help -> About cuts off licensing information

• User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.

• User Account Admin interface window did not scale with the EFT Admin console

• Event Rule Admins were denied ability to import event rules.

• FIPS compliant SSH checkbox was available (but non-functional) even after EFT trial has expired

• Updated all GUI references to FIPS Certified rather than FIPS Compliant

• On occasion, when deleting event rules from EFT the EFT GUI would crash.

• Trying to browse subfolders in Browse Remote File System dialog cause VFS to freeze.

• Fixed scenario of being unable to remove SSL certificates from SSL Certificate Manager

• Fixed erroneous message stating that SSL certificate will expire in 30 days if site SSL certificate was cleared out.

• Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.

• (ARM) Scenario where EFT may crash/hang when PCI Compliance Report was being generated

• Client (Outbound): Numerate fails when the initial file is 0KB

• (COM API) ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP

• (COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP

• (COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP

• Custom Command "Redirect output to clients" doesn't work properly when triggered by FTP protocol

• Folder Monitor reconnection logic does not properly update FM's enabled state

• Copy/Move action may not work correctly when custom credentials are used for Local transfers

• Mitigated rare scenario where Folder Monitor may remove all worker threads

• Fixed scenario where Folder Monitor with Trigger based on folder change notifications could be overwhelmed.

• Fixed scenario of SMTP logger failing to record data information

• Improved scenario where clients were receiving constant timeout errors when uploading files if event rule condition checks took a long time to complete.

• (WTC) When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.

• (WTC) WTC is not disabled after EFT trial has expired

• (WTC) No feedback was given when permissions are denied to a folder

• (WTC) Firefox version 50 uploads would sometimes fail

• (WTC) Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions

• (WTC) Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name

• (WTC) Filter button was not properly highlighted

• (WTC) Renaming was causing error in developer console

• (Workspaces) When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed

• (Workspaces) Workspaces licensing was showing 0 after upgrading to 7.3.4.6

• (Workspaces) Workspaces shared folders were disappearing after upgrade from 7.3.0.3

• (Workspaces) Renaming Workspace as owner failed to propagate to participants

• (Workspaces) Workspace invitee was occasionally receiving 404 error upon logging in

Version 7.2.9

May 02, 2017

New Features

• New globalscape splash screen logo is displayed

• Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.

• EFT.log entry for SSL version and cipher info as part of socket connection for FTPS and HTTPS

• EFT.log entry on startup if FIPS is successfully initialized.

• EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.

• EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.

• Add registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms

• Add registry override (AutoSelectPGPCompression) to default compression to ZIP

Enhancements

• Upgrade OpenSSL to 1.0.2k

• Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747

• Now able to add "Universal" Active Directory groups to EFT Administration

• Trial Extension options are still available in EFT SMB after fully registered

• Now able to resize the CTRL+F search window

• Updated Server>Security page FIPS controls

• Exporting reports no longer re-runs the report from the source

• Remote directory browser does not work when using DMZ Gateway as a proxy.

• Event Rule Import now matches Connection Profiles by NAME, not by GUID

• Modify PGP Encryption behavior to default to CAST5 encryption if registry override

• AutoSelectPGPCiphers is Off.

• Check passphrase was taking too long. Has been optimized

• Update SMTP test warning prompt to exclude '+' from an invalid character

• Full, unlimited access to WTC during evaluation period

• HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.

• Updated Jument webclient to version 1.2.1 build 20

Fixes

• Manual Registration for Workspaces with a seat count over 1,000 did show the correct # of licenses.

• Used disk space counter was not adjusting properly in some instances

• Event Rule Admin couldn’t properly remove site from Assigned to this server list

• WTC CAL registration was not accurately reported under Help>About

• Updated the Help>About text for unlimited WTC licenses

• Help -> About cuts off licensing information

• User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.

• User Account Admin interface window did not scale with the EFT Admin console

• Event Rule Admins were denied ability to import event rules.

• FIPS compliant SSH checkbox was available even after EFT trial has expired

• Updated all GUI references to FIPS Certified rather than FIPS Compliant

• On occasion, when deleting event rules from EFT the EFT GUI will crash.

• Scenario where EFT may crash/hang when PCI Compliance Report was being generated

• Numerate fails when the intial file is 0KB

• ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP

• ICIConnectedUser interface member TransferredSize does not return result for SFTP

• ICIConnectedUser interface member FileName does not return result for SFTP

• Custom command "Redirect output to clients" doesn't work properly when triggered by FTP protocol

• Folder Monitor reconnection logic does not properly update FM's enabled state

• When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.

• WTC is not disabled after EFT trial has expired

• No feedback was given when permissions are denied to a folder

• Firefox version 50 uploads would sometimes fail

• Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions

• Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name

• Filter button was not properly highlighted

• Renaming was causing error in developer console

• When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed

• Renaming Workspace as owner failed to propagate to participants

February 2017

Version 7.3.5

February 08, 2017

New Features

• Added debug level logging setting for PGP through Admin User Interface

Enhancements

• Upgraded Web Transfer Client (HTML5) to 1.3.0

• Updated SSL certificate manager to use SHA2

Fixes

• Fixed comment section when creating a workspace (improperly titled "Message" in prior build)

• Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)

• Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)

• Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)

• Fixed change password request to use the pre-configured domain (site connection settings)

• Fixed issue when attempting to use SSL cert authentication with a null password

• Fixed rolling of EFT.log when running a Command Action and the log size exceeds MaxFileSize

• Fixed logging for failed upload/download over SFTP protocol

• Fixed issue where EFT would convert a physical folder into a virtual folder when using the Active Directory profile as the users home folder

• Fixed potential out-of-memory crash when network folder monitor receives a large number (20,000+) of files

• Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)

• Fixed report "Event Rules - Actions (Summary)" to allow Event Name field to support up to 250 characters

• Fixed issue when attempting to change Active Directory passwords through the Web Transfer Client

• Fixed GUI error message when using a specific multicast IP address (EFT Enterprise Only)

• Fixed reporting of WTC CAL registration under Help>About

• Fixed ability to save new password dictionary file when changing site settings

• Improved ClientFileSystem locking for more granular FileLocker action

• Fixed issue with Workspaces shared folders disappearing after upgrade from 7.3.0.3 to 7.3.3.21

• Fixed issue with users unable to login after upgrading to 7.3.3.14

• Fixed issue with guest Workspaces user unable to login after upgrade

Version 7.2.8

February 08, 2017

New Features

• Added SFTP flow control improvements by RFC 4254

Enhancements

• Upgraded Web Transfer Client (HTML5) to 1.2.1

• Updated SSL certificate manager to use SHA2

Fixes

• Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)

• Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)

• Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)

• Fixed return value of inherit state of CCIClientSettings::GetForcePasswordResetOnInitialLogin

• Fixed EX logs to properly report failed uploads for SFTP

• Fixed error code in cl*.log to show correct error code when target host is unavailable

• Fixed compatibility with Symantec DLP (EFT Enterprise only)

• Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)

• Fixed issue of removing source files after compress action when using ZCompress format

• Fixed issue with properly handling WTC licenses over 9,999 users

December 2016

Version 7.3.3

December 6, 2016

New Features

• Added EFT Outlook Add-In and browser support for exchanging files in Workspaces

• Added controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication - (EFT Enterprise only)

• Improved 508-accessibility compliance for web clients

• Added the Advanced Authentication module for EFT Enterprise

• Added HTTP Strict Transport Security (HSTS)

• Added new preconfigured reports

Enhancements

• Updated Jquery version to 1.9.1

• Updated OpenSSL library to 1.0.2j

• Added auditing of the originating IP for load-balanced HTTP(S) connections as an Advanced property

• Updated PGP library

• Added new COM property that exposes "force password change upon first login" flag

• Improved propagation of Advance Workflow Engine tasks to other HA nodes - (EFT Enterprise only)

• Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder

• Improved processing to reduce wait time for event rule load balanced threads -(EFT Enterprise only)

• Improved URL encoding function in ClientFTP

• Improved handling of Advance Workflow Tasks when user calls Advance Workflow via COM - (EFT Enterprise only)

• Improved performance of Admin UI when populating "Group Membership" tab

• Improved password complexity warnings to end user

• Added additional logging when debugging

• Optimized quick search feature in environments with large amount of users

• Added additional logging for CFileSystem object

• Improved retry transfer logic over high latency networks

• Updated odb version to 2.5.0 a11

Fixes

• Fixed memory leak in FIPS SSL

• Fixed error when trying to download files containing a comma

• Fixed High CPU utilization with large volume of user connections

• Fixed issue of having to re-apply permissions when changing the case of the SAMAccountName

• Fixed Event rule settings where site paths without wildcards were using physical path vs virtual path

• Fixed event timer issue of calculating the next run time at beginning of DST hour

• Fixed alphabetically sorting of event rules within folders

• Fixed issue where admins could not change event rule comments in HA deployments - (EFT Enterprise only)

• Fixed dead lock in FTPS

• Fixed issue of not reporting correct PASV port in the ex.log

• Fixed issue where Admin GUI incorrectly restores the last selection when refreshing UI

• Fixed issue of exporting event rules with stop-action set to "Stop processing this and more rules"

• Fixed issue of switching client's two-factor authentication setting on PCI sites via GUI and COM - (EFT Enterprise only)

• Fixed EFT HA backup option to only backup the site root folders and not the user data - (EFT Enterprise only)

• Fixed issue of downloading EFTClient.txt when using HTTP protocol

• Fixed dead lock in EventRuleQueue in clustered EFT - (EFT Enterprise only)

• Fixed an EFT service Crash when stopping the service in HA environment -(EFT Enterprise only)

• Fixed issue of editing comments at the Event rule folder level

• Corrected GUI to properly show the inherited value of Account Security option as "Disable"

• Fixed email notification to not truncate passwords that use " <v"

• Fixed issue with restoring EFT Workspaces when restoring a backup

• Fixed intermittent crash of Admin GUI when creating users from an EFT Admin remote GUI

• Fixed compatibility with SFTP authentication and WingFTP 4.6.2 using Public key and Password authentication

• Fixed intermittent Admin GUI crash on close

• Fixed EFT service crash when site is deleted

• Fixed EFT service crash on startup due to mixed HA status tracking -(EFT Enterprise only)

• Fixed reset password issue for external participant in LDAP site

• Fixed Deadlock in EventRuleQueue in clustered EFT on server startup

• Removed using FTP Auto mode for client transfers through DMZ gateway as SOCK5 proxy

• Fixed issue of not showing failed event rule downloads using wildcards under the status tab of Admin UI

• Fixed "Rest offset" command in FTP sessions

• Fixed issue of Advanced Workflow Engine task builder not launching - (EFT Enterprise only)

• Fixed issue of accessing Ban IP address when large amount of IP addresses are configured

• Fixed unhandled exception when backing up HA site

• Fixed Mobile Transfer Client crash when attempting to use custom branded MTC

• Fixed crash in HTTP session manager

• Fixed deadlock in GSAWE.exe process - (EFT Enterprise only)

• Fixed DMZ crash when transferring files by FXP

• Fixed folder monitor crash when transitioning back to event rule load balance master

• Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition

• Fixed EFT upgrade issue where the event rule node references were reset back to High Availability (HA) - (EFT Enterprise only)

• Fixed ClientFTP retry logic after SSL_connect error

• Fixed dead lock during load balanced event rule startup - (EFT Enterprise only)

• Fixed account lockout status to propagate to all other nodes in HA mode - (EFT Enterprise only)

• Fixed issue of removing source files after compress action when using ZCompress format

• Fixed issue of large file uploads being reported as individual chunks.

• Fixed Admin UI crash when working with virtual folder with bad alias name

• Fixed issue where changes applied by user level admins did not save after server restart

• Fixed change password issue through web client for ODBC sites

• Fixed error messaging when user without upload permissions attempts to upload via the web client

• Fixed reporting of large file uploads to display only one file entry versus individual chunks

• Fixed issue of exporting PGP public keys with spaces between each line of the public key blob

Version 7.2.6

December 06, 2016

New Features

• Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder

• Added HTTP Strict Transport Security (HSTS)

Enhancements

• Updated OpenSSL libraries to 1.0.2j

• Update Jquery version to 1.9.1 used in Web Client

• Improved handling of Advance Workflow Tasks when user calls Advance Workflow via COM (Enterprise Only)

• Improved propagation of Advance Workflow Engine tasks to other HA nodes (Enterprise Only)

• Improved retry transfer logic over high latency networks

• Removed minimification and hashing from themes.css to allow for persistent customization

• Increased timeout value based on file size to allow more time for 3-pass deletions

• Replaced left navigation tree to improve performance with thousands of folders and/or subfolders

Fixes

• Fixed issue of OpenPGP Encrypt action compressing files when compression is not selected

• Fixed DMZ crash when transferring files by FXP

• Fixed EFT upgrade issue where the event rule node references were reset back to High Availability (HA) - (Enterprise Only)

• Removed extra character return when exporting OpenPGP public key

• Fixed rare deadlock when CRC calculation is requested for missing file.

• Fixed email notification issue of truncating URLs longer than 76 characters

• Fixed password expiration options that were work incorrectly via COM

• Fixed error messaging when user without upload permissions attempts to upload via the web client

• Fixed possible race condition when client is getting disabled due to invalid login attempts limit

• Fixed folder monitor crash when transitioning back to event rule load balance master

• Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition

• Fixed ClientFTP retry logic after SSL_connect error

• Fixed issue in Chrome of not being able to download filenames with ‘,’

• Fixed issue of not being able to edit comments when rules are viewed at the event rule folder level

• Fixed detection of folders where upload is forbidden

• Fixed language on modal dialog buttons

• Fixed the move to modal to show only single folders and a breadcrumb instead of the entire tree in web client

• Fixed default sort order and natural sort order to file names

• Fixed issue of exporting PGP public keys with spaces between each line of the public key blob

August 2016

Version 7.3.2

August 30, 2016

New Features

• Admin GUI warns users when they are close to or have exceeded number of CAL users

• (ARM) Audit originating IP for load-balanced HTTP(S) connections

• (WTC) Changed Web Transfer Client licensing from concurrent base to client access license (CAL)

• (WTC) Webclient updated to 1.2.2 build 2

• (WTC) Warning Banner added to indicate if CAL is exceeded

Enhancements

• Update SSL lib to 1.0.2h

Fixes

• EFT log erroneously reports “Error cfg.write can't save server settings”

• EFT with DMZ crashes on begin transfer file by FXP

• Crash in HTTP session manager

• Crash in the CommandAccess internals when saving command execution results to log file

• Administrator Interface (AI):

• Failed Event Rule downloads using Wildcard do not appear in status tab

• Windows 2012 R2: Admin GUI crashes with coredump.

• When clicking on a help topic the software posts a script error

• Admin GUI may crash on close

• Admin GUI hang scenario when attempting to stop an FTPS event rule transfer

• GSAWE.exe process deadlock

• SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth

• EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols

• The Test Button on the Connection Profiles does not connect when using DMZ as Proxy

• Event timer calculates the incorrect next run time at begin DST hour

• "Rename transferred file to"-function is not working when destination file size/crc is equal to the original value

• A folder monitor event rule stops invoking events after 1000 files are rejected by condition.

• Deadlock in EventRuleQueue in clustered EFT on server startup

• Deadlock occurring during load balanced event rule startup

• High CPU usage with a lot of user connections

• Event Rule Load Balanced threads are blocking for extended periods of time

• EFT throws unhandled exception at back up

• Cannot change event rule comment by GUI when message size exceeds MSMQ limitation

• MTC crashes the EFT Service when attempting to use a custom branding

• Clicking on a folder causes scClient to crash

• Updating the EFT Server domain should trigger an update to the scClient json config file

July 2016

Version 7.2.4

July 05, 2016

New Features

• (ARM) Audit originating IP for load-balanced HTTP(S) connections

• Added configurable AdvancedProperties (“AutoSelecPGPCiphers”, “AutoSelectPGPMAC”), default to TRUE.

• Added additional logging for CServer::Serialize method

Enhancements

• Dramatically reduced the amount of Event Driven Changes that must be versioned and propagated when we handle ClientLoggedIn and ClienLogged events (Date granularity rather than time).

• Improved interoperability issue with BouncyCastle

• Update SSL lib to 1.0.2h

• External participants in LDAP site Workspace are now able to reset password

Fixes

• PASV Port utilized being logged incorrectly in ex.log

• EFT does not properly log the last invalid login before auto ban via SFTP

• Crash when deleting a Folder Monitor rule while event rule is being executed

• Crash in the CommandAccess internals when saving command execution results to log file

• EFT.log is flooded with an error when an FM folder is not accessible

• Crash in HTTP session manager

• Admin GUI hangs when attempting to stop an event rule transfer

• Inherited value of Account Security setting is not properly displayed in the ST/user level

• Remote user admins are running into runtime errors frequently

• The EFT Admin interface keeps crashing under specific scenarios. Improved resilience.

• If display text size is set to 125% or 150%, some options such as "next" and "finish" are pushed off and no longer visible. There appears to be scaling issue with larger text size enabled.

• Cannot access the IP Ban list via remote admin, system locks out and says "Ban IP list not available"

• Failed Event Rule downloads using Wildcard do not appear in status tab

• Event rules are not alphabetically sorted in the event rule folder

• Unable to open AWE task builder if file "EFT" exists in path of installation

• GSAWE.exe process has a deadlock

• AD/LDAP: Incorrect login names lock EFT up for a long time.

• Unable to switch client's two-factor auth setting on PCI site

• Complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process was causing a hang when done incorrectly.

• Disallow using FTP Auto mode for client transfers through DMZ Gateway as SOCKS proxy

• SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth

• "Rename transferred file to"-function is not working when destination file size/crc is equal to the original value

• EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols.

• Unable to switch client's two-factor auth setting on PCI site via COM script

• The Test Button on the Connection Profiles does not connect when using DMZ as Proxy

• Unable to export event rules with stop-action set to "Stop processing this and more rules"

• Cannot edit comments when event rules viewed through event rule folder

• Event timer calculate wrong next run time at begin DST hour

• EFT may crash when FM rule sweeps a folder and admin edits that rule.

• Event Rule Load Balancer threads are blocking for extended periods of time.

• High CPU usage with a lot of user connections

• Deadlock occurrence during load balanced event rule startup.

• Deadlock in EventRuleQueue in clustered EFT

• When making changes to event rule comments via AI, the service hangs and the nodes get out of sync

• Crash when stopping site on 1 node and trying to log into admin GUI

• Crash on startup due to mixed HA status tracking

• Event rules are being load balanced when they shouldn’t be

• Unhandled exception while performing back up

• MTC crashes the EFT Service when attempting to use a custom branding

• If the PGP key name is more than ~30 characters it is cut off in the OpenPGP action dialog.

• The “Enable Compression” button was non-functional and would always auto-select compression setting from the public key.

• SSL FIPS subsystem breaks down disabling users from establishing SSL connections (HTTPS and FTPS)

• Unable to download EFTClient.txt when using HTTP protocol

• Specific characters are truncating EFT emails

• The ChangePassword.htm file is always being served up from the web/public folder instead of the web/custom/<sitename> folder

April 2016

Version 7.3.0

April 25, 2016

New Features

• Added FAST protocol to copy/move/download event rule actions for accelerating transfers over high-latency connections between EFT servers.

• Added scClient for accelerating client-to-server transfers over high-latency connections.

Enhancements

• Provided mechanism for external Workspace participants in LDAP site to reset password.Upgraded PGP library.

• Protocols - FTP/S:

• Set default FTP "ReplaceBackslash" advanced property to true.

Fixes

• Fixed issue where incorrect login names cause EFT to hang.

• Fixed a potential EFT Service crash.

• Corrected "Enterprise-only" Help references to Folder Monitor, Timer Event, and File Transfer Client.

• Fixed display issues for proxy settings on Windows Server 2008 R2.

• Fixed display issues for PGP key names greater than ~30 characters in the OpenPGP action dialog.

• Relaxed field validation on proxy settings that aren't in use.

• Fixed inability to switch client's two-factor auth setting on PCI site.

• Fixed inability to switch client's two-factor auth setting on PCI site via COM script.

• AD Auth, complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process is causing a hang when done incorrectly.

• Fixed event rule prioritization.

• Fixed logic flow issues for File offload/download rules using Socks.

• Fixed a potential crash associated with FM rule sweeping a folder while admin is editing the same rule.

• Fixed a potential crash that occurs when deleting an FM rule while it's executing.

• Fixed a deadlock in EventRuleQueue EFT HA.

• Corrected erroneous event rule load balancing.

• Fixed a potential HA node crash related to conflicting node statuses.

• Fixed a potential EFT service crash for HA environments.

February 2016

Version 7.2.1

February 15, 2016

New Features

• Added support for RSA-authenticated sites to also request user passwords in a two-step authentication model, enabled via registry

• Added support for EFT COM Admin interface connections from 64-bit processes

• Added context variables TRANSFER.RATE_KBPS, TRANSFER.BYTES, and TRANSFER.SECONDS to event rule actions

• Added per-user, per-file metadata operations to Workspaces

• Added expiration to Workspaces

• Added administrative option to enable Workspace expiration

• Added ability for Workspace creators to set an expiration date on WorkspacesAdded "On Workspace Expired" event

• Added detailed auditing of file and folder operations within Workspaces

• Added per-user, per-file metadata operations to Workspaces

• Allow LDAP and AD Workspace creators to invite external guests

• Added ability through Event Rules to notify Workspace owner when a file is uploaded

• Added Workspace notification email (templated) when adding participant via Admin console

• Added context variable (and condition variable) WORKSPACE.OWNER_EMAIL to WS-related and FS-related events

• Added handling for an OnTimer exception which caused the admin console to disconnect from EFT Server

• Added support for Workspaces REST API 100-Continue header, per HTTP 1.1 specification

Enhancements

• Improved performance with extremely large password dictionaries

• Enabled scrolling to view full event rule descriptions

• Improved performance of HA mode under high volume of login operations

• Updated SSL libraries to latest stable release

• Updated SSH HMACs to include SHA-256 and SHA-512

• Improved performance of rendering contents of a folder that contains a large number (>500) subfolders.

• Improved performance of searching within a folder that contains a large number (>500) subfolders.

• Improved auditing and reporting of Workspaces activities

Fixes

• Fixed a problem where permissions for a user were lost when changing the case of the SAMAccountName and had to be re-added

• Fixed a problem where admin permissions were mistakenly removed

• Fixed broken inheritance of permission groups for first logged in clients

• Fixed a problem where errors were generated during backup because deleted certificate files were being searched for

• Fixed admin console crash occurring when refreshing the VFS tab

• Fixed a problem where the admin console crashes upon site creation when the default template home folder setting is discarded

• Fixed a problem where the home folder is incorrectly set to the previously used entry during user creation

• Fixed an issue where right-clicking user\show VFS is not functioning properly in some environments

• Fixed a problem where a user could not be deleted from a site if the server is not located in the first server group

• Fixed an issue where, during manual module registration, the wizard becomes unresponsive

• Fixed broken AWE task search functionality

• Fixed a problem where the ARM connection test generated an error in the Windows Event Log

• Fixed a bug where the COM method ICEventRule.SetHASchedulingParams seems to work for any event rule type and non-HA EFT installations

• Fixed a problem where the ICIAutobanIPAccessRule.BannedIPs COM property shows as empty when the admin console shows addresses on the IP ban list.

• Changed the event rule folder naming convention to follow that of event rules

• Event rules are now alphabetically sorted in event rule folders

• Fixed a bug where the apply option was not enabled at the event rule folder level when event rules were either enabled or disabled

• Fixed an issue where timer rules skipped their scheduled execution time due to delays caused by the retry logic of ClientFTP

• Corrected the display of comments for imported event rules

• HA secondary nodes now verify that the ftp.cfg file can be found during install

• Fixed a case where the backup list got an invalid value.

• Disabled option to use local system accounts when in HA mode

• No longer backing up all user data from site root for HA installations

• Scheduled PGP decrypt/encrypt event rule settings must now be supplied with the full file path instead of just the virtual path

• Fixed a problem where PGP private key passphrases were appearing in plain text in EFT.log

• Fixed a problem where a site's max concurrent socket connections policy could be broken in high concurrency situations

• Corrected an issue where SSL options were not being updated

• SSL sessions are now being reused

• Fixed the OPTS MLST feature (FTP/S)

• Fix a problem where EFT was not returning any type of error When issuing an "ls" command on a non-existent directory

• Made return codes for maximum Windows file path exceeded errors consistent in HTTP responses

• HTTPS offload transfers always failed when connection timeout set to 0

• Now greying out HTTP proxy setting when selecting SFTP protocol in the offload configuration wizard (event rule) since SFTP is only supported through Socks 5 proxies

• Fixed a problem where generated SSL key files cannot be assigned as SFTP keys

• Unified failure messages returned on failed SFTP authentication attempts to avoid user account enumeration

• Disabled default use of diffie-hellman-group1-sha1 key exchange, now enabled only via registry

• Fixed the file upload button on the tool bar

• Fixed the folder upload button when running in Chrome

• Fixed the filter button on the tool bar

• Fixed an issue with the refresh button

• Resend Workspace invitation will now work as expected

October 2015

Version 7.2.0

October 27, 2015

New Features

• Added registry setting ExcludeVFolderInQuotaCalc to exclude virtual folders from quota calculations

• Added event rule folders which support one level deep folder organization of event rules

• Added connection profiles which allow definitions of host interfaces that can be referenced inside event rules

• Added file/folder event rule actions (create, delete, rename)

• Added compress/decompress event rule actions

• Added "Invoke Web Service" event rule action

• Added "If File Exists" event rule condition

• Added event rule import/export capability

• Added event rule change log to maintain modification history of event rules

• Added new role "Event Rule Administrator" that can be granted access to specific event rules, AWE tasks, custom commands, and connection profiles

• Added server credential verification in Offload events for validating SSL certs and/or SSH keys of remote servers

• Added folder browse control within the offload action builder

• Added enhanced event rule logging to allow logging targeting a specific site or rule

• Added registry setting ExecuteTransferActionsInParallel enable/disable parallelization of all contiguous offload actions (upload/download/move)

• Added restore for HA mode configurations allowing a restore from backup when running in HA mode

• Added backup run-on node list for event rule load balancing

• Added registry setting DisableEFSChecksForPCIReport to bypass EFS checks when running PCI DSS report

• Added support for navigating directories via the browser’s back and forward buttons

• Added the ability to be directly deposited into a specified directory via a link

• Added support for viewing Workspace invitation statuses in the “Edit Workspace Participants” dialog

• Added the ability to resend pending Workspace invitations from the “Edit Workspace Participants” dialog

• Added text in the “Edit Workspace Participants” dialog to convey the fact that no users are collaborating in the Workspace for shared folders in which all collaborators have been removed

• Added localization mechanisms to facilitate the custom addition of additional languages

• Added German and Dutch translations

• Added support for WCAG Guideline 1.1

• Added a configuration file variable to disable CRC in the event upload verifications are not required

• Added configuration file variables to specify custom default Workspace sharing permissions for user-initiated folder sharing

Enhancements

• Improved performance of ODBC user synchronization process when there are many new users

• (ARM)Improved speed of ARM queries used for time-range based reports

• Redesigned WTC interface to enhance usability and aesthetics. All file and folder operations are now displayed in the newly added toolbar

• Upgraded OpenSSL to fix a high severity vulnerability

• Upgraded OpenPGP library to improve configuration flexibility and compatibility with other implementations

• Made SFTP and FTPS logging consistent with previous EFT Server releases

• Remove legacy behavior of caching the IP address of the last successfully connected host

Fixes

• Fixed improper inheritance of initial password reset option

• Fixed a problem where the EFT service hangs at startup and is unable to connect to the EFT console until after a restart

• Fixed a problem where EFT was responding with “no such file or directory” when a “cd ..” command was performed on the root directory

• Fixed a problem where EFT was not respecting the ReplaceExistingOnRename registry setting

• Fixed a problem where negative “days remaining” was being sent to users in the expiration email reminder

• Fixed a problem where logging in “change password” administrators are improperly shown the VFS view from the server tab

• Fixed a problem where EFT Server crashes when authenticating a user with a DES style password

• (AWE)Fixed a problem where the value of %FS.FILE_SIZE% was not maintained after executing an AWE command that deleted or removed the file from the source directory

• (AWE)Fixed an issue where the Running AW Task limit was not being respected

• (ARM)Fixed a problem where EFT was using an unsupported key length longer than 30 digits when creating an Oracle ARM database

• (ARM)Fixed an issue where running reports via an event rule caused extreme memory usage and eventual crash of the EFT service

• (ARM)Fixed a problem where relevant information was not being logged by the ARM queue stats logger

• Fixed a problem where AD sites do not list the principal name of users if they login before EFT pulls users from the AD server

• Fixed an issue where automatically creating a home folder for new LDAP users only worked if the site’s users had been synced

• Fixed a problem where a LDAP user’s permissions were lost when the case of the user’s name was changed on the AD server

• Fixed a problem where LDAP users can't change their password when a 389 Directory Server is used

• Fixed a crash that occurred when removing users from an ODBC site

• Fixed a problem where ODBC sites were allowing creation and authentication of usernames containing trailing spaces

• Fixed a problem where existing users on an ODBC site could not be moved to a different settings template using either the Admin console or COM API

• Fixed an issue where the provisioning of user accounts through EFT Server’s COM API was taking longer than it did in previous releases

• Fixed a problem where the CISite.IsFolderVirtual COM method works incorrectly after a call to CISite.GetFolderList

• Fixed a problem where the ICIFolderMonitorEventRuleParams::PollIntervalSeconds property could not be set with a value exceeding 9999

• Fixed an issue where download actions incorrectly interpret destination paths when the file name is explicitly given using %SOURCE.FILE_NAME%

• Removed spurious On User Account Disabled event triggers happening when users were deleted

• Fixed an issue in the timer scheduler dialog where if “Every weekday” is selected, “Every X day(s)” will still affect the holiday/runtime calendar

• Fixed a problem where the EFT service would crash when removing an event rule

• Fixed a problem where folder sweep was crashing the EFT service when the rule was canceled during execution

• Fixed an issue where starting nodes in clusters under high load would cause them to become out-of-sync

• Fixed a problem where EFT Server deployed in a HA environment had excessive memory usage when experiencing a high user connect/disconnect rate

• Fixed the double execution of Folder Monitor event rules under certain conditions when in HA mode

• Fixed an issue where EFT Server was experiencing unusually high CPU usage in a clustered environment

• Fixed deadlock occurring when EFT is deployed in a clustered environment

• Fixed a problem where EFT was returning a zero exit code upon failure to access the shared configuration folder at startup which precluded a periodic restart/retry by the Service Control Manager

• Fixed a problem where PGP decryption actions in a folder monitor rule were creating 0 length files if the file was encrypted with a different key

• Fixed a problem where files encrypted by EFT Server when compression is enabled could not be decrypted by Ipswitch WS_FTP Professional 12.4.1

• Fixed a problem where PGP keyring files were empty after upgrading from EFT 6.4.x/6.5.x

• Fixed a problem where PGP encrypted files lack a reference to the original filename in the literal data packet

• Fixed a problem where the EPSV command does not complete successfully when a client tries to connect to EFT Server through the DMZ Gateway

• Fixed a problem where EFT fails to recognize FTP commands that use a double slash in the path reference

• Fixed an issue where files being actively uploaded over SFTP could be viewed on disk over a separate FTP connection

• Fixed issues with the FTP PASV port selection algorithm

• Fixed a command socket race condition

• Fixed a problem where EFT Server should have been reporting an error when attempting to download a file over FTP using an offset greater than the length of the file

• Improved consistency of return codes when the maximum Windows file path length is exceeded in the HTTPS interface

• Fixed a problem where event rules were creating 0 length files when unsuccessfully downloading over HTTP/S from Oracle and IIS HTTP/S servers

• Fixed a problem where the status tab was incorrectly showing 0B and 0bps for files downloaded via HTTP/S event rules

• Removed erroneous trailing slashes on folder names in SFTP PWD and CD requests

• Fixed a problem where the "Preserve Remote timestamp for downloaded files" setting was not working for SFTP

• Fixed a problem where severe memory fragmentation due to heavy SFTP load was causing EFT Server to crash

• Fixed a problem where EFT was responding with the error "SFTP21 module was not initialized" for SFTP outbound connections

• Fixed a memory leak in SFTP

• Fixed an issue with inconsistent file sizes in the EX logs for files download through SFTP

• Fixed an issue where SFTP was using local server time instead of UTC

• Fixed an access denied error in the SAT send page that occurred when trying to send mail and the adhoc administrator is not a full administrator

• Fixed a crash occurring when EFT was validating CSRF tokens

• Fixed a problem where attempts to spoof the CSRF token could crash EFT

• Fixed a problem where EFT was responding with "HTTP/1.1 412 Precondition Failed" when attempting to open remote files in the Java based WTC

• Renamed the “Joined Workspaces” folder tree to “Shared with Me” to facilitate easier user recognition

• Extra spaces are trimed from usernames when copying/pasting into the login page username field to avoid login errors

• Fixed a problem with the WTC where prepending or appending a slash onto a folder name when creating it caused the listing pane to go blank

• Fixed an issue where new workspace invitees were redirected to a 404 error page when the initial password reset option is on

• Fixed an issue where renamed Workspace folders failed to display the updated folder name in collaborators’ views

• Increased the AJAX timeout limit to 4 minutes to lessen the likelihood of errors during large file uploads

• Fixed an issue where the UI would only partially render when logging in under certain conditions

• Improved formatting for improperly-handled transfer pane errors

• Resolved an issue where users would temporarily see Workspaces elements even when the feature was disabled

• Fixed an issue where users removed from a Workspace would still appear in the “Edit Workspace Participants” dialog

• Fixed an issue where uploads of 0-byte files failed the verification process

• Fixed an issue where spaces in file names where replaced with “%20” encoding when uploading via Safari

• Fixed an issue where the sharing banner failed to appear when creating a Workspace from within the directory

• Resolved an issue where the transfer pane queue tabs failed to expand and collapse under certain conditions

• Fixed an issue where global search terms were retained as a file list filter after disabling global search and failed to show in the search bar

• Fixed an issue where uploads interrupted manually or due to a network interruption required manual user intervention upon resume

• Fixed an issue where a timeout would occur with an upload in progress

• Resolved an issue where the layout would break if the user’s password was nearing expiration

• Fixed an issue where the multiple file download feature failed to download all files for selections in excess of approximately 75 items

• Addressed a cross-site scripting vulnerability in the folder creation modal

• Fixed a problem where IE8 and IE9 were not able to use single click URLs to download or save files

• Fixed site specific workspace invitation templates

Version 7.1.5

October 23, 2015

New Features

• Added Advanced Property to ignore virtual folders during quota calculation

Enhancements

• Improved CPU usage

• Restored reference to original filename in literal data packet

• Corrected connectivity issue related to port used for data connection in PORT mode

Fixes

• Fixed enforcement of running task limit

• Fixed key length problem in Oracle database implementation

• Removed capability of creating users with trailing spaces following their username (ODBC)

• Fixed bug in ODBC that disallowed moving users between Settings Templates

• Remediated potential service crash due to corrupted buffers in Folder Monitor

• Remediated potential service crash during Event Rule removal

• Fixed service crash due to internal race condition

• Fixed potential crash upon admin connection related to empty permission list in root site folder

• Fixed logging inconsistencies between EFT 6.5 and EFT 7

• Fixed broken inheritance from Settings Template to User-level “Force users to change their first-time password…” setting

• Fixed EPSV command problems over DMZ Gateway

• Restored support for commands preceded by double slash

• Fixed occasional data socket failures in PASV mode

• Fixed inconsistent file sizes in the EX logs when downloading files

• Restored 0 byte upload logging

• Fixed bug where local server time was being used instead of UTC

• Fixed potential crash during CSRF token evaluation

• Fixed server crash related to Opera and other browsers connecting

• Fixed UTF8 encoding of filename in uploads from IE11

• Fixed browser sticking during upload verification on moved file

• Fixed broken page displayed when password expiration was enabled

• Improved skip / overwrite prompt

• Fixed redirect for 404 on Workspace invitations when initial password reset option is ON

• Fixed forwarding when WTC is disabled for a particular user

July 2015

Version 7.1.3

July 22, 2015

Enhancements

• Upgraded OpenSSL to mitigate vulnerability CVE-2015-1793: https://www.openssl.org/news/vulnerabilities.html#2015-1793

• Improved resilience to loss of HA Mastership

• Improved recovery from scenario where no node is master

• Updated OpenPGP to latest /n software libraries

Fixes

• Decrypting PGP files with folder monitoring created 0kb files if the PGP file was encrypted with a different key

• Corrected potential deadlock in clustered environment.

• Fixed bug where PGP encryption algorithm was set to AES128 regardless of the public key cipher used.

• Fixed a scenario where Ipswitch WS_FTP Professional 12.4.1 failed to decrypt files encrypted by EFT Server 7.0.x with compression enabled.

• Alleviated potential for PGP keyring files to become empty after upgrading to EFT 7.x from EFT 6.4.x/6.5.x

• Fixed an issue where SSL Compatibility Allowed Versions would be changed during SMB to Enterprise upgrades.

• Corrected EFT service crash scenario when specific HTTP/S client connected.

• Eliminated memory leak scenario in SFTP.

June 2015

Version 7.1.2

June 24, 2015

New Features

• Added registry value for "SFTPProcessThreadStackSize" and changed default stack size to 512Kb

• Added a boolean AdvancedProperty to bypass EFS Checks when running PCI DSS report

• Added support for SHA-512 passwords over FTP

Enhancements

• Improved performance of VFS management

• Improved search function in Admin UI

• Mitigated hang in Status Viewer when connected to ARM database

• Improved performance for ODBC synchronization

• Improved Move/Copy action error code accuracy

• Reduce CPU utilization with large volume of user connections on HA EFT cluster

• Improved startup synchronization for clusters under high load

• Improved CPU utilization during CreateWorkspace request

• Expand support SHA-512 hashed passwords to HA mode

Fixes

• Fixed server hang at startup requiring service restart to connect to Admin UI

• Fixed manual registration

• Revoked site admin permission to retrieve ARM password via COM

• Fixed issues during account creation on AD sites set to use User Principal Name

• Automatically create home folder for new users even when LDAP hasn't been synced

• Fixed date parsing in ClientFTP LIST command for AS/400-like servers

• Corrected ClientFTP port selection in active mode

• Addressed client connection failures

• Fixed CISite.IsFolderVirtual behavior after call to CISite.GetFolderList

• Addressed Folder Monitor double executions

• Fixed registry override to replace a folder/file with the same name

• Stop caching IP address of last successfully connected host

March 2015

Version 7.1.0

March 02, 2015

New Features

• Added EFT Workspaces, a collaboration tool to allow users to easily share files and folders

• Added mechanism for importing accounts with SHA-512-hashed passwords

• Added advanced property for controlling HTTP request type for CIC actions

• Added wildcard support for CIC actions

• Added controls for users to share folders as Workspaces and control participants' permissions

• Created a registration page for users invited to participate in Workspaces

• Added multi-file download option

• Added ex logging for HTML5 client uploads

Enhancements

• Changed default report type from HTML to PDF

• Improved performance of VFS management

• Improved feedback on AJAX request problems when they occur

• Improved feedback for failed upload verifications

• Improved Ctrl+F "Search" function

• Improved accuracy of HA node status tab

Fixes

• Removed redundant Windows event log error for EFT 7 trial expiration

• Fixed bug where email notification reminder is sent despite option being disabled

• Resolved a performance issue where the Transfer Engine was requesting too much information when connecting to Admin Interface

• Fixed GUI bug where VFS Tab was not jumping to usernames when trying to add a user

• Corrected virtual folder display problems in Admin InterfaceFixed broken filters for “AS2 – Transaction Overview” report

• Corrected entries for ReportPort and LocalPort in tbl_Authentications

• Fixed bug where home folder was created and replaced on first login despite already being configured

• (AS2, Enterprise only) Resolved an error generated every time the user DB is refreshed: "Remap user's home directory failed: client home directory is root"

• Fixed a bug that occasionally caused EFT 7.0.3.10 to crash when removing users from an ODBC site

• Restored COM API change password functionality

• Fixed SSHFIPSEnabled COM method, which was interacting with the SSL settings rather than SSH settings

• Fixed issue where CIC Report contained truncated x-header information

• Cleaned up horizontal scroll appearance mechanism in CIC before it's needed

• Fixed a potential EFT crash in event rule execution

• Restored event rule e-mail override functionality

• Fixed service crash triggered by FM event rule removal during folder sweep

• Fixed bug where Folder Monitor always followed synchronous logic flow

• Fixed bug where custom commands' "if action failed" block wasn't being triggered

• Addressed an issue where HA Folder monitor rules could sometimes runs twice

• Fixed loss of custom account details on 6.5 to 7.0 upgrade

• Restored population of %FS.PATH% and %FS.VIRTUAL_PATH% context variables from Mail Express transactions

• Fixed bug where 0KB files were not deleted in PGP event rules

• Corrected change in ex.log entries FTP/S and SFTP paths were no longer relative to the root

• Restored trailing slash for FTP PWD

• Removed redundant slash from FTP paths

• Fixed bug where EFT Client FTP was choosing the wrong port in active mode

• Fixed Client FTP parsing issues for "LIST" command on AS/400-like servers

• Fixed bug where "local server time" was not being used

• Resolved EFT crash related to processing invalid MLST command

• Fixed issue where 'SIZE /' returns 501 rather than '550 - File not found'

• Made uniform return codes when maximum Windows File Path is exceeded in HTTPS

• Fixed vulnerability in SFTP due to out of memory crash

• Restored "Preserve Remote timestamp for downloaded files" functionality for SFTP

• Removed erroneous "folder not found" SFTP errors from status tab

• Fixed a bug preventing generated SSL Key file being assigned as SFTP key

• Restored logging for 0 byte uploads over SFTP

• Re-enabled use of backslash when changing directories with SFTP

• Restored On File Upload event rule trigger for zero byte SFTP uploads

• Removed extra comma in SSH_MSG_KEXINIT exchange when last cipher and MAC were not selected

• Fixed bug where EFT would disallow HEAD requests for users without Download permission

• Re-enabled CRC verification where it wouldn't work with EFS enabled

• Web Interfaces – Web Transfer Client (Java)

• Fixed WTC Java password change redirection to return to WTC Java instead of HTML5 client

• Stopped app from timing out during long uploads

• Fixed display issue with UTF-8 characters in Internet Explorer

• Restored file upload functionality for WTC Basic in Internet Explorer

October 2014

Version 7.0.3, R2

October 24, 2014

Enhancements

• Updated PCI report for PCI DSS by adding SSLv3 protocol checking to section 4.1 that will prompt a warning

• Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities

• Set SSLv3 to off by default for new installations in response to POODLE vulnerability

• Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities

• Set SSLv3 to off by default for new installations in response to POODLE vulnerability

Version 7.0.3 R1

Mon, 10/13/2014

New Features

• Added Content Integrity Control module and Event Rule action

• Added AD and LDAP support in high availability installations

• Added default Event Rule load balancing settings for active-active clusters

• Added cluster information to Status tab for active-active cluster nodes

• Added ability to refresh and keep user logged in

• Added an indicator to illustrate that Global Search is "loading" when enabled

• Added simple mechanism for issuing a Terms & Conditions acceptance dialog to end users

• Enabled the "If Using Web Transfer Client" condition in EFT's Event Rules for the HTML5 WTC

• Enabled On File Upload for HTML5 WTC

• Enabled On Verified File Upload for HTML5 Advanced WTC

• Enabled uploads of large files, with up to 20GB tested

Enhancements

• Changed Single-click URLs and single sign-on to use the HTML5 WTC instead of the Java WTC

• Created an upgrader to facilitate upgrading the WTC without upgrading EFT

• Improved performance of uploads in all supported browsers

• Removed notification in "basic" HTML5 WTC that previously alerted users no licenses were available

• Improved performance of RESTORE operation

Fixes

• Fixed issue where invalid home folder path results in corrupt ftp.cfg when upgrading from 6.5 to 7.x

• Fixed a problem where adding users to a newly created Permission Groups fails with a message "Operation Failed"

• Fixed an issue where "Show VFS Home folder" command not working for virtual folders

• Fixed a problem where EFT 7.0 fails to load a 6.4 configuration on upgrade

• Disabled "Create User Group" option for user-level admins

• Fixed a problem where config backup wouldn't gracefully disconnect admin during backup

• Fixed a problem where EFT logged every connect/disconnect to the server

• Fixed a problem where "Browse VFS" dialog returned wrong path results in "Access Denied" message box

• Fixed problem where renamed permission group fails to propagate new name to Folder Permissions list in VFS Tab

• Fixed a problem where EFT logged that it was serializing the EFT.cfg file upon every client connect

• Fixed a problem where SSH Server would not throttle bandwidth for connecting clients

• Restored ability to Delete/Modify virtual folder in EFT VFS when physically deleted or inaccessible

• Fixed a problem where a “User Admin” or “Change Password Admin” disabling a single account caused EFT to mark all user accounts the admin has access to as Updated

• Fixed a problem where a new user's home folder is set to "/" even when "Automatically create a home folder for new users" is not selected

• Fixed a GUI crash caused by an admin level "User" being unable to access VFS

• Fixed Help> About of MTC Registration where it previously showed 0 licenses

• Fixed an issue where under certain conditions expanding a node in the VFS Folder tree displays a persistent hourglass node with the text "Loading" that requires further interaction before going away

• Fixed an issue where UI doesn't update properly when switching between settings templates and users

• Fixed formatting error in Security Failed Logins report

• Fixed a problem where upgrading to EFT 7 caused "Activity - By File Report" to not return files that were uploaded and then processed with "File Uploaded" event rule

• Addressed cases where ARM failed to audit the parameters of some event actions

• Fixed issue where AD Accounts in a child domain cannot connect to EFT over SFTP, while other protocols worked correctly

• Fixed special character handling for AD Auth site's Domain and Group fields

• Fixed issue where upgrades involving AD Sites with virtual directories broke user folder permissions

• Fixed issue where AD physical home folder assignments had changed in 7.0

• Fixed a problem where AD user accounts didn't update on service restart in HA mode

• Fixed an issue where AD Password Expiration notifications were sent when corresponding feature was disabled by default

• Fixed timeout when creating AD Sites with 150K + users

• Fixed LDAP issues when poorly connected/low performance server was in use

• Fixed reduction of ODBC synchronization process performance

• Fixed a problem where CreateUserEx call for an ODBC site is 3-4x slower on average compared to 6.5

• Fixed an issue where site admins could obtain ARM password via COM

• Improved usability of event rule function: rule.GetHASchedulingParams()

• Removed ability to add a non-existent AWE task to an event rule

• Fixed a problem where Download actions did not work if username length is 40 or more characters and used mask in source path.

• Fixed a problem where FM failed to move all files in HA configurations

• Fixed an issue with "Monthly" and "Yearly" timers not working correctly in 7.0

• Addressed a problem where scheduled event rules periodically stop working after upgrading to EFT 7

• Fixed an issue where failure to deliver event is not being logged

• Fixed a problem where event rules weren't executing on fully qualified domain names

• Addressed scenario where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message

• Fixed a problem where an event rule couldn't utilise the Settings Template condition

• Fixed issue where additional items were added to the registry after a backup & restore

• Fixed node name in error message when opening up a 2nd Admin console in an HA environment

• Fixed a problem where Certificate Signing Utility returned "Error. Request not signed." error

• Corrected issue where literal 'CWD ..' while in the root folder will return 501 syntax error

• Added filenames and corrected incorrect port number in u_ex log file

• Corrected issue where "ls filename" command responds with a 550 permission denied message

• Fixed issue where incorrectly configured FTP port range heavily raised CPU usage and broke passive mode with no errors

• Restored ability to use backslash when changing directories with FTP

• Fixed a problem where Rename Transferred Files option does not work in event rules over SFTP

• Fixed issue where tbl_Protocol_commands does not record creation of Folders from WTC when folders are copied

• Restored Web Session Timeout registry override units to minutes (6.5) instead of seconds (7.0)

• Fixed a problem where HTTP redirection to built-in pages (login, change password, etc.) failed to work behind NLB or WAF even when X-ORIGINAL-PROTOCOL: https was used

• Fixed problem where users are unable to create new folders using PTC upon initial login

August 2014

Version 7.0.1

August 11, 2014

New Features

• Added HTTP CRC calculation logging

Enhancements

• Improved performance of restore operation

• Improved Backup Configuration performance and stability

• (WTC/Workspaces) Upgraded Jument to 1.0.1 build 3

• New text for login error on Web interface

Fixes

• Fixed a bug where EFT would send AD Password Expiration notifications when corresponding feature should be disabled by default

• Fixed a problem where EFT logged sensitive information to EFT.log in specific cases

• Fixed a memory leak related to FIPS SSL

• Fixed a bug where ARM failed to audit the parameters of some event actions

• Addressed a scenario that caused a failure to upgrade Oracle database

• Fixed a bug related to new user creation, where the home folder for the user was automatically assigned to be / even when "Automatically create a home folder for new users" was not selected.

• Addressed a scenario where EFT may crash in high load when ODBC authentication is used.

• Refined usability of event rule function: rule.GetHASchedulingParams()

• Addressed EFT hang during DMZ use.

• Addressed issue where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message.

• (AS2, Enterprise only) Fixed issue where testing an AS2 connection via a proxy when a DMZ server is offline would cause the GUI to timeout.

• Refined behavior of Restore from Backup button in the new site wizard to operate intuitively.

• Corrected issue where EFT incorrectly balanced FM events with long file names

• Addressed crash in HA when deleting HA timer rule

• Addressed scenarios where EFT 7.0 may fail to upgrade from 6.5 when a client had incorrect home folder

• Fixed EFT service memory leak and crash while using literal site command to call custom command via FTP protocol

• Fixed EFT service crash when using literal X-CRC command

• Fixed bug where SFTP created incorrect folder listing which may cause problems for some SFTP clients.

• Fixed bug where Web Services was not accessible via web browser. 404 returned.

• Corrected HTTP redirection to built-in pages (login, change password, etc.).

• Refined per-Site customization of Web interfaces to work as expected

June 2014

Version 7.0.0

July 03, 2014

New Features

• Added High Availability (HA) mode of operation for active-active failover and load balancing without requiring Windows Clustering Services nor Veritas Clustering

• Added support for High Availability configuration

• Added High Availability reports to group output by cluster node performing the activity

• Added support for HA installation mode, including enabling required Windows features to support message queuing

• Provided command line installation options for HA configuration

• Added support for load balancing Folder Monitor and Timer event rules in HA mode

• Added new HTML5-based Web Transfer Client to provide similar functionality to Java applet with fewer deployment problems

• Added self-healing ARM connections

• Added end time to ARM database to record when an event action stopped in addition to its start time, which had already been recorded

• Provided command line installation options for serial number (activation) entry

Enhancements

• Updated OpenSSL library to version 0.9.8za

• Updated OpenPGP library

• Enable Large Address Aware feature so that EFT Service process can access up to 4GB memory

• Updated password hashing mechanism to use salted, iterated PBKDF generation to improve security

• Updated PCI/DSS module to audit compliance with PCI DSS v3

• Improved skipped file handling during Event Rule Offload action

• Improved CRC checksum calculations efficiency for files on high latency links to network share

• Increased default ARM queue size to 1000

• Improved handling of asynchronous Custom Command and AWE Task execution for deterministic, reliable behavior under load

Fixes

• Fixed scenario where a Folder Monitor rule set to trigger with both ‘Folder Change Notification’ and 'Folder Sweep' turned on may stop processing new files.

• Updated GUID generation to use sequential GUIDs to reduce index page fragmentation

February 2014

Version 6.5.16

February 26, 2014

New Features

• Added support for Mobile Transfer Client (MTC) access

• Added support for defining MTC security policies

• Added support for using SSL certificates for outbound AS2 transfers for cert-based auth

Enhancements

• Enhanced send login credentials email to use templating engine for dynamically building content

Fixes

• Private patch 6.5.15

  • Fixed bug where permission groups assigned to the last created user were also assigned to the next created user

• Private patch 6.5.14

  • Fixed a failure to comply with RFC 2616 - message body was being returned for HEAD requests

  • Fixed a bug where AWE workflows would come up blank if the Site is stopped at server startup

• Private patch 6.5.13

  • Fixed memory leaks in LDAP authentication manager and SSL communications

• Private patch 6.5.12

  • Fixed a socket leak when using DMZ Gateway as an outbound proxy

  • Fixed crash or hang that would occur on transferring 9GB+ files over AS2

  • Fixed Java security warning popups that would occur when using WTC and SAT modules

• Private patch 6.5.11

  • Added registry key override to set default upload/download skip behavior

  • Fixed crash that would occur if an “open file” call was ignored by the target file storage device

• Private patch 6.5.10

  • Fixed problem where some VFS folders were hidden from the administrator interface on upgrade

• Private patch 6.5.9

  • Fixed a Site startup failure on upgrade from EFT 6.4 if the legacy private key had a null passphrase

  • Fixed upgrade from 6.4 issue where accounts were disabled in error

• Private patch 6.5.8

  • Fixed AS2 file size limitation bug where file size was correlated with available memory

• Private patch 6.5.7

  • Fixed bug that blocked admins from assigning more than one email to new user accounts

  • Fixed bug that disallowed account modification after upgrading from 6.4 under certain conditions

  • Fixed event rule error when %email_address% contained multiple emails

  • Fixed bug where password expiration message wouldn’t work if multiple emails were specified

• Private patch 6.5.6

  • Fixed COM bug with RemoveUserFromPermissionGroup

  • Fixed COM bug with GetPermissionGroupsOfUser()

July 2013

Version 6.5.5

July 03, 2013

Fixes

• Fixed an issue where IE8 and earlier browsers would not allow the Plain Text Client (PTC) to download files because of the caching directives used with the cache control header.

• Private patch 6.5.4

  • Fixed a server crash due to improper handling of binary MDN signatures when logging AS2 transfers.

  • Fixed an issue where the wrong port was used for inbound AS2 transactions when the client requested an Asynchronous MDN using a different port than that specified by the AS2 partner.

  • Fixed a memory leak caused by not releasing security token handles before acquiring new handle for authenticated client local transfers.

  • Fixed an issue where because of changes in Java 7u21 when loading the WTC or SAT Java displayed a "potentially unsafe components" warning dialog prompt.

• Private patch 6.5.3

  • Fixed an issue introduced in version 6.5 that caused the COM method GetVirtualFolderList to return an empty list.

  • Fixed an issue introduced in version 6.5 where the EFT Server service could stop if the COM method GetPermPathsList was called.

  • Fixed an issue introduced in version 6.5.1 where if the CISite.GetBlankPermission COM method is called with a group instead of a user an error was returned stating an invalid user was passed in.

• Private patch 6.5.2

  • Security: fixed an issue where the Virtual File System (VFS) group permissions were not properly applied. Depending on configuration this could result in user's being able to see folder's to which they did not have permission. Note that said user would still be prevented actual access to the folder.

  • Security: fixed an issue where folder permissions were improperly applied to subfolders.

  • Fixed an issue introduced in version 6.4.14 that caused uploads of files over 2GB in size using the Web Transfer Client to appear to fail with an erroneous status.

  • Fixed an issue that prevented the Folder Monitor rules that used the "renamed" trigger from functioning.

• Private patch 6.5.1

  • Added the ability to override the default internal HTTP read buffer size to improve HTTP/S upload performance in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server.

  • Added the ability to override the default reserved memory stack size for HTTP processing threads. This is an experimental feature that is intended for use in combination with increasing the HTTP read buffer size. This functionality provided greater control over memory consumption within the HTTP engine.

  • Fixed a performance issue where the Web Transfer Client Java Applet was using a 4K buffer when sending over HTTPS. A 16K buffer is now used to take full advantage of the SSL protocol record size.

  • Fixed a performance issue that could result in slow user provisioning via the COM interface in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server. Specifically, these changes improve the performance of the ICISite GetBlankPermission and SetPermission COM methods.

  • Fixed an issue introduced in version 6.4.15 that prevented uploading of files whose file size is in excess of 4GB when using the Web Transfer Client.

  • Fixed an issue in the Secure Ad hoc Transfer (SAT) Module where recipients specified in the CC and/or BCC fields would receive (1) The Password notification email when the email behavior was configured as "UsernameToRecipientAndPasswordToSender" (2) The Username and Password emails when the email behavior was configured as "UsernameAndPasswordInSeperateEmailsToSender".

  • Fixed an issue where the application would incorrectly provision a new user account if a forward-slash was included in the username within the login process.

  • Fixed an issue within the Event Rule functionality that prevented the Overwrite option from functioning for the "Download (pull) file from host" and "Copy/Move (push) file to host" Actions.

  • Fixed an issue that prevented proper expansion of VFS folders within the Administration Interface when working with a large number of folders.

Version 6.4.19

July 02, 2013

Fixes

• Fixed an issue where outbound connections through a Gateway/SOCKS proxy were not using the preferred local IP setting from the Advanced settings tab.

• Fixed an issue where because of changes in Java 7u21 when loading the WTC or SAT Java displayed a prompt warning of "potentially unsafe components."

• Private patch 6.4.18

  • Fixed an issue introduced in version 6.4.14 that caused uploads of files over 2GB in size using the Web Transfer Client to appear to fail with an erroneous status.

• Private patch 6.4.17

  • Fixed an issue introduced in version 6.4.15 that prevented uploading of files whose file size is in excess of 4GB when using the Web Transfer Client.

• Private patch 6.4.16

  • Added the ability to override the default reserved memory stack size for HTTP processing threads. This is an experimental feature that is intended for use in combination with increasing the HTTP read buffer size. This functionality provided greater control over memory consumption within the HTTP engine.

  • Fixed a performance issue that could result in slow user provisioning via the COM interface in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server. Specifically, these changes improve the performance of the ICISite GetBlankPermission and SetPermission COM methods.

• Private patch 6.4.15

  • Added the ability to override the default internal HTTP read buffer size to improve HTTP/S upload performance in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server.

• Private patch 6.4.14

  • Fixed a performance issue where the Web Transfer Client Java Applet was using a 4K buffer when sending over HTTPS. A 16K buffer is now used to take full advantage of the SSL protocol record size.

• Private patch 6.4.13

  • Added support for 128 and 256 bit AES CTR mode to the SFTP protocol

• Private patch 6.4.12

  • Fixed DMZ Gateway to use port 20 instead of port 65300 for outgoing PORT mode FTP traffic

  • Fixed Event Rule MOVE Action to delete source file on resumed transfer

• Private patch 6.4.11

  • Fixed UserDatabaseSynchronizationMode registry key to properly ignore user deletions during synchronization when in LoggingModeOnly

February 2013

Version 6.5

February 15, 2013

New Features

• Added comprehensive support for Unicode UTF-8 encoding (see help file for exceptions and special cases)

• Added 128 and 256 bit AES CTR (counter mode) ciphers for SFTP (both as server and as client)

• Added status viewer controls for stopping in-progress inbound and outbound transfers

• Added a progress percent completion indicator for transfers displayed in the status viewer (where applicable)

• Added the ability to override the limit on the number of entries in the auto-ban IP list. (KB Article)

• Added the ability to override the limit on the number of entries in the IP access rules list. (KB Article)

• Added an override for controlling the administrator interface timeout

• Added checks for administrator inactivity timeout values that exceed the 15 minutes maximum mandated by PCI DSS 8.5.15

• (COM API) Added support for specifying alternate credentials for Folder Monitors

• (COM API) Added support for specifying polling settings for Folder Monitors

• (COM API) Added additional methods to support management of existing AWE tasks

• (COM API) Added additional methods that map to new administrator interface controls, such as setting the administrator interface inactivity timeout values

• Added support for use of Virtual Path, Virtual Folder Name, Virtual Destination Path variables and conditions for Folder Monitor events

• Added persistent installer log file, located in \Installer.log

• Added check of initial EFT Server administrator account password against configured Windows password policy

• Added a database upgrader utility to facilitate auditing and reporting module (ARM) upgrades

• Added support for renaming after offload for the SFTP, HTTP, and local protocols. Was previously only available for the FTP protocol

• Added the ability to obtain (one way synch) various settings from EFT Server

• Added event rule triggering in EFT Server for Mail Express initiated transfers

• Added auditing and reporting to EFT Server for Mail Express initiated transfers

• Added a number of Mail Express specific features as documented in the Mail Express version 3.3 release notes

• Added support for IPv6 addressing when operating with Mail Express Server version 3.3 and later

• Added support for Unicode strings in the log files and xml-based configuration files

• Added support for Unicode strings in communications with EFT Server 6.5 and later

Enhancements

• Updated OpenSSL library to version 0.9.8t

• Improved administrator interface performance when managing large user bases (up to 150K users)

• Improved the administrator interface to make it clear when a setting is inherited from its parent and what the actual value of the setting is

• Added support for the AWE "Call Function" action

• Modified reporting to limit the report size to 1000 pages due to inherent limitations in the rendering system

• Modified auditing of folder monitor event rules so that the "tbl_EventRules" table "ConditionValues" column now contains additional information

• Improved cleanup of deprecated files during upgrade process

• Improved logging of installer operationsUpdated the SAT applet jar files so that they have been signed with the latest Globalscape digital signing certificate

• Bundled Mail Express alongside EFT Server as an alternative to SAT for ad hoc file transfers

• Account management page now uses standard login page rather than basic authentication

• Updated the WTC applet jar files so that they have been signed with the latest Globalscape digital signing certificate

• Upgraded the embedded Java Runtime Environment to Version 1.7.0_09

Fixes

• Included fix made in 6.4.13 private patch: Added support for 128 and 256 bit AES CTR mode to the SFTP protocol

• Included fix made in 6.4.12 private patch: DMZ Gateway to use port 20 instead of port 65300 for outgoing PORT mode FTP traffic

• Included fix made in 6.4.12 private patch: Event Rule MOVE Action to delete source file on resumed transfer

• Included fix made in 6.4.11 private patch: UserDatabaseSynchronizationMode registry key to properly ignore user deletions during synchronization when in LoggingModeOnly

• Fixed an issue where the "Authority Key Identifier" and "Subject Key Identifier" fields were not included for SSL Certificates generated or signed by the application

• Fixed minor stability issues within the applications

• Fixed a minor memory leak in SSL certificate management routines

• Fixed various performance issues related to working with a large number of user accounts

• Fixed various performance issues related to working with a large number of VFS entries

• Fixed various inconsistencies in logging configuration file (logging.cfg)

• Fixed an issue that could result in a hang if an admin logged in while a backup is in progress

• Fixed an issue where all admins would be locked out if a user with a home folder specified as a physical path was deleted

• Fixed an issue where some VFS folder rename failures were not reported in the user interface

• Fixed minor user interface inconsistencies and formatting issues

• Fixed an issue where the Status Viewer failed to open the client log file if the configured EFT Log File path contained a trailing backslash

• Fixed an issue that would cause the interface to handle if selecting or hovering over an event rule whose repeat rate was greater than or equal to 24 hours

• Fixed an issue where the QuickSearch functionality was not searching Cleanup or Backup action paths

• Fixed a potential crash that could occur when clicking Success/Fail links in the Status Viewer

• Fixed an issue where the verbose logging setting was not affecting the log verbosity

• Fixed an issue where the TextReplace function did not properly handle regex replacement

• Fixed an issue where the %FS_FILE_SIZE% event rule variable was not set for AWE tasks run from a folder monitor event rule

• Fixed an issue that prevented deletion of sample AWE tasks

• Fixed an issue where the following variables were not available to AWE tasks: Folder Monitor Failure Reason, Precise Event Time Stamp, Base File Name, Install Folder

• Fixed "No MIME-boundary found" error when operating with Templar server. This issue occurred when the MDN response does did contain the "Content-length" header

• Fixed a potential server crash due to failure to handle non-null terminated MDN strings properly

• Fixed an failure that would occur if the username+password were longer than 78 characters

• Fixed an issue where the configured HTTP Domain setting was not being used for the AS2 asynchronous MDN delivery address

• Fixed an issue where the configured AS2 proxy settings were not being used

• Fixed an issue where the report filtering configuration was not updated in the interface when switching between reports

• Fixed an issue where a stray CR/LF could cause a disconnection from an Oracle database

• Fixed an issue that prevented the creation of 5 indexes for Oracle databases

• Fixed an issue that caused erroneous error messages when running Oracle database creation scripts manually

• Fixed an issue where a null character in an HTTP GET request could cause a disconnection from the database

• Fixed an issue where files without an extension were being included in the Folder path column of the "Activity - All Transfers" report

• Fixed an issue where transfers though the PTC/WTC were not appearing in the "Activity - By Group (Detailed)" report

• Fixed an issue that could prevent reporting on AS2 transactions when running against an Oracle database

• Fixed various discrepancies in reporting of paths and filenames in report between different protocols

• Fixed an issue where the application would not reconnect to Oracle databases when receiving an ORA-03113 error

• Fixed an issue where the application would not reconnect to Oracle databases when receiving an ORA-03135 error

• Fixed an issue where the Admin Activity (Summary) report was showing successful admin connections as Denied

• Fixed an issue where the Admin Activity (Summary) report was showing the incorrect local IP when connecting via IPv6

• Fixed an issue where the custom command name was not included when auditing to the "tbl_ProtocolCommands" table

• Fixed an issue where custom commands triggered by a connected client were not auditing to the "tbl_CustomCommands" table

• Fixed an issue where the AS2 - Transactions Detailed reports were not order. They are now ordered by the transaction start time

• Fixed an issue where the Admin Activity (Summary) report was not included in the set of SQL Server reports

• Fixed inconsistencies in auditing of "PhysicalFolderName" and "FileSize" in "tbl_ProtocolCommands" table

• Fixed an issue that would prevent import of SQL log files due to failure to properly obtain the identity value of a newly inserted row

• Fixed an issue where an unused table "tbl_ResultCodes" was included in the database schema

• Fixed an issue where the default size of the internal queue used to process audit events was too small and could result in performance issues on some systems. The default size has been increased

• Fixed a performance issue where the "Refresh User Database" functionality was operational for stopped sites

• Fixed an issue where a successful password change in the account management page was inaccurately reported as an error

• Fixed an issue where the incorrect file path was used to locate custom change password error message files

• Fixed an issue where password change requests would fail with "ERROR [0x80640022] Invalid DN Syntax" error. This was due to referencing the "unicodePwd" field rather than the "userPassword" field

• Fixed a memory leak that could occur when an ODBC user had an empty home folder

• Fixed an issue that prevented outbound PWD command from working with z/OS

• Fixed a memory leak in SSL handling for FTPS and HTTPS protocols

• Fixed an issue where Copy/Move could fail for filenames containing extended ASCII characters

• Fixed an issue where the rename feature of Copy/Move could fail for local LAN

• Fixed an issue where a connection failure due to invalid credentials would use the credentials from a valid session and proceed

• Fixed an issue where files did not retain the original date modified value for LAN copies or moves

• Fixed an issue where filenames containing "[" would fail to transfer

• Fixed an issue where downloads would fail when using a wildcard when connecting to a Microsoft IIS FTP server that does UNIX Directory style listing

• Fixed an issue where move and download actions did not preserve the file creation time

• Fixed an issue where the preferred local IP setting was not being used when using the DMZ Gateway/SOCKS proxy

• Fixed minor memory leaks that could occur for SFTP offloads

• Fixed an issue where the connection retry limit was not being honored for data channel connections

• Fixed an issue where long client operations could prevent the server from stopping in a reasonable amount of time

• Fixed an issue where the application was not following RFC 3659. It was using the MDTM command to set the modified time when it should be using the MFMT command

• Fixed an issue where out of range values were misinterpreted for the Folder Monitor configuration

• Fixed an issue where the Site.DoesUsernameExist always returned false

• Fixed an issue where the CITimerEventRuleParams.DateTimeStart was not using the date provided

• Fixed an issue where communication failures for the peer notification channel were not being logged

• Changed installer so that it now ensures the DMZ Gateway Administration Interface is not running prior to making modifications

• Fixed an issue that prevented binding to interfaces if IPv4 or IPv6 support was disabled in the operating system

• Fixed an issue that would cause large delays in connection processing if a port mode connection was attempted through the DMZ Gateway and outbound connections were blocked by a firewall

• Fixed minor user interface issues in the DMZ Gateway Administration Interface

• Fixed an issue where AWE variables were not populated when the event rule is called from Web Services

• Fixed an issue where the %USER.LAST_LOGIN% was not returning the expected value when used with the "On User Disabled" event rule type

• Fixed an issue where extended ASCII characters were not supported in event rule email notifications

• Fixed an issue where %FS.PATH% variable was being allowed as the source file for an AS2 Timer Event rule. Use of this variable is now forbidden as it is not available for Timer Event rules

• Fixed a rare issue where the presence of a large number of folder monitors with the health check option enabled could crash the server

• Fixed an issue where some event rule variables would not retain their values after a "Move" step

• Fixed an issue where the Reason, FileName, VirtualPath variables were not being properly set for "On Upload Failed" events

• Fixed an issue where the thread pool used for monitoring folders would not shrink back to the default size over time

• Fixed an issue where the application installation directory was used if no working directory was specified for a custom command. Now the directory of the specified executable will be used in this case

• Fixed an issue that prevented passing event rule variables with inner spaces to compound custom command parameter

• Fixed various PCI reporting issues that were resulting in compensating controls being reported for each user. This could lead to excessively sized reports

• Fixed various minor PCI report inconsistencies and text issues

• Fixed an issue where the PCI admin interface inactivity timer would incorrectly trigger while a user was working in the AWE task editor

• Fixed an issue that prevented proper upgrade of files when the installer was run in silent mode

• Fixed an issue that prevented the SQL Server Express database from being installer when the installer was run in silent mode

• Fixed an issue where ARM would become enabled when running the installer in Repair mode

• Fixed an issue where the "Allow Log on Locally" Windows privilege was required on accounts to log in to the Admin UI when providing an explicit Windows account during the login

• Fixed an issue where the cluster installation path in the installer would not ask the user if they were installing the first node for some cases

• Fixed an issue where the initial administration user was not created within the server if a node other than the first node was started first in a cluster environment

• Fixed an issue where the ARM upgrade option was not provided when upgrading a cluster environment

• Fixed an issue that prevented proper operation on files and folders containing percent signs

• Fixed an issue that caused some successful decryptions to be reported as errors in the application log file

• Security: Fixed an issue where the SSL protocol in the FTPS and HTTPS implementations was susceptible to a client initiated SSL renegotiation denial of service attack

• Fixed an issue where the Site level data sanitization setting was not being honored for deletion of files for POST commands

• Fixed an issue where accounts whose username or password contained extended ASCII characters could not log in to the application

• Fixed an issue where communications threads were reserving more memory than required which could limit the maximum number of concurrent communications threads

• Fixed an issue where the application fails to abide by RFC 959 for conversion to NVT-STANDARD of ASCII files

• Fixed an issue where an incorrect "Reason" was determined for some disconnection events in the SFTP and HTTP/S protocols

• Security: Fixed an issue where insufficient randomness was present in the generated session tokens

• Fixed an issue where SSL sessions ids were not being tracked properly which led to inefficient SSL handling

• Fixed an issue that caused excessive CPU utilization when downloading from the server while rate limited to a small transfer rate

• Fixed a rare crash that could occur when the IP Access policy is set to deny by default and a user who has the "Change password at next login" flag enables attempts to log in

• Fixed a memory leak that could occur when using the PFX SSL certificate/key format

• Fixed an issue where HEAD and GET requests returned the wrong content length when a range was included in the request

• Fixed an issue where the range header was being incorrectly interpreted as being non-inclusive

• Fixed an issue where directory listings were incorrect in the presence of a file containing a # character

• Fixed an issue where the "Uploads per session" and "Downloads per session" transfer limits were being ignored

• Fixed an issue where a 404 error was returned for deletions if a file was currently locked. A more appropriate 503 "service unavailable" error code is now returned

• Security: Fixed an issue that allowed Active Directory users to traverse directories for which they did not have permission to access

• Security: Fixed an issue where the PASV port was not randomized if a PASV port range was not specified

• Fixed an issue where filenames with extended ASCII characters were not handled properly in listings

• Fixed an issue that prevented listing the contents of folders with special characters in the folder name

• Fixed an issue that prevented folder renames

• Fixed an issue where the STOU command failed to work correctly when user account's "Treat home folder as the users' default root folder" setting was enabled

• Fixed an issue that caused the auto-ban (DoS/Flood) detection to be too sensitive when applied to invalid FTP login attempts

• Fixed an issue where the server may send a "226 Transfer complete" message before the data connection is closed

• Fixed an issue where sending FSETSTAT or SETSTAT to the application multiple times would cause a file not found error

• Fixed an issue where the user was not being notified when no files had been attached

• Fixed an issue where SAT would fail to upload folders if the "Enable WTC" checkbox was disabled

• Fixed an issue that prevented the java applet from loading in FireFox or Chrome when using Java 7 on the client machine

• Fixed an issue where the unsigned applet jar files were erroneously located in a directory called "Signed". They are now located in a directory called "Unsigned"

• Fixed an issue where email delivery failed when operating with FirstClass ESMTP server

• Security: Fixed a minor issue where some debug and test comments were included in web application JavaScript and HTML

• Security: Fixed an issue where the web applications could be susceptible to reflected Cross Site Scripting (XSS) attacks

• Security: Fixed an issue where the machine name was included in the "Location" header for MOVE and COPY responses

• Security: Fixed a false positive issue that was causing some security scanners to report that user credentials could be changed using GET. They are in fact only changed using a POST

• Security: Fixed cache control directives for various resources to further mitigate potential security concerns

• Fixed various minor issues that could result in unexpected messages in browser debugging windows

• Fixed an issue that prevented loading of the account management page if the user account had a low transfer rate set

• Fixed an issue where users were forced to change their password again after having already changed their password using the "Lost Password" work flow

• Fixed an issue where the OpenFolder JSON response did not conform to the JSON specification

• Fixed an issue where the "Forgot Password" feature was included for unsupported authentication types: Active Directory, LDAP

• Fixed an issue where the Windows "Allow Log on Locally" privilege was required for login when explicitly supplying credentials

• Fixed minor user interface inconsistencies and formatting issues

• Fixed a file/path name rendering issue when certain special characters were present

• Fixed an issue where users were unable to clear the filter after filtering by size

• Fixed an issue that prevented files with "%" in the filename from being opened from the remote pane

• Fixed an issue where "C:\" drive was included in "My Files and Folders" for Mac operating systems

• Fixed an issue that prevented upload of 0-byte files

• Fixed an issue where the interface would default to the root folder rather than the user's home folder for initial login

• Fixed an issue where the user would be logged out when using the Open File button on a remote file

• Fixed an issue where use of the delete key in the Change Password functionality would attempt to delete a file or folder

• Fixed an issue where the timeout handling was not functioning for downloads when using the JSE client

• Fixed an issue where the retry attempts did not include a sufficient delay and would thus quickly exhaust the number of attempts

• Fixed an issue where filtering by date resulted in the user being logged out

• Fixed an issue where a transfer could not be stopped using the "Kick User" functionality

• Fixed an issue where the user was not taken to a remote folder when it is specified in the url

• Security: Fixed an issue where accounts in different Sites with identical user names could potentially access each other's resources

• Fixed an issue where sorting by modified date was non-functional

• Fixed an issue that prevented deletion or rename of files whose name contained certain special characters

• Fixed a memory consumption issue that could occur when an invalid content length was provided by the client. Note that some clients incorrectly overflow the content length for files over 2GB in size.

July 2012

Version 6.4.10

July 31, 2012

Fixes

• Fixed minor formatting issue in generation of JSON, which is used internally between EFT Server and WTC

• Fixed memory and handle leak in Event Rule client SFTP

• Security: Fixed a minor security issue that allowed user accounts with force password change specified to perform some actions such as file upload without first changing their password. This issue applies only to non-browser clients connecting over HTTP/HTTPS.

• Fixed AS2 outbound asynchronous MDN receipt URL, which did not contain the proper domain

• Security: Fixed thread safety issue in SAT that caused incorrect home folders in EFT Server accounts

June 2012

Version 6.4.7

June 06, 2012

New Features

• Added a "User Account Enabled" event trigger

• Added a "User Account Deleted" event trigger

Enhancements

• Changed "New User Created" event trigger label to "User Account Created" for consistency

Fixes

• Fixed performance issues when synchronizing users or applying changes to group permissions when operating against an LDAP source with a large (>80k) number of users

• Security: Fixed a medium-high security vulnerability that allowed users to access the Virtual File System with elevated privileges. This only applied to Active Directory authenticated users after being forced to reset their password via the Web Transfer Client or Plain Text Client. (Note that the ability for Active Directory authenticated users to reset their passwords is off by default and can only be enabled via a registry setting).

• Security: Fixed a medium level security vulnerability consisting of a memory leak caused by SSL negotiation under certain conditions (affected versions: 6.4.3 - 6.4.5(private))

• Fixed an issue where "User Account Disabled" event trigger was not firing for all cases

• Fixed issue where some user-related event conditions and event properties were not included for use with the "New User Created" event trigger

• Fixed capitalization of the names of the "User Logged In" and "User Logged Out" event triggers

• Fixed an issue where the internal IP address of the remote server was being used for outbound FTP/S PASV connections rather than the external IP address

March 2012

Version 6.4.3

March 28, 2012

New Features

• Added support for Common Access Card (CAC) authentication

Enhancements

• Updated the user experience for Web Transfer Client interface Java Applet load failures

• Updated the Legacy Transfer Client interface to display the login page on log out rather than offer to close the browser

Fixes

• Fixed a slow memory leak that occurred when using LDAP authentication

• Fixed an issue where the application help incorrectly displayed additional scroll bars

• Fixed an inconsistency in the documentation concerning behavior of the "Require Active Directory domain trust relationship" Folder Monitor configuration item for upgrades

• Fixed a misspelling in the Oracle schema scripts that caused failures when auditing PCI DSS violations

• Fixed an issue that caused misalignment of icons in the Plain Text Client and Web Transfer Client interfaces when using Mozilla Firefox version 10 or later

• Fixed an issue in the Web Transfer Client interface that prevented the browser from refreshing when clicking "OK" on the session expiration dialog

• Fixed an issue that prevented proper operation of the Web Transfer Client interface for Sites using non-standard HTTP or HTTPS ports

• Fixed an issue where the Web Transfer Client interface would display the help for an earlier version of the product

• Fixed an issue where the Web Transfer Client interface would display an invalid status for timeouts during file downloads

• Fixed an issue that prevented download of files from the Plain Text Client interface when using Google Chrome version 16.0.912.63 or later

• Fixed an issue that prevented the proper launch of the Legacy Transfer Client interface

• Fixed an issue that prevented the use of the change password feature in the Legacy Transfer Client interface

• Fixed an issue that prevented the use of the file/folder rename feature in the Legacy Transfer Client interface

• Fixed an issue where the Legacy Transfer Client interface would display the Plain Text Client interface after a file upload

February 2012

Version 6.4.3.6

February 29, 2012

New Features

• Added support for Common Access Card (CAC) authentication

Enhancements

• Updated the user experience for Web Transfer Client interface Java Applet load failures

• Updated the Legacy Transfer Client interface to display the login page on log out rather than offer to close the browser

Fixes

• Fixed an issue where the application help incorrectly displayed additional scroll bars

• Fixed an inconsistency in the documentation concerning behavior of the "Require Active Directory domain trust relationship" Folder Monitor configuration item for upgrades

• Fixed a slow memory leak that occurred when using LDAP authentication

• Fixed an issue that prevented download of files from the Plain Text Client interface when using Google Chrome version 16.0.912.63 or later

• Fixed an issue that caused misalignment of icons in the Plain Text Client and Web Transfer Client interfaces when using Mozilla Firefox version 10 or later

• Fixed an issue in the Web Transfer Client interface that prevented the browser from refreshing when clicking "OK" on the session expiration dialog * Fixed a misspelling in the Oracle schema scripts that caused failures when auditing PCI violations

• Fixed an issue that prevented proper operation of the Web Transfer Client interface for Sites using non-standard HTTP or HTTPS ports

• Fixed an issue that prevented the proper launch of the Legacy Transfer Client interface

• Fixed an issue that prevented the use of the change password feature in the Legacy Transfer Client interface

• Fixed an issue that prevented the use of the file/folder rename feature in the Legacy Transfer Client interface

• Fixed an issue where the Legacy Transfer Client interface would display the Plain Text Client interface after a file upload

• Fixed an issue where the Web Transfer Client interface would display the help for an earlier version of the product

• Fixed an issue where the Web Transfer Client interface would display an invalid status for timeouts during file downloads

January 2012

Version 6.4.1

January 13, 2012

New Features

• Added a registry key (ReportsConnectionString) to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting.

Enhancements

• Removed unused, default security credentials from default report definition XML files

Fixes

• Fixed an issue that caused IP addresses in the FTP/S configuration and PASV settings for the DMZ Gateway configuration to be reversed when upgrading from releases earlier than 6.4.

• Fixed an issue that prevented the proper operation of the LS command when used with a mask over the FTP and FTPS protocols

Version 6.3.16

January 12, 2012

New Features

• Added a registry key (ReportsConnectionString) to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting.

• (COM API) Added COM method to get/set Folder Monitor Event Rule alternate credentials

• (COM API) Added COM method to get/set Site's SFTP protocol state

• (COM API) Added COM method to get/set Site's default PGP key

• (COM API) Added COM method to get/set Offload/Download Action's "Rename After Transfer"

• (COM API) Added COM method to get/set Site->Security->Invalid logins "Count incorrect username" settings

• (PGP) Added registry key to control timeout for long running PGP operations

Fixes

• Fixed offload COPY of a non-existent file to default to ERROR instead of SUCCESS. Added a toggle to Offload Wizard to allow the selection of ERROR or SUCCESS.

• Fixed event rule Copy/Move to support Danish high characters: "æøå"

• Fixed event rule Copy/Move to not inherit credentials from a previous Copy/Move Action

• Fixed issue locating user in LDAP during Change Password

• Fixed event rule variables (%FS.FILE_NAME%) to contain the correct filename after a MOVE Action

• Fixed issue that could cause duplicate execution of Timer rule under certain circumstances

• Fixed crash when MLSD performed in a folder containing a VFS alias > 14 characters in length

• (WTC) Fixed HTTP to properly redirect to a specified folder after entering credentials on login page

• Fixed a memory leak in COM CServer::Close and CSite::Close

• Fixed COM Allow FXP, Allow COMB, and Allow XCRC getters and setters when using inheritance

• Fixed COM FTP "Allow ZLIB compression" toggle

• Fixed COM setting of Upload/Download proxy type

• (AS2) Fixed inbound AS2 transfers from being redirected to login page when the HTTP User Agent appears to be a browser

• (SAT) Fixed SAT to properly populate the FROM email address in multi-domain environments

December 2011

Version 6.4.1

December 19, 2011

EFT Server (standard) and EFT Enterprise

New Features

• Added a registry key to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting

Fixes

• Removed unused, default security credentials from default report definition XML files

• Fixed an issue that prevented the proper operation of the LS command when used with a mask over the FTP and FTPS protocols

• Fixed an issue that caused IP addresses in the FTP/S configuration and PASV settings for the DMZ Gateway configuration to be reversed when upgrading from releases earlier than 6.4.0

Version 6.4

December 07, 2011

New Features

• Added polling option to Folder Monitor, including ability to sweep the monitored folder on rule startup

• Added archive option to Folder Monitor to avoid duplicate processing when polling option is enabled

• Added ability to specify Event ID for Write to Windows Event Log action

• Added UTF-8 option for Copy/Move and Download Event Rule actions

• Added new column (optional) to EFT Server's CL log (Event Rule client log) that returns a success/failure code after the actual result (error) code. To enable: HKLM\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0 value=Enable10ColumnInClientLog DWORD=1 (not present or 0 means disabled)

• Added registry override to disable use of LAST SFTP command used to detect for existence of destination folder prior to transfer

• Added registry override to aid in connecting to slower SFTP servers

• Added registry override that sets the timer thread stack size for cases where lots (300-400) of timers are launching AWE tasks (For information regarding registry settings, refer to the GlobalSCAPE Knowledgebase, keyword: windows registry)

• Added comprehensive IPv6 support including support for dual stacks (both IPv4 and IPv6)

• Added support for multiple discrete listening IPs per site

• Added support for CIDR masking (in addition to current wildcard masking) for IP Access/Ban rule IP definitions

• Added option to treat missing source file(s) as success (rather than failure) for Copy/Move action (any protocol) and for Download action (LAN transfers only)

• Added support for multiple emails assigned to user account (semicolon delimited)

• Added support for using %USER.EMAIL% in the To, CC, and Bcc fields of the Email Notification action

• Added toggle to certificate signing manager to automatically add newly signed certificate to certificate store trusted list

• Added ability to create Site-specific templates for password reset reminder and required messages, and for login credentials message.

• Added registry override for the default (10 minute) PGP timeout

• Added registry override for the PGP log file name created by EFT Server

• Added "Deep Search" to the quick search feature (search in rules)

• Added prompt to apply, discard, or cancel (revert) changes when switching to a different page in the administration interface without having first saved one's changes

• Added link to SAT send page from SAT admin page

• Added numerous minor usability enhancements

• Added full IPv6 support including dual stack (both IP 4 and 6)

• Added support for 6to4 and 4to6 translation

• Added HttpOnly attribute to cookies (where supported) as a security precaution

• Added Secure attribute to all cookies presented over HTTPS (except for special case when an HTTP session is temporarily redirected to HTTPS for the login portion, and then back to HTTP post login)

• Added attribute to prevent auto-complete of FORM fill for login and password reset pages as a security precaution

• Added X-Frame-Options: "sameorigin" to prevent clickjacking. To override that setting: HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient DWORD value=disable_xframeoptions; DWORD=00000001 (to disable)

• Added X-Content-Type-Options: "nosniff" header as a security precaution

• Added X-XSS-Protection: "1; mode=block" header as a security precaution (For explanation of various headers)

• Added date/time formatter to control how the Plain Text Client (PTC) shows dates, between US and European style date formats

• Added several new COM methods and properties to support new functionality

Enhancements

• Enhanced SFTP client (Copy/Move and Download) performance significantly

• Updated AS2 library component to 8.1.4276.0

• Updated PCI DSS coverage to account for PCI DSS 2.0 changes

• Updated SSL library to 0.9.8r

• Switched to SQL Native Client 2008 R2 API

• Enhanced SAT's various templates, including the notification template

• Enhanced SAT's transfer engine to use Java SE Runtime v6u26 and JFileUpload version 2.9C

• Removed certain GET requests from WTC and PTC definitions to eliminate false positives in security scanners

Fixes

• Fixed FTP trace logging that was accidentally removed in EFT 6.3

• Fixed AS2 redirection bug introduced in EFT 6.3 that affected AS2 clients that identified themselves as a generic browser

• Fixed crash caused by AS2 connections under certain conditions (specifics withheld to prevents DoS attacks on older servers)

• Fixed issue where EFT Server's SMTP settings weren't being propagated to the registry for use by the AWE module

• Fixed issue connecting to MVS systems. Now if EFT detects MVS using FTP SYST command it avoids use of PWD and CWD commands for overwrite logic

• Fixed issue where EFT Server failed to retry offloads when the file was locked by another process and a ERROR_ACCESS_DENIED or ERROR_SHARING_VIOLATION was received

• Fixed issue where LAN transfers with credentials override was failing because the Folder Monitor override credentials were being used instead

• Fixed issue where LDAP change password attempts failed depending on how the username was constructed

• Fixed issue where timer event could trigger twice under certain conditions

• Fixed issue where client downloads would fail when downloading from a GXS server

• Fixed issue where certain EFT Server context variables were not being passed to AWE

• Fixed issue where files with a prefix of "as2" could not be downloaded

• Fixed issue where FTP/S client (Copy/Move and Download action) wasn't respecting the ReceiveBufferSize registry override (HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE\TED6\Settings\Transfer\ReceiveBufferSize)

• Included all bug fixes made in EFT Server 6.3 private patch versions

• Fixed issue with MODE command where certain parameters would cause EFT to return errors

• Fixed issue in email notification where URLs exceeding certain length mangled in the HTML

• Fixed hang that occurred when in FIPS mode, a certificate with non-FIPS approved algorithms was used for a client offload

• Fixed issue where user was placed in root folder if user's home folder exceeded Windows' max_path

• Fixed PGP decrypt performance issue introduced in EFT 6.3

• Fixed issue where Event Rule comments were truncated if too long

• Fixed crash caused in SFTP write operations under certain conditions (specifics withheld to prevents DoS attacks on older servers)

• Fixed issue where the registry override to require delete permission for uploads that result in overwritten files wasn't being honored. (Reference)

• Fixed issue where EFT Server failed to create a users' home folder if it did not already exist but "create home folder for new users" was enabled (after .AUD import)

• Fixed crash that would occur during a trial extension request under certain conditions

• Fixed issue where prompt would appear for PGP key that would prevent the user from further navigation, even though PGP was not being used

• Fixed issue where file does not exist was returning incorrect FTP error code ("550 Permission denied" instead of "550 File does not exist")

• Fixed issue where a failure and error was returned by PGP encryption logic under certain conditions

• Fixed issue where duplicate users were reported in the .AUD file

• Fixed issue where an On File Upload rule would fail to trigger if a Settings Template was specified as a conditional value

• Fixed issue where EFT failed to log when PGP delete operation failed due to file being locked

• Fixed issue where upgrade failed to import the entire list of banned IPs; increased threshold from 1,000 to 5,000

• Fixed inconsistency between documentation and how ResultID was actually being audited to the ARM database

• Fixed issue where SAT module throws an MX Error 45 when changing settings template location

• Fixed issue where SAT would incorrectly state that some content was delivered unsecured (only under certain conditions)

• Fixed issue where subdirectory could no longer be accessed over HTTP/S directly using a URL

• Fixed issue where the WTC would not load if AdBlockPlus was enabled on FireFox

• Fixed issue where it was impossible to delete files in the PTC with certain characters in the filename

• Fixed memory leak when using COM to query EFT Server repeatedly

• Fixed issue where a COM exception would occur if GetVirtualFolderList() was invoked and no virtual folders existed

• Fixed issue where GetPhysicalPath returned an error when the bstrFolderAlias passed to the function pointed to a virtual folder with a missing target (physical) path

• Fixed issue where CreateVirtualFolder returns an error if bstrTarget doesn't exist on the server

• Fixed issue where a small number COM properties worked incorrectly if those values were set to inherit from the Server

November 2011

Version 6.4.0

November 18, 2011

New Features

• Added comprehensive IPv6 support including support for dual stacks (both IPv4 and IPv6)

• Added support for CIDR masking (in addition to current wildcard masking) for IP Access/Ban rule IP definitions

• Added polling option to Folder Monitor, including ability to sweep the monitored folder on rule startup

• Added archive option to Folder Monitor to avoid duplicate processing when polling option is enabled

• Added ability to specify Event ID for Write to Windows Event Log action

• Added option to treat missing source file(s) as success (rather than failure) for Copy/Move action (any protocol) and for Download action (LAN transfers only)

• Added UTF-8 option for Copy/Move and Download Event Rule actions

• Added support for multiple emails assigned to user account (semicolon delimited)

• Added support for using %USER.EMAIL% in the To, CC, and Bcc fields of the Email Notification action

• Added toggle to certificate signing manager to automatically add newly signed certificate to certificate store trusted list

• Added Site-specific templates for password reset reminder and required messages, and for login credentials message. To implement, append the Site name and an underscore in front of the template name. E.g. MySite_CredentialsTemplate, SiteA_PasswordResetReminderMsg.html, or SiteB_PasswordResetMsg.html)

• Added new column (optional) to EFT Server's CL log (Event Rule client log) that returns a success/failure code after the actual result (error) code. To enable: HKLM\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0 value=Enable10ColumnInClientLog DWORD=1 (not present or 0 means disabled)

• Added registry override to disable use of LAST SFTP command used to detect for existence of destination folder prior to transfer

• Added registry override for the default (10 minute) PGP timeout

• Added registry override for the PGP log file name created by EFT Server

• Added registry override to aid in connecting to slower SFTP servers

• Added registry override that sets the timer thread stack size for cases where lots (300-400) of timers are launching AWE tasks

• Added "Deep Search" to the quick search feature (search in rules)

• Added prompt to apply, discard, or cancel (revert) changes when switching to a different page in the administration interface without having first saved one's changes

• Added link to SAT send page from SAT admin page

• Added numerous minor usability enhancements

• Added full IPv6 support including dual stack (both IP 4 and 6)

• Added support for 6to4 and 4to6 translation

• Added HttpOnly attribute to cookies (where supported) as a security precaution

• Added Secure attribute to all cookies presented over HTTPS (except for special case when an HTTP session is temporarily redirected to HTTPS for the login portion, and then back to HTTP post login)

• Added attribute to prevent auto-complete of FORM fill for login and password reset pages as a security precaution

• Added X-Frame-Options: "sameorigin" to prevent clickjacking. To override that setting: HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient DWORD value=disable_xframeoptions; DWORD=00000001 (to disable)

• Added X-Content-Type-Options: "nosniff" header as a security precaution

• Added X-XSS-Protection: "1; mode=block" header as a security precaution

• Added date/time formatter to control how the Plain Text Client (PTC) shows dates, between US and European style date formats

• Added several new methods and properties to support new functionality

Enhancements

• Enhanced SFTP client (Copy/Move and Download) performance significantly

• Updated PCI DSS coverage to account for PCI DSS 2.0 changes

• Updated SSL library to 0.9.8r

• Updated AS2 library component to 8.1.4276.0

• Switched to SQL Native Client 2008 R2 API

• Enhanced SAT's various templates, including the notification template

• Enhanced SAT's transfer engine to use Java SE Runtime v6u26 and JFileUpload version 2.9C

• Removed certain GET requests from WTC and PTC definitions to eliminate false positives in security scanners

Fixes

• Fixed issue where subdirectory could no longer be accessed over HTTP/S directly using a URL

• Fixed issue with MODE command where certain parameters would cause EFT to return errors

• Fixed issue in email notification where href's exceeding certain length mangled in the HTML

• Fixed hang that occurred when in FIPS mode, a certificate with non-FIPS approved algorithms was used for a client offload

• Fixed issue where user was placed in root folder if user's home folder exceeded Windows' max_path

• Fixed memory leak when using COM to query EFT Server repeatedly

• Fixed issue where SAT module throws an MX Error 45 when changing settings template location

• Fixed PGP decrypt performance issue introduced in EFT 6.3

• Fixed FTP trace logging that was accidently removed in EFT 6.3

• Fixed inconsistency between documentation and how ResultID was actually being audited to the ARM database

• Fixed issue where Event Rule comments were truncated if too long

• Fixed AS2 redirection bug introduced in EFT 6.3 that affected AS2 clients that identified themselves as a generic browser

• Fixed crash caused by AS2 connections under certain conditions (specifics withheld to prevents DoS attacks on older servers)

• Fixed crash caused in SFTP write operations under certain conditions (specifics withheld to prevents DoS attacks on older servers)

• Fixed issue where the WTC would not load if AdBlockPlus was enabled on FireFox

• Fixed issue where EFT Server's SMTP settings weren't be propagated to the registry for use by the AWE module

• Fixed issue connecting to MVS systems. Now if EFT detects MVS using FTP SYST command it avoids use of PWD and CWD commands for overwrite logic

• Fixed issue where EFT Server failed to retry offloads when the file was locked by another process and a ERROR_ACCESS_DENIED or ERROR_SHARING_VIOLATION was received

• Fixed issue where the registry override to require delete permission for uploads that result in overwritten files wasn't being honored.

• Fixed issue where LAN transfers with credentials override was failing because the Folder Monitor override credentials were being used instead

• Fixed issue where LDAP change password attempts failed depending on how the username was constructed

• Fixed issue where EFT Server failed to create a users' home folder if it did not already exist but "create home folder for new users" was enabled (after .AUD import)

• Fixed crash that would occur during a trial extension request under certain conditions

• Fixed issue where prompt would appear for PGP key that would prevent the user from further navigation, even though PGP was not being used

• Fixed issue where SAT would incorrectly state that some content was delivered unsecured (only under certain conditions)

• Fixed issue where file does not exist was returning incorrect FTP error code ("550 Permission denied" instead of "550 File does not exist")

• Fixed issue where timer event could trigger twice under certain conditions

• Fixed issue where a failure and error was returned by PGP encryption logic under certain conditions

• Fixed issue where duplicate users were reported in the .AUD file

• Fixed issue where client downloads would fail when downloading from a GXS server

• Fixed issue where certain EFT Server context variables were not being passed to AWE

• Fixed issue where files with a prefix of "as2" could not be downloaded

• Fixed issue where a COM exception would occur if GetVirtualFolderList() was invoked and no virtual folders existed

• Fixed issue where FTP/S client (Copy/Move and Download action) wasn't respecting the ReceiveBufferSize registry override

• Fixed issue where an On File Upload rule would fail to trigger if a Settings Template was specified as a conditional value

• Fixed issue where GetPhysicalPath returned an error when the bstrFolderAlias passed to the function pointed to a virtual folder with a missing target (physical) path

• Fixed issue where CreateVirtualFolder returns an error if bstrTarget doesn't exist on the server

• Fixed issue where it was impossible to delete files in the PTC with certain characters in the filename

• Fixed issue where EFT failed to log when PGP delete operation failed due to file being locked

• Fixed issue where upgraded failed to import the entire list of banned IPs. Increased threshold from 1,000 to 5,000

July 2011

Version 6.3.8

July 21, 2011

New Features

• (COM API) Added CreateUserEx2() COM call that includes the user's email address so the account creation email can be sent at the time the user is created; all of the user/client details can now be set

• (COM API) Added support for hashed passwords to COM CreateUserEx to facilitate user migration from another EFT

• (COM API) Added 2 new COM methods to facilitate retrieval of VFS virtual folders and folder permissions

• Added registry key to disable HTTP-to-HTTPS redirection

• Added support for Unix style -lrt sorted listing to NLST

• Added registry value to enable RENAME to overwrite an existing file

• Added registry value to enable Clear Command Channel to expect an encrypted response to CCC request. This provides CCC interoperability with Sterling CONNECT Enterprise

• Added 2 step save process used by ftp.cfg to AUD files to prevent corruption during save. "*.bak" and "*.corrupted" files are now created as necessary.

Fixes

• Fixed installer to properly create the EFT Server administrator account during cluster installs

• Fixed Plain Text Client handling of paths that included a space during RENAME and DELETE

• Fixed WGET file transfers over HTTP

• Fixed invalid data in customer configuration files that could slow down file transfers

• Fixed upgrades from EFT Server 5.x to maintain DMZ Gateway as the outbound proxy

• Fixed uploads of small files (<100 bytes) from Rebex/Ultimate FTP libraries

• Fixed issue in SFTP that would not allow a new Active Directory user to connect until an AD database synchronization or an FTP login occurred

• Fixed NLST to once again support listings of filenames that contain special characters > 128

• Fixed Site Administrator accounts to control the "Treat Home Folder as Root" setting

• Fixed Event Rule LAN operations when paths contained multiple or incorrect slashes ("/", "\")

• Fixed upgrades to EFT 6.3 from GSFTPS FIPS

• Fixed server restore so all user home folders are restored when backup contains a large number of sites (14)

• Fixed FireFox 4 issues in the Plain Text Client

• Fixed Plain Text Client 403 and 404 errors when attempting to rename or delete a file from a subfolder if specific permissions were set

• Fixed VFS to prevent orphan VFS permissions nodes hidden in ftp.cfg

• Fixed a crash that occurred with calling GetFolderPermissions via COM

• Fixed COM DisableInheritPermissions method to set child folders to their parents' permissions instead of the root folder permissions

• Fixed COM Event Rule enums to include "Greater than" and "Greater than equal to" conditional operators

• Fixed COM new 6.3 method names that were inconsistent with the existing API

• Secure Ad Hoc Transfer (SAT) module

  • Fixed SAT for proper handling of non-US date formats

  • Fixed SAT to not authenticate against NTLM when "no auth" is selected

  • Fixed SAT Installer to identify 32 vs. 64 bit on same host installs

  • Fixed SAT Installer to use PCI compliant password complexity rules for admin accounts

  • Fixed SAT errors which prevent Admin page from loading

  • Fixed SAT web.config errors when a non-standard HTTPS port was used

  • Fixed SAT upgrade issues when SAT was not installed on C:

  • Fixed SAT Installer to not de-register COM

• AS Module

  • Fixed AS2 to support multiple SSL public key certs in a single .crt file

  • Fixed a crash that occurred when formatting an AS2 synchronous MDN message

• Web Transfer Client (WTC)

  • Fixed Web Transfer Client logout to not affect other open tabs in Internet Explorer (IE)

  • Fixed Web Transfer Client jars to be signed with a newer cert that doesn't expire until 2015

  • Fixed Web Transfer Client and Plain Text Client to initially place users in their home folder instead of the site root folder when "Treat Home Folder as Root" is turned off

  • Fixed IE9 and Chrome drag-n-drop issues in Web Transfer Client

• Advanced Workflow Engine (AWE)

  • Fixed AWE "Stop Task" action to properly return SUCCESS or ERROR to the EFT Server Event Rule

  • Fixed AWE to support semicolons as a separator in "On Error" tab variables

  • Fixed AWE to properly display the "Send Email" action when editing the "On Error" tab

  • Fixed AWE GetTaskName to properly return the name of the task

  • Fixed AWE crash when a nesting of sub-tasks would ultimately delete the file that triggered an EFT Server folder monitor

  • Fixed some broken help hooks in the AWE Help

• OpenPGP Module

  • Fixed "8000ffff: Catastrophic Failure" Errors when PGP encrypts multiple or single files

March 2011

Version 6.3.0

March 30, 2011

New Features

• Added RSA SecurID and RADIUS 2-factor authentication

• Added Status Viewer to monitor in progress and recent file transfers

• Added IP Access/IP Ban user interface that supports white listing

• Added Event Rule Calendar supports custom calendars and import/export

• Added "Write to Windows Event Log" Event Rule Action

• Added RSA SecurID and RADIUS 2-factor authentication

• Added Event Rule Calendar supports custom calendars and import/export

• Added "Write to Windows Event Log" Event Rule Action

• Added ability for multi-part transfers to be available in the Event Rule Copy/Move via a registry key

• Added Copy/Move Event Rule Action support for alternate set of credentials for remote UNC shares

• Added Copy/Move and Event Rule Action support for several overwrite and enumerate options

• Added Folder Monitor support for two modes of operation: high throughput or high number of folder monitors

• Added "Cleanup logs" action to the "Backup and Cleanup" Timer rule in new installs

• Added HTTP and SFTP keyboard interactive login support for RSA and RADIUS pin creation

• Added SIZE as a fallback for transfer verification when XCRC is not supported by remote server

• Added registry option to use LOGON_NEW_CREDENTIALS instead of LOGON_INTERACTIVE for folder monitor

• Added support for SFTP client Copy/Move and Download transfers of files greater than 4 GB

• Added ability for user-level admins to unlock user accounts, in addition to enable/disable and change password

• Added the AML task name to AWE debug logging

• Added UTF-8 filenames support in AWE tasks

• Added a warning message if a duplicate folder monitor is created for the same folder

• Added TRACE level logging of AS2 HTTP headers

• Added Status Viewer to monitor in progress and recent file transfers (requires ARM for historical transactions)

• Added IP Access/IP Ban user interface that supports white listing

• Added "IP Banned" Event Rule Condition and "Too many invalid commands" Event Reason

• Added PGP Event Rule signature verification options

• Added Event Rule "precise time stamp" context variable

• Added multi-threaded PGP architecture

• Added Denial of Service detection to all protocols

• Added UTF-8 filenames support over HTTP and SFTP

• Added EBCDIC "TYPE E" support

• Added SYST value support

• Added SFTP support for public key or password authentication

• Added support for non-FIPS version of the OpenSSL library to version 0.9.8o

• Added detailed logging of SFTP connections to connection log in Status Viewer

• Added disable of auto import of ARM text files via a registry key

• Added ability to sort objects in the AI left tree pane alphabetically

• Added trigger of the "User Disabled" event rule when Users expire

• Added ability to apply PGP Event Rule Actions to "On File Download" events

• Administration Interface (AI)

• Added left pane tree support for up to 100,000 EFT Server users; multi-select enable, unlock, delete, and reset password; and visual identification of EFT Server user accounts without an email address

• Added Active Directory sites' ability to not show the domain name

• Added PGP keys management from remote AIs

• Added AI/EFT Server SSL certificates checks to validate connections

• Added DER, PFX, and P7B output formats in addition to PEM for SSL cert export

• Added AI upgrades and command line silent install support

• Added summary list of folders to be deleted when a user is deleted

• Added support to protect key folders (/usr) from deletion when a user is deleted

• (AWE) Added sample tasks for demonstrating Expectations, IP black lists, etc.

• (AWE) Added Sharepoint Action

• (AWE) Added Compression Action: Added 7zip compress/uncompress

• (AWE) Added FTP Actions: FXP; synchronize method; FIPS 140 mode; FTPS clear command channel (CCC) mode

• Added FTP advanced action file exist; folder exist; get crc; FTP tuning options (UseLargeBuffers)

• (AWE) Added FTP ability to get long list dataset shows file attributes

• (AWE) Added SFTP validation of server host key; SFTP provide protoversion prior to connection

• (AWE) Added Get File Info Action: Added ability to retrieve folder information

• (AWE) Added Send/Get email and Exchange Actions: Support for Exchange 2010 and ability to send custom headers

• (AWE) Added Send/Get email and Exchange Actions: Improved filter engine based on query for Imap and Webdav

• (AWE) Added Service Management: Added remote service install, start, stop, pause, resume

• (AWE) Added Web Service Action: Added support for SOAP 1.2 protocol

• (AWE) Added Full Unicode support across all Actions

• (AWE) Added Start Task and Stop Task Actions

• (ARM) Replaced the integrated SQL Server Express 2005 installer with SQL Server Express 2008 R2

• (ARM) Added logging to the installer during creation or modification of the SQL schema

• (DMZ) Added synchronization of messages with EFT Server to implement enhanced IP Access/IP Ban capabilities

• (SAT) Added new architecture that uses Java applet to transfer file directly to EFT Server bypassing IIS

• (SAT) Added new web-based administration and configuration

• (SAT) Added ability to transfer files larger than 2 GB

• (SAT) Added ability to transfer folders

• (SAT) Added installer support of upgrades; does not require uninstall

• (SAT) Added default SAT Event Rules in EFT Server to automatically send upload notifications, delete expired temporary users, and notify senders of upload(s) received from temporary users.

• (WTC) Added form-based login that supports branding and true login/logout sessions, and password reset

• (WTC) Added selection of WTC (Java) or Plain Text Client (PTC) from the login page

• (WTC) Added new "look" with improved buttons and use of CSS to support branding

• (WTC) Added Single Sign On (SSO) support in NTLM environments

• (WTC) Added branding process that doesn't require registry overrides

• (WTC) Added branding that can be EFT Server site specific

• (WTC) Added capabilities and status provided in the WTC transfer queue pane

• (WTC) Added requeue counter to the Settings panel for error-prone connections/servers

• (WTC) Added option to select Java JSE HTTP client for NTLM v2 proxy authentication

• Added numerous COM API methods and properties to mirror the capabilities available in the AI:

• Administrators and administrator privileges

• LDAP, AD, and ODBC site creation and options

• Event Rule Offload/Download Advanced tab

• Write To Windows Event Log

• Backup and Restore

• IP Ban

• AS2

• FTP options: FXP, Noop, COMB, XCRC

• AWE custom variables

• Multiple SSH client keys and key export

Fixes

• Fixed Email notification file size for Copy/Move events

• Fixed Web Services WSDL page accessibility

• Fixed "User must change password on first login" with LDAP

• Fixed ARM SQL connection details in GUI notifications to lesser privileged admins

• Fixed LDAP "change password" implementation via LDAP calls instead of Active Directory

• Fixed "Uploads per session" and "Downloads per session" limits for HTTP

• Fixed Offload/Download wizard handling of forward and backward slashes

• Fixed PGP passwords masking in DEBUG logging

• Fixed "Stop Processing" and "If failed Action" listing in the Event Rule preview pane even when inactive

• Fixed rejected SSL client cert trigger of the Event Rule "Connect Failed" Condition

• Fixed "On User Created" Event Rule is trigger for first login of an AD or LDAP user

• Fixed Event Rule client downloads of file with a % in the filename

• Fixed Event Rule client traversal of directories with a # or % in the folder name

• Fixed Administrator warning regarding outbound PORT mode support through DMZ Gateway

• Fixed inconsistency of file paths in CREATE and DELETE lines of ARM reports

• Fixed resuming of interrupted WTC transfers

• Fixed ARM auditing of SFTP file offset to properly report transferred bytes

• Fixed renaming of a group so that all members of the group are not removed from the group

• Fixed crashes reported in Microsoft WinQual

• Fixed parsing of multi-line HTTP headers

• Fixed PGP temporary files creation

• Fixed ability to "kick" and delete connected users

• Fixed auditing of failed HTTP logins in ARM

• Fixed (removed) "EFT Server" identifiable strings where possible to address security audit recommendation

• Fixed WTC local pane display of system or hidden files or folders

• Fixed 2048 bit SSL signed certs in AS2

• Fixed HTTP login support of usernames with embedded spaces (Active Directory Display Name accounts)

• Fixed error in ARM report templates that allowed non-admin user account to edit the template

• Fixed error in WTC file rename in Safari browser

• Fixed/eliminated long delay when uploading files via SFTP to a remote folder containing 100,000+ files

January 2011

Version 6.2.31

January 26, 2011

EFT Server (standard) and EFT Enterprise

New Features

• Added the ability to rename virtual folders

• Added ERROR logging to Active Directory calls during AD user synchronization

• Added a timeout at the SFTP layer to detect hung connections from third-party servers

• Added updating of Active Directory user home folders during AD synchronization

• Added support for SSL cert settings for Event Rule downloads

• Added a registry value to control the Health Check Timeout for slow file servers

• Added registry setting to control the ARM report generation timeout

• Added the new EULA for EFT Server

• Added ability for Template Settings administrators to delete a user's home folder

• Added/improved user password and account settings in the COM interface

• Added/improved folder permissions inheritance and Encrypting File System (EFS) settings in the COM interface

• Added/improved proxy, overwrite, COMB, and FXP transfer options in the COM interface

• Added/improved Event Rule PGP options in the COM interface

• Added DMZ Gateway support of compressed messages sent from EFT Server

Enhancements

• ARM now only audits "On File Upload" rules that perform an Event Rule Action

• Active Directory user home folders are now updated during synchronization

• Enhanced the COM API methods for specifying EFT Server Administrator privileges

• Improved import time when migrating large numbers of users into EFT via COM

Fixes

• Corrected the amount of time EFT Server logins were blocked when updating user quotas

• Corrected issue that caused "home folder not deleted" error message when deleting a user

• Corrected issue in Event Rule SFTP client when sending files larger than 4 GB

• Corrected crash that could occur when an SFTP connection failed before a channel was established and EFT Server attempted to clean up the channel

• Corrected crash in the EFT Server administration interface that occurred while an external VBS COM script was backing up the VFS

• Corrected auditing of invalid transfer data by the Event Rule client for rare cases of failed transfers

• Corrected Active Directory and LDAP sites to use standard password change page instead of a hard-coded, AD/LDAP-specific page

• Corrected connection error in FTPS when remote folder contained 800+ files

• Corrected crash that would result in a user's home folder being set to NULL

• Fixed single-click URL construction to resolve file rename issue in the Plain Text Client

• Fixed SFTP Event Rule client to honor connection retry settings

• Fixed SFTP so 0-byte downloads do not trigger "On File Upload" rules

• Fixed SFTP so users with a home folder at the site root do not trigger On File Upload rules upon login

• Fixed handling of empty client SSL certificates for FTPS Explicit tranfers

• Fixed crash that resulted from corrupt data in VFS permissions

• Fixed error in the Event Rule client that would cause the creation of too many session-level debug log files when using a "*" mask

• Fixed memory increases that prevented users from connecting to EFT site

• Fixed single click download with URL containing .exe or .dll

• Corrected crash when the Event Rule client attempts to download 400,000+ files

• Corrected crash in remote AI GUI when changing user permissions in the VFS tab

• Corrected issue that caused loss of PGP subkeys when upgrading from EFT 5.1 to 5.2 or later

• Corrected issue so SFTP transfer limits are now honored

• Corrected some timestamp errors in ARM reports generated using Oracle

• Corrected error in tracking of Event Rule client transfers that caused EFT Server service to crash

• Corrected slowdown that occured when an EFT site has a large number of VFS folders pointing to missing or non-accesible locations

• Corrected and issue where auditing and reporting module didn't render certain parameters in a report

• Corrected issue where trial extension requests did not behave as expected.

• Corrected crash in SFTP occasionally caused by read errors

• Corrected issue where OpenSSH client would require private key passphrase when using password authentication

• Corrected issue rendering some Windows-1252 extended characters in the Plain Text Client (PTC)

• Corrected crash in FTP when consecutive PASV commands were issued

• Corrected issue so invalid username attempts will add the IP address to the ban list

• Corrected crash when the mail template was less than 7 characters in total size and contained one of the following characters: f, i, l, e, :, /

• Corrected issue in SFTP client that caused 0 length files to be created when downloading using a *.* file mask

• Corrected crash in the Admin Interface (AI) when expanding site folders and navigating back to the Server tab

• Restored ability to blind upload files without requiring LIST privilege

• Corrected issue in SFTP upload MDTM that caused incorrect file date stamps

• Corrected crash in SFTP caused by far side closing connection during or immediately after connection

• Corrected hang in Scheduled Event Rule caused by AWE task crashed

• Corrected issue in selected COM methods on Windows 2008

• Corrected issue that prevented the custom Manage Account HTTP page from working on Firefox

• Corrected two ARM reports that were not displaying the timestamp properly when the EFT Server database was running on Oracle

• Corrected issue that caused the Web Transfer Client to stop working if the Site was configured to not allow the download of JavaScript (js) files

• Corrected issue that prevented the Trial Extension Request from working on a 64 bit OS if the trial had expired

• Corrected issue that caused "425" errors when making 10 or more concurrent FTPS PASV port connections through DMZ Gateway to a defined PASV port range

• Corrected DMZ Gateway to correctly return ports to pool on PASV connection attempts

• Corrected ERROR logs to display as DEBUG, as they are not Application Errors

• Corrected PASV Ports to be assigned randomly instead of sequentially

• Corrected connection issues when significant configuration data is passed between the interface and the Server

• Corrected issues caused by bad message processing logic for certain network environments

September 2010

Version 6.2.18.3

September 09, 2010

EFT Server (standard) and EFT Enterprise

New Features

• Added toggle for HTTP 100-CONTINUE message for interoperability with older AS2 systems that do not support HTTP 1.1

• Added Quick Search (Control+F) feature to locate Users, Event Rules, Groups, etc. in the tree

• Enhanced the Administrator user interface to support Trial Extension requests without requiring an administrator to login

• Added optional directory listing method for customers with large numbers of files in a NAS folder (40,000). This method does not request the associated folder/file permissions during the directory listing. HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\LegacyDirListBehavior DWORD: any non-zero value activates the legacy (no permissions) directory listings

• Added several VFS and Administrator methods to COM interface

• Added more logging to SFTP and AS2 to provide greater visibility into transfer problems (enable in logging.cfg)

• Added an option to the Web Transfer Client to select local time or GMT for the modified time for files in the local pane

Enhancements

• Enhanced Web Transfer Client text to use "Current Password" instead of "Old Password" to reduce user confusion

• Enhanced Web Transfer Client (WTC) to allow selection of GMT or local time for file timestamps in the remote pane

Fixes

• Corrected issue in quota calculation that was sometimes inconsistent for folders on a UNC share

• Corrected crash in the administrator interface caused by copying an "if action FAILED" Event Rule statement

• Corrected timing related crash if data socket was closed while trying to compute transfer speed

• Corrected issue in AWE that caused AWE task that called a subtask to sometimes not complete

• Corrected memory leak in LDAP user synchronization

• Corrected issue that caused SFTP uploads to time out if a sizable number of On File Upload rules were enabled with email notifications

• Corrected issue that caused filter options to be unavailable in Timer Event Rule Report Actions

• Corrected issue where some user folders were not being restored from a backup

• Corrected issue where the SFTP client’s automatic resume was not working properly

• Corrected ASCII conversion issues that would occur during the RESUME once the network error was resolved

• Corrected issue where the Cleanup Action was not deleting BAK files. Also added deletion of READONLY and HIDDEN files. The file path no longer has to end in a backslash \

• Corrected issue where the EFT Server service/admin interface would hang during the changing of the priority of Event Rules

• Corrected issue with memory leaks when adding a user to a permission group and other user-management tasks

• Corrected issue where SFTP client keys would not work when upgrading from Secure FTP Server to EFT Server 6.x

• Corrected issue where EFT Server created the default permission groups "Administrative" and "Guest" that are not appropriate for an ODBC Site

• Corrected issue where the "Allow FXP" (site-to-site transfers) toggle was not being honored

• Corrected issue where the Event Rule offload client retry setting was not being honored

• Corrected issue that would halt future transfers of files by the Event Rule client for specific types of transfer errors

• Corrected crash in the administrator interface that resulted from monitoring a user from other than the first Site

• Corrected crash in the administrator interface that resulted from a speed calculation error

• Corrected issue caused by improper processing of FTP MKDIR command

• Corrected issue when connecting over SFTP using Transmit 3.5.4 client

• Corrected issue in FTP directory listing - date sorting was sometimes out of order

• Corrected delay that could occur to an FTP authentication while EFT admin was loading folders in the VFS tab

• Corrected SFTP and HTTP login issue in Active Directory environments with multiple domains

• Corrected issue where AS2 no longer requires the AS2-Version HTTP header for interoperability with older AS2 implementations

• Corrected problem related to cleanup of OpenPGP temporary files

• Corrected problem where OpenPGP would lockup if destination file already exists

• Corrected issue where AWE module would hang related to the improper termination of AWE tasks

• Corrected interoperability issue with WS_FTP Server related to large file transfers - other vendors have had to do the same

• Corrected MDTM to always return values in GMT, even if EFT Server listings are configured for local time

• Corrected parent folder permissions to no longer require SHOW and LIST

• Corrected interoperability issue with OpenSSH

• Corrected an issue where Event Rule comments were being lost

• Corrected XCOPY custom commands errors

• Corrected an issue where Event Rule Timer events would trigger 1 second early

• Corrected issue with unnecessary SSH_DISCONNECT timeout messages

• Corrected a CRC error that prevented Web Transfer Client from being able to successfully resume a download

• Corrected issue where resume did not work on filenames > 35 characters when transferring files with the WTC

• Corrected issue in SAT that could cause the temporary accounts to not be created on EFT Server

• Corrected issue in SAT that caused the previous value of the FROM email address to be used instead of the one supplied by the user

May 2010

Version 6.2.7

May 14, 2010

EFT Server (standard) and EFT Enterprise

New Features

• Added new registry override for FTP SYST response. Default is "UNIX Type: L8"; common request is for "Windows_NT"

Enhancements

• Enhanced SFTP connection mechanism to work with non-RFC compliant SFTP servers

Fixes

• Corrected issue where home folders were being lost for AD users after an upgrade

• Corrected crash that would occur under rare condition when corrupted configuration file was present

• Corrected problem where EFT Server failed to notify user if site root physical folder was missing

• Corrected problem where network errors would cause e-mail notifications to fail

• Corrected problem where LDAP authentication would fail when a user was moved to a different OU or CN

• Corrected memory leak resulting from COM API operations involving quota checker and folder monitor

• Corrected crash that occurred upon manually refreshing user database for LDAP auth types

• Corrected issue where user would not appear in EFT Server’s user list if the user connected prior to an AD synchronization event

April 2010

Version 6.2.3

April 5, 2010

EFT Server (standard) and EFT Enterprise

New Features

• Multiple administrators can now add objects of the same type (users, event rules, custom commands, and AWE tasks) at the same time

Enhancements

• Removed EFT software version number from HTTP headers to address security concern

• Modified buffer size on HTTP downloads to achieve comparable file transfer speeds with uploads

• Updated SAT tables in ARM to provide better performance and robustness

Fixes

• Fixed issue when editing an event rule email action when another administrator had modified the user list in a separate AI GUI

• Fixed SAT to log the proper filename, instead of the temporary filename, in ARM when SAT is installed on a server remote from EFT

• Corrected issue in SQL files that could inhibit the creation of the ARM indices on MSDE

• Fixed a problem where EFT Server Denial of Service updates could block legitimate client connection attempts.

• Fixed a resource leak that appears under some environments leading to resource exhaustion.

March 2010

Version 6.2.1

March 9, 2010

EFT Server (standard) and EFT Enterprise

Fixes

• Corrected issue where (on new installations) PGP keys could not be created without a service restart

• Changed default behavior for PGP signature verification to OFF by default (registry enabled). Search help for "signature verification" for instructions.

• Corrected a problem with how DMZ Gateway handled certain error conditions that could affect the peer communication channel

Version 6.2

March 1, 2010

EFT Server (standard) and EFT Enterprise

New Features

• Added ODBC Authentication Manager SQL scripts for MS SQL and Oracle

• Added a default logging.cfg file to EFT Server.

• Plain HTML format can now be selected by appending ?html to the URL

• Added Windows Authentication (Active Directory and local Windows accounts) to EFT Server’s administration authentication sub-system. Requires the High Security Module (HSM).

• Added ability for EFT Server administrators to login via a desktop shortcut and Windows authentication without supplying credentials

• Added ability to query the LDAP server to obtain a listing of all base DNs on the domain specified or the default domain.

• Added ability to right-click a user account on the Server tab to open the user's VFS home folder on the VFS tab. You can also launch Windows Explorer from the VFS tree on the VFS tab.

• Added ability to see virtual folders when using the FTP MLSD command.

• Active Directory accounts can be used for EFT Server administrator accounts

• Advanced Workflow module updated with many new actions

• SSL certificate support for outbound transfers

• Added ability for WTC users to control whether preemptive proxy BASIC authentication credentials are sent.

• Added Microsoft Encrypting File System (EFS) to EFT Server basic edition. Requires the High Security Module (HSM).

• Added requirement for EFT Server administrator credentials when attempting to delete a Site or Server object in the administration interface.

• Added SSL certificate options for EFT Server's client offload/download FTPS and HTTPS event rule actions.

• Added support for the PFX format in the EFT Server SSL Certification Manager

• Added Windows Event Log entries if long running custom commands or AWE tasks are terminated due to a timeout

• Added signature verification to event rule OpenPGP decryption

• Added ability to install DMZ Gateway on Unix, Linux, and Solaris operating systems (in addition to Windows). Available on both 32-bit and 64-bit operating systems.

• Added more functionality to DMZ Gateway's interface to accommodate multiple profiles and extended communication information.

• Added ability to connect up to 15 EFT Server Sites simultaneously.

• Added automatic propagation of IP address access policy changes to DMZ Gateway when the policy is modified in EFT Server, whether in the interface or by the auto-ban logic.

• Added three new intervals to the Generate Report Action: Today, Yesterday, and Last 24 hours.

• Added new EFT Server variables SERVER_PUBLIC_KEYRING_PATH and SERVER_PRIVATE_KEYRING_PATH to pass the location of the public and private key ring to the AWE module.

• Added ability to send user-defined (custom) variables from EFT Server to the AWE module.

• Added several new AWE actions in these categories: Internet, File, Network, Variable and Cryptography

• Added more unique error descriptions

• Added ability to configure ad hoc permissions in the web.config file.

• Added ability to define the default permissions used for the temporary user's home folder in the web.config file.

• Added ability for SAT users to create subfolders in their home folder.

• Added a variable in the web.config file to add a specified time delay before sending the password email.

Enhancements

• Enhanced Secure Ad Hoc module faster performance and new configuration options

• Updated to version 0.9.8l the non-FIPS SSL libraries used by EFT Server for inbound and outbound SSL-based protocols.

• Improved SSH key tool; when you rename an SSH key, EFT Server verifies that the name is unique and prompts you to change it if it is not unique.

• Improved the remote administration interface installation process; the SFTPCOMInterface.dll and SSL.dll are automatically installed and registered.

• Improved the folder monitor and event rule timers; EFT Server will "reset" only the affected (modified) folder monitor/timer when serializing to the configuration file, rather than all folder monitors and timers.

• Improved text file auditing of Folder Monitor actions to aid Customer Support when assisting customers with Folder Monitors.

• Centralized DMZ licensing to EFT Server to simplify DMZ installation and licensing.

• DMZ and EFT Server have been hardened to withstand attack from several Denial of Service (DoS) attack tools

• Improved and expanded DMZ Gateway logging.

• Upgraded the SQL Server Express 2005 installer to SQL Server Express Edition, service pack 3.

• The following methods, properties, parameters, and enumerators were added or modified:

• Server Interface (ICIServer) methods: ConnectEx, RemoveServerAdminAccount

• Single-Site Interface (ICISite) properties: AllowChangePassword, ForcePasswordResetOnInitialLogin

• Client Settings Interface (ICIClientSettings) methods: GetForcePasswordResetOnInitialLogin, SetForcePasswordResetOnInitialLogin

• Enumerators and Constants: LoginType, ServerModule, PredefinedReportPeriod, AdminAccountType enumeration, AdminLoginType enumeration

• Improved the speed of SAT upload transactions and when SAT is configured for File Copy to EFT Server.

• Updated tab sequences in various dialogs for Section 508 compliance.

Fixes

• Consolidation of all bug fixes done in 6.1.x patches

• Fixed Oracle ODBC Authentication Manager character case problems: user login checks are no longer case sensitive and SQL commands are case consistent.

• Event Rule "if using WTC" condition now works properly in all scenarios.

• Event Rule "On Server Startup" actions are now performed.

• Email notifications are now sent for On Scheduled Timer events.

• Access to the Web Services WSDL has been restored.

• Fixed layout errors in some PCI Reports.

• Fixed the SSH version number displayed in the Admin User Interface to reflect the update to SSH protocol version 4.

• Fixed WTC to ensure user's AD credentials are used to access files and folders and not the EFT Server service credentials.

• Fixed WTC so uploads are now as fast as downloads

• Fixed a vulnerability to tampering in the messaging between the Admin GUI and the EFT Server

• Fixed several instances where standard file deletion was being used instead of file sanitization

• Fixed a timeout issue that would lead to a blank page being displayed by the plain text HTTP client during extremely large file uploads

• Restored the ability to turn on detailed outbound client logging (controlled by registry key)

Version 6.1.10

March 1, 2010

EFT Server (standard) and EFT Enterprise

Enhancements

• Improved network error handling and added retry logic to the Web Transfer Client (WTC)

• Improved ability to distinguish between SQL connection and non-connection related errors

• Improved Installer to ensure SQL stored procedures are upgraded

• Improvements to WTC’s proxy authentication capabilities

• Improved EFT Server compatibility with WebDrive

• Improved CreateUserEx COM method performance

• Improved folder deletion performance

• Improved configuration file read/write performance

• Enhanced WTC so that its help contents are linked to version specific online help pages

• Enhanced Auditing and Reporting Module (ARM) reconnection logic by using additional SQL timeout error codes

Fixes

• Corrected issue where EFT Server would attempt to send ARM status updates to Admin connections that was disconnecting

• Corrected issue where WTC upload speeds wasn’t on par with download speeds

• Corrected issue where Multi-site DMZ Gateway used the wrong interface when attempting to connect using PASV mode.

• Corrected issue where Multisite DMZ used the wrong interface when performing outbound transfers

• Corrected issue where WTC sessions would not retain and honor the user's Active Directory credentials

• Corrected server crash in error handling in EFT Server’s authentication sub-system

• Corrected issue triggered when ftp command socket was closed as data socket connected

• Corrected issue on FTP connection when using NLST

• Corrected issue where disabling an event in the "Event Rules" pane would cause the server to crash

• Corrected cross site scripting vulnerability reported by QUALSGuard scanner when HTTP to HTTPS redirection was enabled

• Corrected intermittent issue when deleting physical or virtual folders

• Corrected discrepancy between the timezone used for the FS.FILE_CREATE and FS.FILE_CREATE_TIME event rule variables

• Corrected COM script memory leak triggered by the processing of deleted or invalid folders

• Corrected issue with %FILE.*% related Event Rule variables

• Corrected issues interoperating with servers using SFTP protocol version 4 or greater

• Corrected issue where internal SQL commands had inconsistent casing

• Corrected issue where some login clients account dates were showing up as Dec 31, 1969

• Corrected issue where upgrades could cause system service instability in rare instances

• Corrected issue that prevented OpenPGP encryption from signing ASCII armored files

• Corrected issue that made user names case sensitive when using Oracle as an authentication source

• Corrected issue where UPN style logins didn't find their AD Profile home directory

• Corrected issue where Event ACTIONS and GROUPS would trigger errors on SQL text file import

• Corrected issue where virtual folders not pointing to the C:\ drive were not visible

• Corrected issue during client authentication in SSL

• Corrected issue where folder names did not display a '&' properly

• Corrected minor GUI layout issue related to Advanced Workflow Engine (AWE) "Create Date" label