EFT Express
As of EFT v8.0.7, EFT Enterprise and EFT Express are simply "EFT." Refer to the EFT and Enterprise page for version 8.0.7 and later.
November 2021
Version 8.0.6.18
November 07, 2021
Fixes
Fixed an issue where Windows permissions were not used for NT/AD site user created by login via HTTP (TFS 381871, Case 94506)
Fixed and issue where users were unable to send a workspace share to existing users within a blacklisted domain (TFS 382023)
September 2021
Version 8.0.6.16
September 21, 2021
Enhancements
EFT Administration
Support block probing attempts in HTTP/S (DoS DDoS Flood) (TFS 380511)
Added ability to create users in Guest Users template for LDAP or AD configured sites (TFS 380301)
Advanced Properties
Added ability for Auto-ban to ignore unauthorized (anonymous) access to the defined paths (AutoBanAnonymousUnauthorizedAccessServicePathAllowList). Default value set to None (TFS 380511)
Added ability for Auto-ban to ban IP address on authorized (anonymous) access to defined paths (AutoBanAnonymousUnauthorizedAccessServicePathBlockList). Default value set to None (TFS 380511)
Added ability to enable or disable ARM BatchSQL feature so SQL requests can be applied one at a time as previous EFT 7.4 versions (DisableARMBatchSQL). Default set to false (TFS 381135, Case 92284)
Added ability to use multiple methods for ICAP Services (REQMOD AND RESPMOD) on the same URI (ICAPAllowMultipleMethodsForOneURI ). Default set to false (TFS 381063, Case 90968)
Added ability for EFT event rules not to intermediate encryption and decryption when transferring files to and from Encrypted Folders (IgnoreEncryptedFoldersInOutboundTransfers). Default set to false (TFS 380358)
Added ability to get file attributes via SFTP using FSTAT or LSTAT (SFTP2_ForceUseFSTAT). Default set to false (uses LSTAT) (TFS 380786, Case 89420)
Added ability to set list of user agents that are not allowed to bypass MFA (UserAgentHeaderMustUseOTP). Default set to None (TFS 379921, Case 87357)
Added ability to limit the number of workspaces that are cleaned up in a single pass so there is minimal EFT operational disruption (WorkspacesCleanupPortionSize). Default set to 1000 (TFS 379954, 380783, 380742, Case 90939, 87849, 91541, 92429)
ARM
Added support for SQL 2019 (TFS 70411)
COM API Added interfaces:
Added ICIAbortUserOperationActionParams interface
COM API Added properties:
Added ICIServer interface "CloseServerService" method
Added ICISite interface PGP properties:
PGPSendEmailExpirationCopyToAssociatedUser
PGPSendEmailPriorExpiration
PGPSendEmailUponExpiration
PGPEmailExpirationRecipientsList
PGPTimePriorExpirationInDays
Added ICIPGPKeyInfo interface property: UsageFlags
Added ICIEncryptedFolder properties:
EncryptionKey
KeyAlias
COM API enums
Added EventActionType enum: "AbortUserOperationAction"
Added Event Type enums:
OnAS2Test
OnAS2AsyncResend
OnWorkspaceExpired
OnSecureMessageComposed
OnSecureMessageSent
OnSecureMessageNotSent
OnSecureMessageViewed
OnSecureMessageAttachmentBeforeDownload
OnSecureMessageAttachmentAfterDownload
Renamed EventType enum "BeforeWorkspaceDeleted" to "OnWorkspaceBeforeDelete"
Event Rules
Added new ad hoc (Workspaces) conditions (TFS 369704)
Added new Abort User Operation action (TFS 379474)
Added new ad hoc "Message Composed" workspace event (TFS 369702)
Added new ad hoc "Message Not Sent" workspace event (TFS 369702)
Added new ad hoc "Message Viewed" workspace event (TFS 369702)
OpenPGP
Added ability to notify on PGP key rotation period (TFS 365341)
Added support for OpenPGP key metadata to easily identify PGP keys (TFS 376950)
Remote Agent
Added ability to import and export RAM rules (TFS 379187)
SSL
Support for TLS v1.3 (TFS 379224)
VFS
Added ability to map virtual folders to cloud storage (Beta) (TFS 379854)
Web Transfer Client (WTC) & Workspaces
Added support for pagination of directory listings (TFS 377878)
June 2021
Version 8.0.5.12
June 06, 2021
Fixed an issue where certain event rule configurations would fail to upgrade to EFT 8.0.5
April 2021
Version 8.0.5.7
April 30, 2021
New Features
EFT Administration
Added support for Proxy Protocol (TFS 376808)
Added a warning when exceeding EFT's specified limits (TFS 376816)
Added a "Last password change" field under the user's General tab (TFS 379671)
Added a Secrets Module backup storage location (TFS 376215)
Added the ability to define SSL and SFTP security settings (ciphers, mac's, etc.) at the Site Level (TFS 370369)
Added support for Twilio custom verification code (TFS 378823)
Added a warning for Folder Monitor Rules when monitoring a user's home folder path (TFS 376494)
Added ability to promote an EFT Server to a new cluster (TFS 377176)
Added two new Performance Counters: Event Rules Running Async Events, Event Rules Size of Async Events Queue (TFS 341305)
Advanced Properties
Added ability to ignore sending password reminder emails for expired or disabled user accounts (SendPasswordReminderEmailForDisabledClient). Default set to True (TFS 378128, Case 83175)
Added ability to set expiration limits on password reset links (PasswordResetLinkExpirationPeriodMinutes). Default set to 30 minutes (TFS 376459, Case 79626)
Added ability to set AKV Recovery Access Key (AKVRecoveryAccess) (TFS 376215)
Added ability to set AKV Recovery Host (AKVRecoveryHost) (TFS 376215)
Added ability to set AKV Recovery Password (AKVRecoveryPassword) (TFS 376215)
Added ability to set AKV Recovery SiteID (AKVRecoverySiteID) (TFS 376215)
Added ability to set legacy asynchronously reply (success reply is sent to client after the event rule kicked off), (WaitOnFileUploadEventCompletionBeforeSendingResult). Default set to False (TFS 341305)
Added ability to control the running rule size thread pool for asynchronous events (RunningAsyncEventsLimit). Default set to 20 (TFS 341305)
Added ability to control the maximum queued up thread pool for asynchronous events (QueuedAsyncEventsLimit). Default set to unlimited (TFS 341305)
Added ability to set the max limit in bytes for file action (MaxFileActionReadSize). Default set to 65534 bytes (TFS 376411)
Added ability to set write limit in bytes for file action (MaxFileActionWriteSize). Default set to 65534 bytes (TFS 376411)
Added ability to set timeout when receiving Proxy Protocol header after client disconnects (ProxyProtocolHeaderTimeoutInMS). Default set to 6000 ms (TFS 376808)
Added ability to prioritize SFTP Ciphers (SftpClientCiphers) (TFS 376085)
Added ability to prioritize SFTP KEX algorithms (SftpClientKexAlgorithms) (TFS 376085)
Added ability to prioritize SFTP MACs (SftpClientMACs) (TFS 376085)
ARM
Added support for SQL 2016 (TFS 70411)
COM API interfaces
ICIFileActionsChecksumParams
ICIFileActionConcatenateParams
ICIFileActionDeleteParams
ICIFileActionFilter
ICIFileActionReadParams
ICIFileActionRenameParams
ICIFileActionWriteParams
ICISynchronizeActionParams
ICIRESTInvocationAuthParams
ICIRESTInvocationVerifyParams
ICIRESTInvocationEventRuleParams
COM API Properties
ICIFileActionParams: added GetParams and SetParams, and changed type to Type
SFTP algorthm-related properties in ICIServer Interface
ICISite Interface:
AllowClearCommandChannel
AllowUnprotectedDataChannel
Enable the Proxy Protocol
EncryptionKey
IsSSLSettingsInherited
IsSFTPSettingsInherited
Secrets Module settings
SSLVersionMask
SSLCipherList
WorkspacesOAISecureMessageBodyPolicy
ICIAWTaskActionParams interface, added WaitUntilCompletes
ICICommandActionParams Interface, added WaitUntilCompletes
ICIMailActionParams interface, added WaitUntilCompletes
ICICallSubroutineActionParams, added WaitUntilCompletes
ICIContentIntegrityControlProfile Interface, added several new properties
ICIGDPRSettings Interface, added EncryptionPDKey property
ICICloudAWSS3DownloadParams interface, added TreatMissingSourceAsSuccess
ICICloudAzureBlobDownloadParams interface, added TreatMissingSourceAsSuccess
COM API enums
ChecksumAlgorithm (CRC32, MD5, SHA1, SHA256, SHA384, SAH512)
FileOperationType, added FileChecksum, FileConcatenate, FileDelete, FileRead, FileRename, FileWrite
IcapErrorsPolicy
MatchingFileOption (append, skip, overwrite, numerate, fail)
RESTInvocation, added to EventType
RESTInvocationAuthType
RESTInvocationVerifyType
SyncDirectionType
SyncOverwriteType
SynchronizeAction, added to EventAction Type
Event Rules
Added REST Invoke trigger (TFS 367340)
Added Run Now option on any event rule (TFS 376558)
Added event rule synchronize action that provides sync using EFT's built-in client or Remote Agent (TFS 378435)
Added File Action operations (Read, Concatenate, Checksum) (TFS 376411)
Added an option to Event Rules to reply asynchronously (TFS 341305)
Added checkbox for running event rule actions asynchronously (TFS 375790)
Added "Treat missing as success" option for Upload Cloud action (TFS 379608)
ICAP (CIC module)
Added support for reqmod client requests (TFS 377914)
Added support for respmod ICAP server responses (TFS 377915)
Added support for OPTIONS method (TFS 377916)
Added support to allow override of the REQMOD/RESPMOD X-headers sent by EFT (TFS 377974, Case 78915)
Additional support for Response Handling (TFS 377983)
Added support to block/allow on HTTP error (TFS 378265)
EFT Outlook Add-In
Added support to handle duplicate recipients more gracefully (TFS 367839, Case 79773)
Added authentication failure logic to prevent accidental DoS (TFS 375400, Case 77391)
Added additional debug logging (TFS 379285)
Web Transfer Client (WTC) & Workspaces
Added support to give EFT administrators control over Send Secure (mandated, allowed or sender's choice) (TFS 376825)
Added default settings for all WTC's settings via the Admin-configuration.json (TFS 377004)
Added WTC language support for: Italian, Japanese, Chinese simplified and Chinese traditional (TFS 377300)
Added support to display a count for total files/folders or a count of selected files in the current directory (TFS 377689)
Added the ability to send to self via the Send Portal (TFS 370060)
Added support for character input validation (TFS 375466, Case 78321)
Added support for the web client to remember the last state (open/closed) of the Activity and/or History panel (TFS 377875)
Added easy access to re-brand commonly branded elements in our WTC (Web Transfer Client) (TFS 376830)
Enhancements
EFT Admin UI
Modified UI/UX for Event Rules (TFS 370698)
Modified the Default Template Path for new users (TFS 372234)
Modified EFT's DNS routing process (TFS 375531, 73644)
Updated cluster web files path to the cluster share path (TFS 376137)
Advanced Properties
Increased Auto-ban Limit default from 10000 to 50000. Additionally, increased the maximum value to 4294967295 from 60000 (TFS 378197)
Extended filter for all protocols in AuditUnimportantCommands (TFS 378041, Case 82475)
Extended AuditUnimportantCommands to control logging to the EX logs (TFS 379460, Case 82475)
Set Max limit for ICAPConnectionTimeoutInMS from 4294967295 to 2147483647 (TFS 378290, Case 83356)
Removed (FMRunActionsAsynchronously) due to new asynchronous functionality (TFS 375790)
Removed (applet_only) as this is no longer valid (TFS 375039)
Event Rules
Context variables are available to action fields (TFS 370855, Case 80765)
Various Event Rules UI changes (TFS 376444)
Removed Text in ICAP response headers and body text fields in the EFT UI (TFS 377983)
Optimization for EFT configurations that contain a large number of Folder Monitors (TFS 376791, 376409, Case 79954)
COM API
ICIFileActionParams properties: Contents, Encoding, ExclusionMasks, IncludeSubdirsFlag, NewNameMask, Operation, Path, OverwriteOption, UseExclusionMasksFlag (functionality moved to new File Action interfaces, listed below)
Web Transfer Client (WTC) & Workspaces
Removed obsolete web clients (TFS 375039, Case 76747)
Removed MKCOL call on folder creation (TFS 370399, Case 65468)
Improvements to the WTC Activity Panel to better identify ongoing transfers (TFS 377501)
Improvements to Timezone adjustments for file listings (TFS 377502)
Removal of jQuery in EFT (TFS 378206)
ARM
Updated a stored procedure for fact table generation to improve performance (TFS 378964)
Fixes
EFT Administration
Fixed an issue where the UI did not reference HTTPs 2FA as a dependent module (TFS 378250)
Fixed an issue where commas in multi-string upload forms reported an error when saved (TFS 379606)
Fixed an issue where the EFT Admin GUI could hang due to listings in the TED transfers (TFS 379004, TFS 378831, Case 84862)
Fixed an issue where EFT could experience a memory leak when the Admin UI was refreshed multiple times (TFS 378233, Case 84432)
Advanced Properties
Fixed an issue where (UserAgentHeaderSkipOTP) did not allow multiple user agents (TFS 378135)
ARM
Fixed an issue where the EFT report "Most Active Users - Connections" would display an entry for a user 'blank' (TFS 379465)
Fixed an issue where on SQL schema upgrade, sbo assignment on a stored procedure could be skipped (TFS 379454, Case 86556)
Fixed an issue where a connection string value would be automatically added to an ARM report using the report editor (TFS 376876, Case 79602)
DMZ Gateway
Fixed an issue where a deadlock between singlegateway and pncsocket could exists (no new DMZ required) (TFS 377892, Case 81076)
Fixed an issue where DMZ would not listen to FTPS Explicit only (no new DMZ required) (TFS 377458, Case 82367)
COM API
Fixed an issue where COM GetUserSettings was returning random values for users who had not connected to the server (TFS 378436, Case 84395)
Event Rules
Fixed an issue where sweep operations or Time event rules would not log Cloud download actions in AWS (TFS 379690)
Fixed an issue where an extra slash was added to the URL for Azure blob storage (TFS 378023, Case 82692)
Fixed an issue where a deadlock could exist on server startup (TFS 378114, Case 83274)
Fixed an issue where an event rule import that contained a large body would fail to import (TFS 377444, Case 82215)
Fixed an issue where an ORA-01858 error was reported with an Event Rule that contained a generate report action (TFS 378818, Case 84953)
Fixed an issue where EFT administrators were unable to create Event Rules when using a non-default server group (TFS 378832, Case 84877)
Fixed an issue where Export/Import of Event Rules that contained AWE actions in EFT 8.0.4 would fail (TFS 379117, Case 85706)
Fixed an issue where out of memory issues could be experienced when uploading large files to the cloud (TFS 379080, Case 88213)
Fixed an issue where Azure blob connection profile fails to connect to Storagev2 configurations (TFS 378913)
Fixed an issue where a Test connection in the Connection Profiles to AWS could cause the Admin UI to timeout (TFS 378821, Case 84987)
Fixed an issue where S3 cloud monitor could not get a proper listing with 1000+ files (TFS 377324, Case 81642)
Fixed an issue where EFT could run low on memory when performing multipart uploads via Cloud Upload actions (TFS 378144, Case 82545)
Fixed an issue where masked variables in Event Rules were not masked in the EFT log (TFS 378239, Case 81686)
HA (High Availability)
Fixed an issue where the EFT service could crash due to corruption in the MSMQ (TFS 378331, Case 84775)
ICAP (CIC)
Fixed an issue where EFT could crash when ICAPConnectionTimeoutInMS was set above 2147483647 (TFS 378290, Case 83356)
Fixed an issue where EFT could crash during certain ICAP operations (TFS 379116, Case 85743)
Logging
Fixed an issue where the Administrator Permissions logger was not logging (TFS 379052, Case 85623)
Fixed an issue where improper logger configuration could cause the EFT service to crash (TFS 376134, Case 79299)
EFT Outlook Add-in
Fixed an issue where the OAI would fail to validate proper EFT polices (TFS 380051)
Fixed an issue where a connection to OAI would prevent the deletion of the user in the EFT Admin UI (TFS 376624, Case 80389)
Fixed an issue where OAI emails would conflict with encrypted emails (TFS 379325, Case 86222)
OpenPGP module
Fixed an issue where PGP encryption action would fail on NetApp network folders (TFS 378119, Case 82925)
Remote Agent (RAM)
Fixed an issue where dataset functionality would be available under Remote Agent rules (TFS 378252)
Fixed an issue where EFT admins would be unable to edit the Remote Agent IP access list (TFS 378249, Case 84506)
SSH/SFTP
Fixed an issue where 0KB files were downloaded from Linux servers with 640 permissions (TFS 378518, Case 84208)
VFS
Fixed an issue where modifying the VFS permissions could crash the EFT service (TFS 377497, Case 82487)
Web Transfer Client (WTC) & Workspaces
Fixed an issue where Received Items folder was hidden (TFS 378508)
Fixed an issue where existing users were unable to access shared workspaces when Terms of Service or Privacy Policy were enabled but not previously accepted (TFS 378896)
Fixed an issue where password resets would generate two email notifications (TFS 379095)
Fixed an issue where a 508 Violation was identified in the landing page (TFS 378066)
Fixed an issue where a 508 Violation was identified in the WTC Send portal (TFS 378068)
Fixed an issue where Collaborative workspace participants could not access the workspaces via SFTP (TFS 379270, Case 86495)
Fixed an issue where AD users needed permissions to the shared config when sending a Transactional Workspace (TFS 377988, Case 82589)
Fixed an issue where AD account search was too slow when sharing a workspace (TFS 378212, Case 83122)
Fixed an issue where workspace daily digest notifications were not being sent (TFS 378922, Case 83759)
Fixed an issue where the WTC page would send the default PasswordRestConfirm.html template even when customized (TFS 379053, Case 85655)
Fixed an issue where WTC users were not able to overwrite existing files (TFS 378220, Case 84333)
Fixed an issue where WTC users were not able to Share a file larger than 5GB via the Send Portal (TFS 378517, Case 83932)
Fixed an issue where Base64 encoded WTC credentials failed to login to WTC (TFS 378147)
Fixed an issue where WTC users were not able to login after changing their password if it contained a + (TFS 377265, Case 80991)
Fixed an issue where a sender's or recipients email was displayed in the invitation link URL (TFS 376994)
February 2021
Version 8.0.4.32
February 02, 2021
New Features
Added support for Twilio custom verification code (TFS 378823)
Enhancements
Updated PGP library (TFS 378983, Case 85355)
Fixes
Various Bug fixes
November 2020
Version 8.0.4.27
November 01, 2020
New Features
Administration
Enhanced the password dictionary validation feature so that dictionary words surrounded by non-alphabet characters are detected and blocked (TFS 374099, Case 75599)
Added support for runtime templating, a means of setting reusable variables for paths and similar resources to facilitate DR and migrations (TFS 373679)
Added support for Datasets, which are easier to use and more powerful than arrays, a variable type that can hold tabular data (TFS 373163)
Added a new Event Rule action that will download a remote file listing and store the results in a Dataset (TFS 373167)
Added a new Event Rule action to loop through each element in a Dataset (TFS 373169)
Added support for break from loop for datasets in Event Rules (TFS 373170)
Added a new Event Rule action to read the contents of a Dataset and output those to a .CSV file (TFS 374260)
Added a new Event Rule action to store the contents of a .CSV file into a Dataset (TFS 374261)
Added an option to output PowerShell debug logging to a separate file, independent of EFT's primary log file (TFS 374313)
Added two additional AWS regions (EU (Milan) and Africa (Cape Town)) to EFT's AWS cloud actions (TFS 375029)
Added a customizable upload forms feature for collecting metadata from users prior to uploading files, which can be utilized by Event Rules (TFS 374804)
Added a prompt to the EFT Admin GUI that will warn administrators when enabling cipher suites that may be vulnerable to Raccoon (TFS 377846)
Advanced Properties
Added ability to default HTTP socket timeout (HTTPSocketDefaultTimeout) (TFS 375327, Case 77746)
Added ability to set sub-folder Remote listings in Datasets to parse recursively. The default value is 10 (GetListingActionMaxRecursion) (TFS 373167)
Added ability to set the number of records to display in the WTC Sent items view (outbox) and Received items view (inbox). The default value is 50. (BigCollectionsPageSize) (TFS 370374, 370375)
Added ability to restore legacy Dictionary password complexity functionality. The default value is False (DictionaryLegacyCheckIncludeSpecialDigits) (TFS 374099)
Added ability to enable/disable cipher aes128-gcm@openssh.com. The default value is Enabled (SFTP2_AES128_GCM_AT_OPENSSH_COM) (TFS 372451)
Added ability to enable/disable cipher aes192. The default value is Enabled (SFTP2_AES192) (TFS 372451)
Added ability to enable/disable cipher aes192-ctr. The default value is Enabled (SFTP2_AES192CTR ) (TFS 372451)
Added ability to enable/disable cipher aes256-gcm@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)
Added ability to enable/disable cipher chacha20-poly1305@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)
Added ability to enable/disable cipher rijndael-cbc@lysator.liu.se. The default value is Enabled (SFTP2_RIJNDAEL_CBC_AT_LYSATOR_LIU_SE) (TFS 372451)
Added ability to enable/disable MAC hmac-sha1-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA1_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC hmac-sha2-256-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_256_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC hmac-sha2-512-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_512_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC umac-64@openssh.com. The default value is Enabled (SFTP2_UMAC_64_AT_OPENSSH_COM) (TFS 375033)
Added ability to enable/disable MAC umac-64-etm@openssh.com. The default value is Enabled (SFTP2_UMAC_64_ETM_AT_OPENSSH_COM) (TFS 375033)
Added ability to allow user-agent to skip 2FA/MFA (UserAgentHeaderSkipOTP) (TFS 374817)
Added a new advanced property that would allow admins to export AWE tasks from EFT's database to their legacy file paths (AutoExportAllAWTasksToFiles) (TFS 374755)
AS2
Added functionality
Added the ability to allow values that exceed 600 seconds for the response and message send timeout setting (TFS 374078, Case 69531)
COM API
Added the following ICISite methods:
AddUploadForm
DeleteUploadForm
EnableUsers
GetUploadForm
UpdateUploadForm
Added the following ICISite properties:
EnableMfa
MfaType
SmsProviderProfile
UploadFormsList
WebSSORedirectToSsoServiceBypassingLoginPage
WorkspacesMfaType
WorkspacesOAIMfaType
ICIClientSettingInterface, added the following functions:
GetRequireMfa
SetRequireMfa
ICIEventRule, added the AddLoopDatasetStatement method
ICIActionStatements, added the following methods:
AddActionStatement
AddIfStatement
AddLoopDatasetStatement
Added the ICILoopDatasetStatement interface, with the following methods:
AddActionStatement
AddIfStatement
AddLoopDatasetStatement
DeleteStatement
GetParams and SetParams
StatementsCount
Statement
Added ICICsvExportActionParams and ICICsvImportActionParams
Added ICIGetListingActionParams Interface
Added ICILoopDatasetStatement Interface
Added ICILoopDatasetStatementParams Interface
Added ICIUploadForm interface
Added ICIUploadFormElement interface
Added ICITwilioSmsProviderProfile interface
In the ICISimpleCondition interface, added the UseRegex property.
Enums added:
MFA type to specify whether to use email, SMS or either for second authentication
LoopDatasetStatement to EventRuleStatementType enum
LoopOrderType, used in the ICILoopDatasetStatementParams LoopOrder property
GetListingAction, LoopBreakAction, CsvImportAction, and CsvExportAction to EventActionType
FileDateFormat
UploadFormComType
UploadFormElementComType
REST API
Added functionality
Added underlying support for RESTful APIs in accordance with JSON:API principles (TFS 374144)
Added the ability to assign REST permissions to EFT administrator accounts (TFS 375336)
Added RESTful API endpoints for user account and VFS management configuration (TFS 374152)
Added the ability to create granular permissions for RESTful access to end points, down to the individual element (TFS 375337)
Added support for REST which allows EFT admins to create users and read all their settings but not delete them [users] or update them [users](TFS 375337)
Added support for REST which allows EFT admins to create users except for a user name matching "Administrator"(TFS 375337)
Added support for REST which allows EFT admins to read all the configuration for all users for a given site named (TFS 375337)
Added support for REST which allows EFT admins to read the AllowSecureFolderSharing value for users in the Guest template, but cannot read any other values or do anything else (TFS 375337)
Added support for REST which allows EFT admins to read the configuration to find out everything about all users in Site under template "Guest Users" but not make any changes to those users (TFS 375337)
Added support for REST which allows EFT admins to update everything about any user (TFS 375337)
Added support for REST which allows EFT admins to update everything about any user except for changing their SFTP key (TFS 375337)
Added support for REST which allows EFT admins to update all users except for a user matching a specific name (TFS 375337)
Added support for REST which allows EFT admins to update users but not create them or delete them (TFS 375337)
Added support for REST which allows EFT admins to delete users (TFS 375337)
Added support for REST which allows EFT admins to delete all users except for a specific user name (TFS 375337)
Added support for REST which allows EFT admins to execute the Generate pass function for all users (TFS 375337)
SAML
Added the ability to leverage federated authentication for Guest users, including SSO and JIT, where desirable (TFS 374120)
SSH/SFTP
Added support for aes256-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)
Added support for rijndael-cbc@lysator.liu.se SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)
Added support for aes192-ctr SSH cipher in Non-FIPS mode (TFS 372451)
Added support for aes192-cbc SSH cipher in Non-FIPS mode (TFS 372451)
Added support for aes128-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)
Added support for chacha20-poly1305@openssh.com SSH cipher in Non-FIPS mode (TFS 372451)
Added legacy support for cast128-cbc SSH cipher in Non-FIPS mode (TFS 372451)
Added legacy support for blowfish-cbc SSH cipher in Non-FIPS mode (TFS 372451)
Added legacy support for arcfour SSH cipher in Non-FIPS mode (TFS 372451)
Added new advanced properties to enable/disable certain ciphers for client outbound (TFS 372451)
Added support for hmac-sha2-512-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)
Added support for hmac-sha2-256-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)
Added support for hmac-sha1-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)
Added support for umac-64-etm@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)
Added support for umac-64@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)
Added new advanced properties to enable/disable certain MACs for client outbound (TFS 375033)
EFT now provides the ability to choose SFTP key type upon creation (TFS 370229)
EFT now supports backwards compatibility for DSS keys (TFS 372452)
Added support for ecdh-sha2-nistp521 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for ecdh-sha2-nistp384 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for ecdh-sha2-nistp256 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for diffie-hellman-group18-sha512 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)
Added support for curve25519-sha256 SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)
Added support for curve25519-sha256@libssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)
Added support for sntrup4591761x25519-sha512@tinyssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)
Added back the ability to see negotiated SFTP cipher suites to EFT's client (outbound) logs (TFS 373618)
Web Transfer Client (WTC) & Workspaces Changes
Added support for SMS 2nd factor validation for guest account enrollment (registration) and for normal authentication (TFS 374817)
Added a new shared folder (Workspaces) history section to the Web Transfer Client for owners and participants (TFS 374884)
Added a Received items (inbox) section to the Web Transfer Client for users to see messages and files sent to them (TFS 370375)
Added a Sent items (outbox) section to the Web Transfer Client for users to see messages and files they've sent to others (TFS 370374)
Enhancements
EFT Administration
Updated the text under the Logs tab to reflect "Audit event rule client outbound transfer" instead of "Diagnostic Logging Settings" (TFS 376313)
Optimized EFT's folder monitor polling so that it wouldn't attempt to open file hands for files matching extension exclusion conditions (TFS 373182)
Modified EFT's import/export of Event Rules to match the json format supported by EFT's RESTful APIs (TFS 374054)
Modified the 'Variable' action so that it utilized only a single line, making it easier to visually parse (TFS 374308)
Modified encrypted folder and personal data secrets so they are randomized by default and can be viewed or overridden by admins (TFS 373411)
Advanced Properties
Updated default value for Advanced Property SFTP2_ARCFOUR to False (TFS 372451)
Updated default value for Advanced Property SFTP2_Blowfish to False (TFS 372451)
Updated default value for Advanced Property SFTP2_CAST128 to False (TFS 372451)
Updated default value for Advanced Property SFTP2_MD5 to False (TFS 375033)
Updated default value for Advanced Property SFTP2_MD5_96 to False (TFS 375033)
Updated default value for Advanced Property SFTP2_SHA1_96 to False (TFS 375033)
REST API
Modified EFT's existing RESTful APIs for Server and Site endpoints to adhere to JSON:API (TFS 374361)
SSH/SFTP
Prohibit the ability to generate rsa SSH keys less than 2048 bit in FIPS mode (TFS 375076)
Prohibit the ability to use SSH keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)
Prohibit the use of "diffie-hellman-group1-sha1" SSH KEX (for both client and server) in FIPS mode (TFS 375076)
Prohibit the use of "hmac-sha1-96" SSH MAC (for both client and server) in FIPS mode (TFS 375076)
Enabled by default "hmac-sha1" SSH MAC (for client) in both FIPS and non-FIPS mode (TFS 375076)
Prohibit the ability to generate rsa SSH keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)
Ciphers are now ordered by strength, favoring FIPS approved ciphers, with only FIPS approved ciphers enabled by default (TFS 372451)
EFT admins will now be warned if they enable insecure ciphers (3des-cbc, cast128-cbc, blowfish-cbc, arcfour) in Non-FIPS mode (TFS 372451)
EFT admins will now be warned if they enable insecure cipher 3des-cbc in FIPS mode (TFS 372451)
The following ciphers are now enabled by default (due to FIPS-compliance): aes256-gcm@openssh.com, aes256-ctr, aes256-cbc, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc, aes128-gcm@openssh, aes128-ctr, aes128-cbc (TFS 372451)
The following ciphers are now enabled on upgrade: aes256-gcm@openssh.com, aes128-gcm@openssh, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc (TFS 372451)
Improved TED6 log verbosity with newer SSH library (TFS 373819, Case 72767)
The following MACs are now enabled by default (due to FIPS-compliance): hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)
The following MACs are now enabled on upgrade: hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)
KEX ciphers are now ordered by strength, favoring FIPS approved KEXes, with only FIPS approved KEXes enabled by default (TFS 372613, Case 77147)
The following KEX ciphers are now enabled by default (due to FIPS-compliance): ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 (TFS 372613, Case 77147)
KEX cipher diffie-hellman-group18-sha512 will not be enabled by default (despite the fact that its FIPS-compliance) due to its poor performance behavior (TFS 372613, Case 77147)
The following KEX ciphers are now enabled on upgrade: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256 (TFS 372613, Case 77147)
The following KEX ciphers are enabled by default for Client connections in both FIPS and Non-FIPS mode: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group18-sha512, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)
The following KEX ciphers are enabled by default for Client connections in Non-FIPS mode: curve25519-sha256, curve25519-sha256@libssh.org, sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)
SSL
Updated SSL Library to 1.0.2u (TFS 375029)
Prohibit the ability to generate rsa SSL keys less than 2048 bit in FIPS mode (TFS 375076)
Prohibit the ability to use SSL keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)
Prohibit the ability to generate rsa SSL keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)
Web Transfer Client (WTC) & Workspaces
Updated jQuery to v3.5.1 (TFS 376501, Case 80133)
Outlook Add-in (OAI)
Modified functionality
Modified the Outlook Add-in to avoid message preparation when the add-in is not being used to handle attachments (TFS 377131, Case 80889)
COM API
Changed nKeyBits to nKeyParams in ICIServer CreateSSHKey and CreateSSHKeyRemotely
Changed nKeyBits to nKeyParams inICISite CreateSSHKeyPair
Fixes
EFT Administration
Fixed an issue where EFT could hang after applying a change to the group and domain for an AD site (TFS 369730, Case 65993)
Fixed an issue where EFT would fail to create a GSAuth account when RSA manage password is enabled (TFS 375388, Case 78173)
Fixed an issue where a deadlock could be exhibited when stopping the EFT service via the Service Manager (TFS 371230, Case 70079)
Fixed an issue where the quick search produced incorrect results for connection profiles in upload/download actions (TFS 375328, Case 77625)
Fixed an issue where LDAP users could no longer login after changing the OU (TFS 374566, Case 75760)
Fixed an issue where the AWE mail registry SMTP Password would be overwritten when the EFT Admin GUI's SMTP settings were modified (TFS 376198, Case 78079)
Fixed an issue where a potential deadlock could cause a hang on the EFT Admin GUI (TFS 376222,376433,376389, Case 78656,79826, 80385, 80914)
Fixed an issue where a potential deadlock could cause HTTPs connections to fail (TFS 377021, Case 81348)
Fixed an issue where FTP listing on chrome would list an empty directory (TFS 377050, Case 80506)
Fixed an issue where plain FTP via DMZ would not work (TFS 376912, Case 78948)
Fixed an issue where upgrades to EFT 8.0 could fail when duplicate Event Rule folder names existed (TFS 377445, Case 82273)
Fixed an issue where upgrades to EFT 8.0 could fail when duplicate ssh public existed (TFS 377002, Case 80370)
Fixed an issue where upgrades to EFT 8.0 could fail when workspaces included duplicate names in upper and lowercase (TFS 376973, Case 80443)
Fixed an issue where server admin permissions could disappear after upgrading to EFT 8.0 (TFS 377672, Case 81472)
Fixed an issue where upgrades to EFT 8.0 could fail when a certificate resided in both the pending and trusted list (TFS 376153, Case 79408)
Fixed an issue where upgrades to EFT 8.0 could fail when an Event Rule contained Mail action (TFS 377457, Case 82232)
Fixed an issue where the EFT Admin GUI could run out of memory with heavy configurations (TFS 377338, Case 82025)
Fixed an issue where EFT Admins would receive an error when specifying remote SSH keys in Event Rules (TFS 376118)
ARM
Fixed an issue where the Activity - by Users reports were misleading with the data being pulled. (TFS 374125)
Fixed an issue where the reports using fact tables would group several lines for each group. (TFS 374454)
Fixed an issue where EFT would audit 0kb when AS2 transactions are successful (TFS 376257, Case 79486)
AWE
Fixed an issue where a race condition was seen when running GSAWE.exe that caused an AWE licensing error (TFS 372374, 71032)
Fixed an issue where the AWE OCR action would not work (TFS 375343, Case 76553)
COM API
Fixed an issue where user admins could not enable a user account via COM (TFS 373315, Case 74441)
Event Rules
Fixed an issue where Timer Event Rules - Exclude UK Holidays had missing days (TFS 376875, Case 78879)
Fixed an issue where the Event Rule change log would not properly update after clicking Apply (TFS 376277, Case 79465)
HA (High Availability)
Fixed an issue where Event Rule master would send MSMQ tasking message to itself when it shouldn't be (TFS 376320)
ICAP/CIC
Fixed an issue where the host header in a CIC request would send a request to http.example.com (TFS 377358, Case 81443)
Installer
Fixed an issue where EFT would fail installation when CWDIllegalInDllSearch registry is configured (TFS 373910, Case 70840)
Logging
Changed log level to ERROR for AML export errors (TFS 376480)
Fixed an issue where the wrong log level for Folder Monitor reconnect events was used (TFS 375800, Case 78333)
Outlook Add-in
Fixed an issue where duplicate email stuck in outbox when encrypted with zed mail (TFS 374623, Case 75460)
PCI
Fixed an issue where PCI compliance reports would report failures due to password security for remote agents (TFS 377808, Case 82083)
Remote Agent (RAM)
Fixed an issue where a remote agent could crash when the source path is configured with a virtual local path (TFS 376602, Case 80300)
SAML
Fixed an issue where the SAML SSO JIT user template pulldown can set incorrect user setting template (TFS 375614)
Fixed an issue where the SAML SSO JIT user email attribute taken from username attribute, not email attribute (TFS 375677)
Fixed an issue where users were presented with a 404 on the reply portal when using SSO (TFS 374791, Case 76465)
SSH/SFTP
Fixed an issue where EFT could crash when opening a file/folder (TFS 375556, Case 78436)
VFS
Fixed an issue where EFT startup performance would be affected by large number of virtual folders (TFS 374893, Case 76483)
Web Transfer Client (WTC) & Workspaces
Fixed an issue where "Expires:" headers were sent twice via our WTC page (TFS 375389)
Fixed an issue where Workspaces participants could not share their root folder (TFS 376164)
Fixed an issue where the From field in Send requests did not enforce server side validation (TFS 376091)
Fixed an issue where password resets were treated as successful but actually failed (TFS 375161, Case 76747)
Fixed an issue where customization changes in theme.json were not properly applied (TFS 374598)
Fixed an issue when viewing a workspace (as invitee) the update is active but would not display a progress bar (TFS 376221)
Fixed an issue where session tokens were not properly randomized (TFS 376419, Case 79654)
Fixed an issue where default datetime format was not defaulted to US (TFS 376870)
Fixed an issue where passwords with trailing spaces would get trimmed (TFS 375354, Case 77494)
Fixed an issue where Workspace invitation acceptance would fail if user already had a session open (TFS 377040, Case 81196)
Fixed an issue where duplicate file uploads to WTC could break upload functionality in the current session (TFS 377266, Case 80852)
Fixed an issue where copy/paste function when inviting someone to a workspace would fail in IE11 (TFS 376708, Case 80348)
Fixed an issue where a folder with "#" in the name would cause an error in WTC (TFS 375243, Case 77426)
Fixed an issue where EFT's Terms of Service and forced password reset would cause a permission denied error (TFS 376510, Case 79430)
Fixed an issue where WTC retry would fail with error 406 on Firefox (TFS 376199, Case 78233)
June 2020
Version 8.0.2.23
June 14, 2020
New Features
Added subscription licensing for EFT and most modules
Restored ability to customize default values for Workspaces permissions (TFS 376117, Case 78957)
Restored ability to customize default values for Workspaces participant limits (TFS 376121, Case 78957)
May 2020
Version 8.0.2.19
May 10, 2020
New Features
Advanced Properties
EFT now provides the ability to override the port used in all workspace email notifications. This is useful when the DMZ Gateway is on a non-default port (e.g., 4443) and differs from the site port (i.e., 443). When enabled, all workspace emails (Send/Share/Request/etc.) will now use and append the PORT defined via the Advanced Property regardless of the Send Settings URL:PORT or Site DMZ port configuration. This property is disabled by default (ExternalLinkPortOverride) (TFS 371388)
Ability for WTC reserved file/folder caching for HTTP(S) requests to cache based on file size instead of an entire directory. This property is disabled by default. (MaxCachedReservedFileSizeKB) (TFS 373650)
Ability to cache WTC reserved files/folders located under .../EFT Server Enterprise/web/public/EFTClient/wtc/lib/, this property is enabled by default (CacheReservedFiles) (TFS 373650)
Fixes
Web Transfer Client (WTC) & Workspaces
Fixed an issue where the WTC page failed to load for external domains when EFT is configured with both Internal (with SAML SSO) and External domains (TFS 375093)
Fixed an issue where WTC customization failed when configured with multiple sites (TFS 375253)
Fixed an issue where upgrades to EFT 8.0 could fail because of duplicated workspaces (TFS 375535)
Fixed an issue where EFT may crash on rare instances when configured with AD and authenticating with Internal/External workspace users (TFS 375040)
Fixed an issue where upgrades to EFT Express 8.0 could fail due to incorrect data in the local db files (TFS 375555)
Fixed an issue where ignored logging to the authentication and protocols tables were not being honored (TFS 375543)
Fixed an issue where upgrades to EFT 8.0 could fail because of non-existing workspaces (TFS 375497)
Fixed an issue where upgrades to EFT 8.0 could fail because of missing permissions or non-unique connection profiles (TFS 375683)
Fixed an issue where upgrades to EFT 8.0.2 could cause Remote Agents Event Rule downloads to fail (TFS 375750)
March 2020
Version 8.0.2.10
March 25, 2020
New Features
EFT Administration
New option to schedule FACT table updates (TFS 373489)
Advanced Properties
By default, EFT uses non-exclusive file-sharing mode when processing file uploads. With this advanced property (UseExclusiveSharingModeForUploads) (TFS 374129), EFT can be configured to use exclusive sharing mode for uploads (i.e., file locking)
COM API
Added enums and a Site interface property to support the Out-of-Band passcode to pick-up files in EFT. (Please refer to the EFT administration help contents.)
WorkspacesOAIPasscodeProtectionType enum, used in the ICISite property, WorkspacesOAIPasscodeProtection to specify whether the EFT administrator requires a passcode, does not require, or is chosen by the email sender.
Web Transfer Client (WTC) & Workspaces Chages
Ability to Secure Send without attachment (Send portal and Outlook Add-in) (TFS 370270)
Ability to request passcode for file pick-up (TFS 361146)
Ability to redirect to login page instead of registration page for internal domains (TFS 373043)
Enhancements
Removed our legacy Jument WTC from the EFT installer (TFS 374773)
Ground-up rewrite of the various portals: Request file, Drop-off, Send, and Pick-up resulting in tremendous performance gains (TFS 373849)
Fixes
EFT Admin GUI
EFT would not respect server-level permissions (TFS 374330)
Admin GUI may crash due to nested workspaces (TFS 374281)
Enabling Encryption folders would cause open windows on the background to be displayed in the forefront (TFS 374831)
Remote admin GUI would fail to display the GDPR report (TFS 374567)
Memory leak in SSL_AES256_CBC_Encrypt (TFS 374865)
ARM
Report "Traffic-Average Transfer Rates by User "would report groups by protocol instead of site (TFS 374441)
Report "Activity - File Scanned Data Results" was missing in EFT Express (TFS 374150)
Event Rules
GUI may not display Else condition after saving and refreshing an event rule (TFS 374154)
Virtual Path condition may not work properly (TFS 374139)
EFT service may crash when trying to delete user while "On User Account Deleted" event rule is active (TFS 370599)
Event Scheduler may crash on service stop (TFS 371951)
Installer
Some upgrades to EFT 8.0 would fail during the copy serialization (TFS 374421)
Some upgrades to EFT 8.0 would fail when custom calendar selectors contained duplicated case sensitive entries (TFS 374565)
Upgrade from EFT Express to EFT Enterprise while changing the configuration path would lead to duplicate config and binaries of EFT folders (TFS 368531)
Upon upgrade to EFT 8.0 poor loading performance was experienced on the FileAudit.db (TFS 374194)
Upgrade to EFT 8.0 could fail due to a deleted workspace (TFS 374280)
Upgrade to EFT 8.0 could fail when a Remote Agent template is in the Awaiting Approval state (TFS 374258)
On an HA install, selecting Modify and changing the ARM server to a different SQL server was not saved (TFS 374238)
An upgrade to EFT 8.0 could fail when incorrect values exist in Client IP access (TFS 374846)
An upgrade to EFT 8.0 could fail when an incorrect participation value exists in the workspaces.db (TFS 374845)
Outlook Add-in
Outlook Add-in was treated as an untrusted publisher (TFS 374635)
Files sent via the OAI (Outlook Add-in) that contain # in the filename were not available in the pick-up portal (TFS 374077)
Emails can become stuck in the outbox when the Outlook Add-in is configured with Zedmail add-in (TFS 374053)
Copyright dates on the Outlook Add-in UI were out of date (TFS 372700)
PCI DSS
Some users may be disabled every night on a PCI site (TFS 374577)
Server admins were not required to use complex passwords when PCI is enabled (TFS 374807)
REST API
EFT Express would allow folder creation via REST (TFS 374113)
SAML
SAML JIT password fail password complexity when enabled(TFS 374357)
Web Services
InvokeWebService action works wrong with Location Header (TFS 373928)
Web Transfer Client (WTC) & Workspaces
Sharing a workspace with # the recipient could not register for access (TFS 373156)
An expected error message that should be presented when trying to share a workspace with an external user is not being presented (TFS 374100)
Authenticated external users were unable to reply to send requests without access to their home folder (TFS 374777)
TOS (Terms of Service) and Privacy policy prompts were not working on the various portals (TFS 371808)
Fixed an issue where workspaces fails to redirect new external participants to their workspace when taking less than 60 minutes between registration and verification (TFS 371972)
February 2020
Version 8.0.1.4
February 09, 2020
New Features
Added a "Secrets module" under the Security tab, which provides the ability to encrypt certain EFT passwords locally or via Azure's Key Vault (AKV) (TFS 372081)
Added support for Azure's Data Lake Storage Gen2 (ADLSg2) (TFS 372082)
Added ability to override VFS credentials (TFS 372229)
Added supports REST API for Event Rules (TFS 372230)
Fixes
EFT Admin GUI
Fixed an issue where an LDAP site failed to pull users in the UI but would allow authentication (TFS 369709)
Fixed an issue where the Admin GUI would truncate virtual folder paths larger than 260 characters (TFS 371035)
Fixed an issue where the Admin GUI did not properly apply the certificate to the Administration Service (TFS 373685)
Fixed an issue where the EFT Site Wizard UI would not follow the proper flow after pressing the back button (TFS 373735)
Fixed an issue where user login authentications may fail after SSL options at the user level are modified (TFS 374027)
Fixed an issue where the Admin GUI displayed the wrong CIC profile when editing an event rule for a SCAN file action (TFS 374051)
Fixed an issue where the EFT Admin GUI could crash when pressing refresh while viewing a report (TFS 374089)
Auth AD
Fixed where EFT was unable to authenticate an AD user (with UPN) on EFT Express (TFS 373552)
AWE
Fixed an issue where concurrent EFT Admins may use the same tmp file for editing AWE tasks (TFS 373762)
Event Rules
Fixed an issue where the focus in the Admin GUI was lost when adding variables to the subject field in an email action (TFS 374065)
Fixed an issue where the Event Rules "Stop Processing Rule" was always enabled (TFS 373879)
Fixed an issue where EFT would change the date modified timestamp in copy/move action changes on the destination file (TFS 373600)
FTP
Fixed an issue where the EFT service could crash via FTP (TFS 373856)
Fixed an issue where EFT failed to connect in FTP PASV mode when using DMZ as a proxy (TFS 371118)
GDPR
Fixed an issue where GDPR Article 32:(4) would not follow proper logic (TFS 373712)
Fixed an issue where DPIA Report logic for Article 32:(4) would not follow proper logic (TFS 374063)
Installer
Fixed an issue where some upgrades to EFT 8.0 would fail when upgrading from a large FTP.cfg file (TFS 373712)
Fixed an issue where some upgrades to EFT 8.0 would fail when certain EFT admins had misconfigured permissions (TFS 374116)
SFTP
Fixed an issue where the EFT could be flooded by network connections (TFS 373683)
Web Transfer Client (WTC)
Fixed an issue where the PowerShell script to customize WTC failed to run (TFS 37458)
Fixed an issue where the EFT would report a status code of 200 when failing to log on (TFS 373101)
COM API
Added enums, properties, and methods to support the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality in EFT. (For details of the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality, please refer to the EFT administration help contents.)
SecretsModuleType
CloudProviderType_AzureDataLakeStorageGen2
Properties in ICISiteInterface:
OverrideVFSCredentialsEnable
OverrideVFSCredentialsLogin
OverrideVFSCredentialsPassword
SecretsModuleClientID
SecretsModuleClientSecret
SecretsModuleType
SecretsModuleURL
Methods in ICICloudStorageMonitorEventRuleParams:
GetAzureDLSgen2GeneralParams
SetAzureDLSgen2GeneralParams
January 2020
Version 8.0.0.38
January 19, 2020
New Features
EFT Administration
The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)
EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)
The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)
Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)
Added a separate control the Request File page/portal URL (TFS 371245)
Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)
Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)
A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)
Added SAML assertion map attribute to email field (TFS 369964)
Added new Site-Level Counters
User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users
User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections
User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator
Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32
Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory
Templates – number of templates defined for this site. Updated infrequently
User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently
User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently
User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator
User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections
User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users
Workspaces Drop-offs – number of drop-off requests active and not expired
Workspaces File Sends – number of file send operations that are active and have not yet expired
Workspaces Folders Shared – number of folder shares that are active and have not yet expired
Updated the Amazon S3 Region list (TFS 373493)
Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)
Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)
SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)
Each site has its own set of SSH keys
Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db
The SSH creation and management GUIs were changed accordingly
OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)
Workspaces tabs have been consolidated into the Site > Web tab
Advanced Properties
Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).
To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)
To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)
To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)
To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)
To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)
To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)
To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)
To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)
To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)
To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)
To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)
Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)
Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)
Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)
Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)
Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)
Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)
To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)
To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)
To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)
To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)
To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)
To disable cache for DN Type in Active Directory sites (TFS 367876)
Added to skip auditing of:
Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)
Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)
Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)
Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);
Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)
Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)
Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)
RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)
User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)
All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)
‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)
Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete
Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)
Auditing and Reporting
Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)
Provided the ability to control what EFT Audits within the following tables (TFS 369778):
tbl_SocketConnections
tbl_ProtocolCommands
tbl_AS2Transactions
Improved error messages logged when failing to connect tOracle databases (TFS 369217)
ARM schema tables added:
AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)
AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)
NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)
NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)
PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)
PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)
ScanDataAction to contain list of scanned files and scan results (TFS 365254)
PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)
Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)
Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)
Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)
Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)
Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)
Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)
Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)
Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)
Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)
Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)
Added ARM reports:
“Workspaces – Folders Unshared”
“Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)
“Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)
“Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)
“Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)
“Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)
“Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)
“Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)
“Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)
“Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)
Workspaces
Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)
COM API
In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)
UTF8Logs property
In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)
PGP Key properties and methods:
CreatePGPKey
ExportPGPKey, ImportPGPKey
PGPKeys
RemovePGPKey
Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.
SSH Key properties and methods:
CreateSSHKeyPair
ExportSSHPrivateKey, ImportSSHPrivateKey
ExportSSHPublicKey, ImportSSHPublicKey
GetSSHKeyForSFTP, SetSSHKeyForSFTP
RemoveSSHKey
RenameSSHKey
SSHKeys
Privacy-related changes:
GetClientDataField, SetClientDataField
GetPrivacyPolicy, SetPrivacyPolicy
GetTermsOfService, SetTermsOfService
GetGDPRSettings, SetGDPRSettings
Workspaces Properties:
WorkspacesDomainsToForbidInviteeAddresses
WorkspacesEnableDomainsToForbidInviteeAddresses
WorkspacesOAIDomainsToForbidInviteeAddresses
WorkspacesOAIEnableDomainsToForbidInviteeAddresses
WorkspacesOAIEnableDomainsToLimitInviteeAddresses
WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute
Content Integrity Control profile management methods and properties
GetVirtualFolderList Properties (TFS 368492):
Calls with empty parameters work as previous behavior
Improvements with data returns of virtual folders that are inside the folder
In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId
In the ICISSHKeyInfo interface, added HasPrivate property
In the ICIManualIPAccessRule interface, added Reason property
Interfaces added for new Event Rule Actions:
ICICallSubroutineActionParams interface
ICIDefineVariableActionParams interface
ICIRunPowerShellScriptActionParams interface
Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):
ICIClientDataField interface
ICIGDPRSettings Interface
ICIPrivacyPolicy interface
ICITermsOfService interface
Enums:
In the AdminAccountType enum, added ADGroupAccount
In the AdminPermissionsPolicy enum, added ManagePersonalData
In the EventType enum, added EventRuleSubroutine
In the EventActionTypeenum, added:
DefineVariableAction
RunPowerShellScriptAction
CallSubroutineAction
In the EventProperty enum, added:
FileExtension
ClientGDPRSubjectStatus
ClientGDPRConsentStatus
ClientGDPRReason
ClientGDPRRightExercised
New ClientDataField enum
New GDPRTermsofServiceMode enum
New GDPRPrivacyPolicyMode enum
New GDPRSubjectStatus enum
New GDPRPrivacyPolicyConsentStatus enum
New GDPRTermsOfServiceConsentStatus enum
In UserAccountActionType enum, added:
EnableAccount
PersonalDataDeleteFields
PersonalDataResetToDefaults
PersonalDataSetEnabled
PersonalDataSetModifiable
PersonalDataSetVisible
SetEUDataSubjectStatus
SetPrivacyPolicyConsent
SetTermsOfServiceConsent
March 2019
Version 7.4.13.15
March 14, 2019
Added security patch updates for potential vulnerabilities. These updates address recently identified potential security vulnerabilities that affect system availability. They do not indicate data security risk. While there are no known exploitations of these vulnerabilities, we recommend upgrading as soon as possible to avoid potential risk.
Patches are available for the following versions here:
7.4.13.14 (Enterprise and Express)
7.4.11.34 (Enterprise and Express)
7.4.10.6 (Enterprise and Express)
7.4.9.11 (Enterprise and Express)
7.4.7.18 (Enterprise and Express)
7.4.7.15 (Enterprise and Express)
7.4.5.8 (Enterprise and Express)
7.4.5.7 (Enterprise and Express)
7.4.5.6 (Enterprise and Express)
Further information about these vulnerabilities is available here.
Version 7.4.5
March 19, 2019
7.4.5 R2
Fixes
Fixed scenario of Event Rule delegation to non-existent HA node that could result in failure to execute Folder Monitor event rules
Fixed scenario of Event Rule delegation to non-existent HA node that could result in server crash
7.4.5 R1
November 21, 2017
New Features
Added Cloud Connector Module
Added EFT REST endpoint for querying administrative info and server status
Event Rules:
Added new context variables related to Remote Agent functionality; %Agent.Name%, %Agent.Version%, %Agent.Last_Update_Timestamp%, %Agent.Next_Update_Timestamp%, %Agent.Computer_Name%, %Agent.Template%, %Agent.Status%
Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #
Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields
Logging:
Added logging for AWS S3 and Azure blob storage to EFT.log
Installation:
Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast
Remote Agent Module
Added provisioning and management of Remote Agents
Added Remote Agent Event Rule Triggers - Folder Monitor, Folder Monitor Failed, and Timer
Added Remote Agent Event Rule Actions - Copy/Move (push) file to host, Download (pull) file from host, Stop processing
SMTP:
Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab
Web Interfaces – General:
Implement robots.txt so that Web Transfer Client does not appear in web search
Workspaces:
Added feature to Request Files
Added option to Secure Message Body
Pick-up Portal now has “download all” option
Enhancements:
Removed local notes.txt file (version history).
Removed Java Option code from Login.htm file
Improved efficiency of ARM Purge script
Defaulted log file appender to include computer name
Fixes
Login attempts fail with "Precondition failed"
Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires
"If settings template equals" condition is now properly converted after upgrade.
Admin GUI crash when expanding workspaces under the VFS tab
Folder monitors are not updating enabled status icon when reconnecting after a failed health check
HA: Phantom node appears in Status tab.
Mouse pointer spinning in VFS when expanding Site root folders
EFS icon not displaying on encrypted VFS folder
Connection profile Test button outcome shows up as failed when in reality it does connect successfully
Server level TLS/SSL settings are being disregarded when using Connection Profile Test
Event Rule level backup nodes not recognized in the Status tab.
After adding a child domain group, a member of that group couldn’t login to admin console
Outlook Send Activity ARM Report data truncated
Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions
Event Rules: EFT is hanging and needs to be restarted to restore functionality
PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0
Web Interfaces – Web Transfer Client (HTML5):
The global search on Jument is throwing 404 error
Creating a new workspace while uploading a large file will cancel the upload
Unable to access WTC using CAC Authentication on an LDAP site
Workspaces
Fixed issue of workspaces expiring immediately after upgrade
Workspace link created from outlook add-in has the incorrect url
Workspace Outlook add-in auto disables when using Integrated Windows Auth
Workspaces Send breaks with IWA SSO
February 2019
Version 7.4.13
February 13, 2019
New Features
Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance
Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked ports
Added logs to alert administrator when an IP address has been banned
Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.
Added automatic file download to the DirectDownload.htm template
Added a User Account Action to allow administrators to automated changes to accounts
Enhancements
Optimized disk quota calculations so that they occur on user account logon rather than upon service start
Enhanced usability during initial account registration and change password requests by showing password complexity requirements
Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols
Updated OpenSSL library to 1.0.2q
Updated OpenSSH derived library to latest version 7.9.0.0
Updated Web Transfer Client login page and localization features
Removed direct download links from workspace's email template
Fixes
Numerous bug fixes were released in this version of EFT.
October 2018
Version 7.4.11
October 24 2018
New Features
Added support for multiple group filtering under AD
Added username to AuthManager login ‘failed login’ eft.log
Added a registry option to disable basic authentication
Added Azure shared access signatures (SAS) support to cloud connector module
Added ability to inject passwords into exported rules xml, for event rule import
Added support for accelerated, parallel cloud transfers to Azure (8X speed increase)
Added the ability to capture the reason behind a manual IP ban
Added more context variables, such as SITE.DMZ_ADDRESS or PORT
Added option in EFT to select whether to do DNS lookups on the local EFT Server or DMZ Server
Added the ability for users to download entire folders from the WTC
Added the ability for users to move folders in the WTC
Added a domain whitelist property for greater control over the send file feature
Added controls for treating connections differently depending on their origination
Added an advanced property (registry override) to display full name rather than login name in WTC
Added more granular variables to Workspaces invite messages
Added ability to provision LDAP users when a workspace is shared with them
Added an advanced property (registry override) to all configuration of HSTS max-age value
Added an advanced property (registry override) to manage CSP Content Security Policy header
Added an advanced property (registry override) to disallow support for Basic Auth for HTTP/S
Enhancements
Updated SFTP library in line with current FIPS compliance standards
Decoupled Workspaces sending from sharing permissions: A user may not have permission to share but can send, and vice versa.
Hid the disk quota feature by default as it remains experimental
Updated SFTP library in line with current FIPS compliance standards
Enhanced the WTC to display an error on next login if a background transfer failed
Updated language support for French, German, Spanish and Dutch
Improved SFTP logging to capture algorithms used
Updated OpenSSL to 1.0.2p
Improved auditing of expired module licenses in EFT.log
Removed optional recording of contact details and IP to better comply with GDPR
Changed EFT Enterprise installer file name from eftserver-ent.exe to EFT-Enterprise.exe
Changed EFT Enterprise without SQL Express installer file name from eftserver-nodb.exe to EFT-Enterprise-nodb.exe
Changed EFT Express installer file name from eftserver.exe to EFT-Express.exe
Changed EFT Express without SQL Express installer name from eftserver-nodb.exe to EFT-Express-nodb.exe
Fixes
Numerous bug fixes
July 2018
Version 7.4.9
July 17, 2018
Enhancements
Added ability to construct internal URL hyperlinks in notification emails based on recipient domain
Added ability to specify internal domain certificate in instance where direct connection is made that bypasses DMZ Gateway
Added ability for AD sites to automatically remove accounts after X days of inactivity
Fixes
Various bug fixes and improvements
June 2018
Version 7.4.7
June 6, 2018
Enhancements
Administration Interface
EFT Server (SMB) has been renamed to EFT Express
High Security Module (HSM) is now Express Security Module (ESM) in EFT Express
Update to SSL security compatibility to reflect “Minimum Protocol Version”
Update to the generic Welcome FTP banner message on new installs
EFT Login - %Date% %Time% - Please enter valid credentials to continue
SMTP Implicit TLS option is now exposed via the new server setup wizard under the SMTP Server settings wizard page
Removed the personal data registration page on a new install, under the Globalscape EFT Server Registration wizard page
EFT user’s home folder will now sync with their AD profile folder
Ability to type a value for toggle “Auto-attach files in Outlook when they exceed:”
More descriptive error message when workspaces license count has exceeded
Admin will now be presented with a prompt that Request files will be disabled when Reply portal is disabled
The EFT full version is now displayed in the title bar
EFT Installer
SQL Express 2017 is now bundled with the EFT installer (64bit support only)
EFT 7.4 has been rebranded to new logos and title (this includes most if not all UI related Items, including ARM Reporting but excludes the installer)
New splash screens
New globalscape logo
Updated Admin GUI wizard pages
Event Rules
Event Rule Action – Send email notification action with attachments
New Cloud Object Monitor will allow users to monitor Amazon S3 or Azure blob storage for file triggers including ability to execute an action based on a trigger
Ensure S3 regions list is up-to-date
HA
Allow EFT admin to specify outbound IP address in Event Rule Advanced option in HA environment
Licensing
CCM and MTC are now part of EFT
Outlook Add-in
OAI now provides a Secure Message Delivery Option
Microsoft Outlook Digital Signature is now supported with EFT OAI
Microsoft Outlook Encryption is now supported with EFT OAI
Remote Agent
Agent/Account coexistence
Agents can be created on same site as standard user account
New Diffie-Hellman key exchange security between EFT and Remote Agent
Remote Agents will now Auto-update when required
Certificate creation for a RAM template is no longer required when configuring a new Remote Agent
Changed from “Active’ to “Enrolled” in the agent status list
Workspaces
EFT Admins can now enable/disable the Reply portal
Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled
EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal
Request file options will now provide ability to require authentication
EFT email recipients can now access the reply/reply all page from the pickup portal
Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha
Workspace invites are now restricted to whitelisted domains (if configured)
EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace
The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share
EFT will now restrict guests to their shared workspace
External users will no longer be granted by default a home folder of their own
Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account
Increased Workspace trial license count to 100 seats
EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating
Improved the account registration and verification process
After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace
WTC
Add Spanish language to WTC
Rebranding of the WTC including all portals
EFT Installer
SQL Express 2008 is now removed from the EFT Installer
Mail Express is now removed from the EFT Installer
Automate
AutoMate action has now been removed from AWE
Security
Support strong KEX algorithms for Incoming SFTP
diffie-hellman-group16-sha512
diffie-hellman-group14-sha256
diffie-hellman-group-exchange-sha256
diffie-hellman-group14-sha1
diffie-hellman-group-exchange-sha1
diffie-hellman-group1-sha1
COM
Expose MTC registration status via COM
Expose CIC registration status via COM
Outlook Add-in
Add-in readme file now explains the difference between the .exe and .msi installer
Logging
Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors
Fixes
Fixed “CTRL+F” search function
Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled
Updated the security tab typo to reflect “FIPS-certified”
EFS icon was not displaying when a VFS folder was encrypted
EFT admin GUI crashed when a CIC profile was renamed
Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7
Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option
EFT UI will not accept configuration change when renaming CIC connection profile
Statistics box on “My Site” general tab needs to be adjusted
Stopped site does not have the red X on the MySite under VFS tab
Enterprise option to reset passwords for multiple users is greyed out
Cannot enter letters in zip code field in registration wizard
Admin UI: visual artifact in the UG tree
Web Service – Invoke Event Rules (Detailed) report no longer returns data
Outlook Send Report column (Recipient) is not populating
PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint
Admin console is hanging when login and also when trying to clone rules
Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth
Passwords not syncing with EFT AD site
Service hang - users can't connect
EFT Memory is growing gradually
Anonymous authentication bug since 7.3.3.21
Service crashing intermittently
After upgrade and applying hotfix, Permission groups no longer present
GUI Crashes with new ODBC site when creating new user
EFT Event Action S3 region list is incomplete
EFT S3 Region list is outdated
Browse Remote File System causes Error and GUI Crash
Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently
When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination
Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6
ER: An unencrypted user password can be written to WEL when using User Event Rules
Event Rule: The reason for not being able to delete a file (move) is not provided to the user
EFT’s copy/move does not appear to honor the “Retries” value
EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4
Source file name.ext not pre-populating in the source field after clicking OK
Source file name.ext not pre-populating in the source field after double clicking
UI does not refresh after deleting an Event Rule
File/Folder actions leak handle
Scheduled event rule not running at expected scheduled times after 12am
Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files
Connection Profile – Connection Details form disappears when the admin user hits the enter Key
Broken upgrade from pre 1M for custom command
Admin console hangs on login
EFT Server Ent 7.4.2.4 randomly crashes
High CPU Utilization and Hangs
HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified
HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods
During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure
EFT Upgrade progress dialog is blank
Automatic service startup is not consistent
Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version
Modify install change stops EFT service from working
Upgrade -- ERROR AuthManager - Could not create client object already persistent
FTP.cfg is corrupted upon upgrade
Installer hangs and stops responding when ORCL credential used have expired
When modifying the start menu, the default value Globalscape still is the one that is used
Administrator Account Configuration screen - Text box line disappears
Installer allows upgrade from 7.1 directly to 7.4
Installer.log file contains admin user and password
Folder monitor override credentials being used when writing to log file
IPAccess logging is broken
EFT - Can't delete a file because Outlook is accessing it
PCI Invalid logins differ at the site and server level
EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate
Remote Agent Service executable has bad description
Agent Install URL returns 404 for HA installations
Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template
Remote Agent Template window, tab order not going left to right, top to bottom
Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."
Remote Agent Template can be selected for new administrator accounts
SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled
SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia
ClientFTP: CSocksSocket checks timeout wrong
Listing fails on remote server in EFT, but not Filezilla
SMTP to Exchange fails with TLS 1.1 and 1.2
EFT Admin: Status screen is not refreshing statistics
Cannot remove "All Users" group from a folder in VFS
Unable to configure streaming repository encryption when site root is a share
Show VFS home folder then setting permissions is broken again
VFS manipulation is slow
Refresh required when an unacceptable character is entered in Maximum message size
Banned file types appear to be sent from Drop-off and Send Portal
User isn't routed to the workspace (shared) folder upon login to WTC
Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending
Selected user background turns from 'blue' to 'gray' after the action
OAI body message is not visible when accessing the contents via WTC
Workspaces license limit email is being sent incorrectly
Workspaces guest template defaults to allow creation of workspaces
Http/1.1 404 Object Not Found error when clicking on Workspace link from email
Customizations.js executing before the UI is rendered, preventing customizations to the WTC
WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers
Embedded link downloads no longer working as of 7.4.x
WTC translation does not persist after clicking request file option
WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users
May 2018
Version 7.3.9.18
May 14, 2018
Fixes
Admin console hangs on login
EFT Server Ent 7.4.2.4 randomly crashes
High CPU Utilization and Hangs
Fixed “CTRL+F” search function
Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled
Updated the security tab typo to reflect “FIPS-certified”
EFS icon was not displaying when a VFS folder was encrypted
EFT admin GUI crashed when a CIC profile was renamed
Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7
Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option
EFT UI will not accept configuration change when renaming CIC connection profile
Statistics box on “My Site” general tab needs to be adjusted
Stopped site does not have the red X on the MySite under VFS tab
Enterprise option to reset passwords for multiple users is greyed out
Cannot enter letters in zip code field in registration wizard
Visual artifact in the Admin UI tree
Admin console is hanging when login and also when trying to clone rules
Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth
Passwords not syncing with EFT AD site
Service hang - users can't connect
EFT Memory is growing gradually
Anonymous authentication bug since 7.3.3.21
Service crashing intermittently
After upgrade and applying hotfix, Permission groups no longer present
GUI Crashes with new ODBC site when creating new user
ARM
Web Service – Invoke Event Rules (Detailed) report no longer returns data
Outlook Send Report column (Recipient) is not populating
PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint
Event Rules
EFT Event Action S3 region list is incomplete
EFT S3 Region list is outdated
Browse Remote File System causes Error and GUI Crash
Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently
When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination
Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6
ER: An unencrypted user password can be written to WEL when using User Event Rules
Event Rule: The reason for not being able to delete a file (move) is not provided to the user
EFT’s copy/move does not appear to honor the “Retries” value
EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4
Source file name.ext not pre-populating in the source field after clicking OK
Source file name.ext not pre-populating in the source field after double clicking
UI does not refresh after deleting an Event Rule
File/Folder actions leak handle
Scheduled event rule not running at expected scheduled times after 12am
Backup and Restore: Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files Connection Profiles
Connection Profile: Connection Details form disappears when the admin user hits the enter Key
Custom Commands: Broken upgrade from pre 1M for custom command
DMZ Gateway
DMZ Gateway Caches IPs for host names until service is restarted
Registered DMZ Gateway crashes when using FAST with expired DEI trial license
FAST: FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path
HA: HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified
HTTP: HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods
Installer
During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure
EFT Upgrade progress dialog is blank
Automatic service startup is not consistent
Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version
Modify install change stops EFT service from working
Upgrade -- ERROR AuthManager - Could not create client object already persistent
FTP.cfg is corrupted upon upgrade
Installer hangs and stops responding when ORCL credential used have expired
When modifying the start menu, the default value Globalscape still is the one that is used
Administrator Account Configuration screen - Text box line disappears
Installer allows upgrade from 7.1 directly to 7.4
Installer.log file contains admin user and password
Logging
Folder monitor override credentials being used when writing to log file
IPAccess logging is broken
Outlook Add-in: EFT can't delete a file because Outlook is accessing it
PCI Invalid logins differ at the site and server level
Remote Agent
EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate Settings window
Remote Agent Service executable has bad description
Agent Install URL returns 404 for HA installations
Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template
Remote Agent Template window, tab order not going left to right, top to bottom
Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."
Remote Agent Template can be selected for new administrator accounts
SFTP
SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled
SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia Server
ClientFTP: CSocksSocket checks timeout wrong
Listing fails on remote server in EFT, but not Filezilla
SMTP to Exchange fails with TLS 1.1 and 1.2
Status Viewer is not refreshing statistics
VFS:
Cannot remove "All Users" group from a folder in VFS
Unable to configure streaming repository encryption when site root is a share
Show VFS home folder then setting permissions is broken again
VFS manipulation is slow
Workspaces:
Refresh required when an unacceptable character is entered in Maximum message size
Banned file types appear to be sent from Drop-off and Send Portal
Edit Workspace screen no longer displays the participant email address when the invitation is pending
Selected user background turns from 'blue' to 'gray' after the action
Workspaces license limit email is being sent incorrectly
Workspaces guest template defaults to allow creation of workspaces
Http/1.1 404 Object Not Found error when clicking on Workspace link from email
Customizations.js executing before the UI is rendered, preventing customizations to the WTC
WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers
Embedded link downloads no longer working as of 7.4.x
WTC translation does not persist after clicking request file option
User isn't routed to the workspace (shared) folder upon login to WTC
OAI body message is not visible when accessing the contents via WTC
WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users
November 2017
Version 7.4.5
November 21, 2017
New Features
Added Cloud Connector Module
Added capability to Download and Copy/Move from AWS S3 storage
Added capability to Download and Copy/Move from Azure blob storage
Added ability to create Connection Profile to AWS S3 and Azure blob storage
Added EFT REST endpoint for querying administrative info and server status
(Event Rules) Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #
(Event Rules) Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields
Added logging for AWS S3 and Azure blob storage to EFT.log
Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast
Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab
Implement robots.txt so that Web Transfer Client does not appear in web search
(Workspaces) Added feature to Request Files
(Workspaces) Added option to Secure Message Body
Enhancements
Removed local notes.txt file (version history). Please see website for up to date version history and change notes.
(WTC) Remove Java Option code from Login.htm file
(ARM) Improved efficiency of Purge script
Defaulted log file appender to include computer name
(Workspaces) Pick-up Portal now has “download all” option
Fixes
EFT service crashing randomly 7.3.5.4
Login attempts fail with "Precondition failed"
(Workspaces) Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires
"If settings template equals" condition is now properly converted after upgrade.
AS2 setup wizard's "Test Connection" results in a GUI crash
AS2 Outbound setup wizard results in a GUI crash
Admin GUI crash when expanding workspaces under the VFS tab
Folder monitors are not updating enabled status icon when reconnecting after a failed health check
HA: Phantom node appears in Status tab.
Mouse pointer spinning in VFS when expanding Site root folders
EFS icon not displaying on encrypted VFS folder
Connection profile Test button outcome shows up as failed when in reality it does connect successfully
Server level TLS/SSL settings are being disregarded when using Connection Profile Test
Event Rule level backup nodes not recognized in the Status tab.
After adding a child domain group, a member of that group couldn’t login to admin console
Outlook Send Activity Report data truncated
Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions
EFT is hanging and needs to be restarted to restore functionality
Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0
The global search on Jument is throwing 404 error
Creating a new workspace while uploading a large file will cancel the upload
Unable to access WTC using CAC Authentication on an LDAP site
Fixed issue of workspaces expiring immediately after upgrade
Workspaces – Outlook Add-In
Workspace link created from outlook add-in has the incorrect url
Workspace Outlook add-in auto disables when using Integrated Windows Auth
Workspaces Send breaks with IWA SSO
Version 7.3.8
November 21, 2017
New Features
Added a COM API method to retrieve the GUID using the site name
Enhancements
Removed local notes.txt file (version history). Please see website for up to date version history and change notes.
(WTC) Remove Java Option code from Login.htm file
Change default key length (in bits) from 1024 to 2048 in Create SSL Certificate Wizard
(ARM) Improved efficiency of Purge script
Defaulted log file appender to include computer name
Workspaces invitation and verify email messages customized per site
Fixes
Login attempts fail with "Precondition failed"
Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires
"If settings template equals" condition is now properly converted after upgrade
Server crashes when running vulnerability scanner Greenbone Security Assistant
EFT crashed due to OOM exception caused by excessive ScClientBundler::BundleThreadProc threads
Server hangs for 25-30 seconds when making config changes
Disabling FTP at the template or user level in EFT SMB prevents the use of FTPS Explicit connections
Admin GUI crash when expanding workspaces under the VFS tab
Folder monitors are not updating enabled status icon when reconnecting after a failed health check
HA: Phantom node appears in Status tab.
Mouse pointer spinning in VFS when expanding Site root folders
EFS icon not displaying on encrypted VFS folder
Connection profile Test button outcome shows up as failed when in reality it does connect successfully
Server level TLS/SSL settings are being disregarded when using Connection Profile Test
Event Rule level backup nodes not recognized in the Status tab.
After adding a child domain group, a member of that group couldn’t login to admin console
Hang when accessing SSH public key manager
Auditing and Reporting Module (ARM): Outlook Send Activity Report data truncated
EFT Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions
Event Rules: EFT is hanging and needs to be restarted to restore functionality
High Availability (HA): Server not displaying that HA cluster is being administered on another node as expected
PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0
(WTC/Workspaces) The global search on Jument is throwing 404 error
(WTC/Workspaces) Creating a new workspace while uploading a large file will cancel the upload
(WTC/Workspaces) Unable to access WTC using CAC Authentication on an LDAP site
(WTC/Workspaces) Fixed issue of workspaces expiring immediately after upgrade
(WTC/Workspaces) Workspace link created from outlook add-in has the incorrect url
(WTC/Workspaces) Workspace Outlook add-in auto disables when using Integrated Windows Auth
(WTC/Workspaces) Workspaces Send breaks with IWA SSO
August 2017
Version 7.4.2
August 29, 2017
New Features
Administration interface
Added template for password reset confirmation email that is sent when user is unauthorized to reset password
Auditing and Reporting Module (ARM):
Add new option in EFT to log TED6 logs to the new table - default new option to false/off
COM Interface:
Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server
Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site
New COM APIs for Drop-Off controls
High Availability (HA):
Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.
Added support for Autoscaling in AWS
Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast
Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time
Logging:
Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used
Protocols - FTP/S:
Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.
Protocols - SFTP:
Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.
Added diffie-hellman-group-exchange-sha256 KEX
Added ability to select SFTP KEX algorithms through GUI and COM
SMTP:
Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password
Web Interfaces
Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)
Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
Added administrative option to place newly invited Workspace participants in specific settings template
Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile
Users can now reply to a message from Send/Drop-Off
Enhancements
PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled
Now able to login with Admin accounts in AD Universal group in child domains
Configuration Restore dialog has been updated. Backup must be generated from EFT 7.3.3 or higher.
Find/Search in EFT doesn't search connection profiles
Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled
Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
More clearly show the configuration state and current flag value of change password on first login
Clarified user Password Expiration, Reminder, and Notification Options
On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.
Improved responsiveness when browsing directories containing many subfolders.
Removed SAT install files from EFT 7.4 Installer
Web Interfaces – Web Transfer Client (HTML5):
Updated French translation
Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces
Updated Workspace Invitation Subject line to "You've been added to a workspace"
On upgrade from 7.2.x, Workspace notifications should be disabled
Where possible, Workspace owner’s full name is used for WS invites instead of their login name
Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them
New participant of a workspace now lands to that particular shared folder and not at the home page of WTC
Workspace owner can now add additional participant(s) to a private workspace
Fixes
Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.
EFT Password email reminders with AD Site did not trigger
When changing password for user through Admin GUI, force password option was being automatically enabled
EFT forcing users to change their password upon first log in
Renaming folders in VFS causes a loading indicator
EFT Standalone: User's last time connected was only being updated once per day
Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring
Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant
Event Rules were not grayed out on SMB with no add on modules activated
Reference to Enterprise only features were available in EFT SMB reports
Resolved EFT Admin GUI crash after using the send Email test button
Settings Templates was no longer sorted alphabetically as of 7.3.3.21
Admin GUI did not retain setting for Password Expiration at user level
When changing password in admin interface, force password option was automatically checked
When modifying password expiration "Remind" option Apply button was greyed out.
Settings Template options did not properly display inherited options
Report is missing filters (Traffic - Protocolwise Connections (Summary)
Executive Summary Report data was being truncated
The text "hmtest" appeared in Event Rules Detailed report after the Description:
Admin Action report Change Originator column was being truncated
Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication
Corrected scenario where certain user accounts were not able to authenticate if the account was renamedCouldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21
Custom password change responses were not working for LDAP sites
"IsFolderVirtual" COM method was no longer functioning in 7.3.5
Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword
ICISite::SetWorkspace failed with MX error 7
Custom Command default execution timeout for newly created Custom Commands should be 30 seconds
User Account Disabled Rule did not function after upgrade to 7.3.3.21
Event Rule using FAST protocol to Download Files would fail if connection profile was used
Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.
Corrected scenario of being unable to import Event Rules caused by unexpected config values
Event rules with comma character ',' in event rule name would fail when load balanced
When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes
Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"
Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT
SSL/TLS logging for FTPS connections was not working
Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE
Addressed potential scenario of new PGP key not displaying correct expiration date
EFT responded to a quit command with an additional 0d 0a after version 7
Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file
Trailing spaces in SMTP host address would not resolve the address
User Credentials email had an erroneous = at end of username
Email notification for credentials contained an erroneous trailing =
Forgot password in WTC didn’t work if 2+ users shared an email address
WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled
WTC was not displaying password expiration reminder on login
While uploading a large file, occasionally received errors when trying to create folders or workspaces
Join with Smartcard button was improperly visible when connecting to CAC enabled site
Download button did not function the Max transfer speed option was enabled at the site level
Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal
Resolved issue of being unable to send files from the iFrame
Outlook Add-In functionality was not working in some instances
Private workspace owner was unable to add additional users to private workspaces
Version 7.3.7
August 01, 2017
New Features
Added template for password reset confirmation email that is sent when user is unauthorized to reset password
Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server
Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site
Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used
Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.
Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.
Added diffie-hellman-group-exchange-sha256 KEX
Added ability to select SFTP KEX algorithms through GUI and COM
Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password
Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
Enhancements
PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled
Now able to login with Admin accounts in AD Universal group in child domains
Find/Search in EFT doesn't search connection profiles
Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled
Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
Improved responsiveness when browsing directories containing many subfolders.
Updated webclient to version 1.3.0 build 10
(WTC) Updated French translation; Update French translation for word "Language"
(Workspaces) Updated Workspace Invitation Subject line to "You've been added to a workspace"
(Workspaces) On upgrade from 7.2.x, Workspace notifications should be disabled
(Workspaces) Where possible, Workspace owner’s full name is used for WS invites instead of their login name
Fixes
Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.
EFT Password email reminders with AD Site did not trigger
When changing password for user through Admin GUI, force password option was being automatically enabled
EFT forcing users to change their password upon first log in
Renaming folders in VFS causes a loading indicator
EFT Standalone: User's last time connected was only being updated once per day
Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring
Event Rules were not grayed out on SMB with no add on modules activated
Reference to Enterprise only features were available in EFT SMB reports
Resolved EFT Admin GUI crash after using the send Email test button
Settings Templates was no longer sorted alphabetically as of 7.3.3.21
Admin GUI did not retain setting for Password Expiration at user level
When changing password in admin interface, force password option was automatically checked
When modifying password expiration "Remind" option Apply button was greyed out.
Settings Template options did not properly display inherited options
Report is missing filters (Traffic - Protocolwise Connections (Summary))
Executive Summary Report data was being truncated
The text "hmtest" appeared in Event Rules Detailed report after the Description:
Admin Action report Change Originator column was being truncated
Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication
Corrected scenario where certain user accounts were not able to authenticate if the account was renamed Authentication - LDAP:
Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21
Custom password change responses were not working for LDAP sites
"IsFolderVirtual" COM method was no longer functioning in 7.3.5
Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword
ICISite::SetWorkspace failed with MX error 7
Custom Command default execution timeout for newly created Custom Commands should be 30 seconds Event Rules:
User Account Disabled Rule did not function after upgrade to 7.3.3.21
Event Rule using FAST protocol to Download Files would fail if connection profile was used
Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.
Corrected scenario of being unable to import Event Rules caused by unexpected config values
Event rules with comma character ',' in event rule name would fail when load balanced
When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes
Upgrade installer asked to create an admin account instead of "Provide server administrator credentials" Logging:
Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT
SSL/TLS logging for FTPS connections was not working
Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE OpenPGP:
Addressed potential scenario of new PGP key not displaying correct expiration date
EFT responded to a quit command with an additional 0d 0a after version 7
Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file
Trailing spaces in SMTP host address would not resolve the address
User Credentials email had an erroneous = at end of username
WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled
WTC was not displaying password expiration reminder on login
While uploading a large file, occasionally received errors when trying to create folders or workspaces
Join with Smartcard button was improperly visible when connecting to CAC enabled site
Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal
Resolved issue of being unable to send files from the iFrame
Outlook Add-In functionality was not working in some instances
Private workspace owner was unable to add additional users to private workspaces
May 2017
Version 7.3.6
May 02, 2017
New Features
New Globalscape splash screen logo is displayed
(COM API) Added ICIServer Interface Property SMTPUseImplicitTLS
(COM API) Added ICIServer Interface Function SendTestEmail
Added support for Amazon AWS SNS and SQS as alternative to Multicast for HA clusters
Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.
Added support for Windows 2016
EFT.log entry for SSL version and cipher info as part of successful socket connection for FTPS and HTTPS
EFT.log entry on startup if FIPS is successfully initialized.
EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.
EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.
Added registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms
Added registry override (PGPCompressionMethod) to specify default compression algorithm
Add support for OCSP Stapling in EFT Server HTTPS Listener
Added SMTP over TLS/SSL
Added support for Gmail as an SMTP Server
Added SMTP test function
(Workspaces) Added ability to send (email) files out from within Workspaces
(Workspaces) Added pick-up (download) portal for received files.
Enhancements
F1 help has been updated to reflect new features.
Removed support for Windows 2008
EFT Server Enterprise and Standard:
Upgrade OpenSSL to 1.0.2k
Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747
Now able to add "Universal" Active Directory groups to EFT Administration
Improved WTC CAL warnings to be consistent across EFT.log, Admin GUI, and email
Trial Extension options are still available in EFT SMB after fully registered
Now able to resize the CTRL+F search window
Updated Server>Security page FIPS controls
(ARM) Exporting reports no longer re-runs the report from the source
(ARM) Event Rules table EventName now allows up to 250 characters
Improved the speed of the CNTAuthManager::GetUser method when pulling users from AD with large amount of users (>50k).
Improved AD group listing algorithm when pulling complex subgroup structure. Time taken to sync listing with 200 subgroups decreased from 240 seconds to 5 seconds.
Remove legacy behavior of caching IP address of last successfully connected host.
Greatly optimized the {FS.*} condition checking mechanism of Event Rule execution. FS condition checks now performed locally when possible instead of going out to file system.
Remote directory browser now works when using DMZ Gateway as a proxy.
Event Rule Import now matches Connection Profiles by NAME, not by GUID
Account Lockout Status now propagates to other HA nodes
Admin Last Login Time for HA is now only propagated to other nodes once per day
Modify PGP Encryption behavior to default to CAST5 encryption if registry override AutoSelectPGPCiphers is Off.
Check passphrase was taking too long. Has been optimized
Update SMTP test warning prompt to exclude '+' from an invalid character
(WTC) Full, unlimited access to WTC during evaluation period
(WTC) HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.
(WTC) Updated Jument webclient to version 1.3.0 build 5
(Workspaces) Tidy up default Workspace invite and verify email messages
(Workspaces) Redesigned view and management of Workspaces
(Workspaces) Support Workspaces unlimited license
(Workspaces) Site> Workspaces Outlook add-in (OAI) has been changed to Workspaces - Send
Fixes
Passwords were expiring based on the "remind x days prior to expiration" value
Used disk space counter was not adjusting properly in some instances
Event Rule Admin couldn’t properly remove site from Assigned to this server list
When creating an SFTP key using the wizard - Use this key pair as the default host key - was not checked by default
AdvancedProperty IgnoreNeverLoggedInLDAPUsers was no longer working after upgrade to 7.3.4.6
WTC Licenses with odd numbers were not converting on CAL upgrade
Fixed being unable to configure same name for Group and Settings template
Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
Fixed rare scenario where configurations carried over from legacy EFT Server versions could cause the Settings template Max connections per user and Max transfer speed that were previously disabled to become enabled and set to 0 on upgrade.
Admin user was able to do Batch account management
Help -> About showed Acceleration License option when the Module is not available in SMB
WTC CAL registration was not accurately reported under Help>About
Updated the Help>About text for unlimited WTC licenses
Help -> About cuts off licensing information
User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.
User Account Admin interface window did not scale with the EFT Admin console
Event Rule Admins were denied ability to import event rules.
FIPS compliant SSH checkbox was available (but non-functional) even after EFT trial has expired
Updated all GUI references to FIPS Certified rather than FIPS Compliant
On occasion, when deleting event rules from EFT the EFT GUI would crash.
Trying to browse subfolders in Browse Remote File System dialog cause VFS to freeze.
Fixed scenario of being unable to remove SSL certificates from SSL Certificate Manager
Fixed erroneous message stating that SSL certificate will expire in 30 days if site SSL certificate was cleared out.
Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.
(ARM) Scenario where EFT may crash/hang when PCI Compliance Report was being generated
Client (Outbound): Numerate fails when the initial file is 0KB
(COM API) ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP
(COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP
(COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP
Custom Command "Redirect output to clients" doesn't work properly when triggered by FTP protocol
Folder Monitor reconnection logic does not properly update FM's enabled state
Copy/Move action may not work correctly when custom credentials are used for Local transfers
Mitigated rare scenario where Folder Monitor may remove all worker threads
Fixed scenario where Folder Monitor with Trigger based on folder change notifications could be overwhelmed.
Fixed scenario of SMTP logger failing to record data information
Improved scenario where clients were receiving constant timeout errors when uploading files if event rule condition checks took a long time to complete.
(WTC) When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.
(WTC) WTC is not disabled after EFT trial has expired
(WTC) No feedback was given when permissions are denied to a folder
(WTC) Firefox version 50 uploads would sometimes fail
(WTC) Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions
(WTC) Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name
(WTC) Filter button was not properly highlighted
(WTC) Renaming was causing error in developer console
(Workspaces) When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed
(Workspaces) Workspaces licensing was showing 0 after upgrading to 7.3.4.6
(Workspaces) Workspaces shared folders were disappearing after upgrade from 7.3.0.3
(Workspaces) Renaming Workspace as owner failed to propagate to participants
(Workspaces) Workspace invitee was occasionally receiving 404 error upon logging in
Version 7.2.9
May 02, 2017
New Features
New globalscape splash screen logo is displayed
Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.
EFT.log entry for SSL version and cipher info as part of socket connection for FTPS and HTTPS
EFT.log entry on startup if FIPS is successfully initialized.
EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.
EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.
Add registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms
Add registry override (AutoSelectPGPCompression) to default compression to ZIP
Enhancements
Upgrade OpenSSL to 1.0.2k
Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747
Now able to add "Universal" Active Directory groups to EFT Administration
Trial Extension options are still available in EFT SMB after fully registered
Now able to resize the CTRL+F search window
Updated Server>Security page FIPS controls
Exporting reports no longer re-runs the report from the source
Remote directory browser does not work when using DMZ Gateway as a proxy.
Event Rule Import now matches Connection Profiles by NAME, not by GUID
Modify PGP Encryption behavior to default to CAST5 encryption if registry override
AutoSelectPGPCiphers is Off.
Check passphrase was taking too long. Has been optimized
Update SMTP test warning prompt to exclude '+' from an invalid character
Full, unlimited access to WTC during evaluation period
HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.
Updated Jument webclient to version 1.2.1 build 20
Fixes
Manual Registration for Workspaces with a seat count over 1,000 did show the correct # of licenses.
Used disk space counter was not adjusting properly in some instances
Event Rule Admin couldn’t properly remove site from Assigned to this server list
Admin user was able to do Batch account management (SMB)
WTC CAL registration was not accurately reported under Help>About
Updated the Help>About text for unlimited WTC licenses
Help -> About cuts off licensing information
User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.
User Account Admin interface window did not scale with the EFT Admin console
Event Rule Admins were denied ability to import event rules.
FIPS compliant SSH checkbox was available even after EFT trial has expired
Updated all GUI references to FIPS Certified rather than FIPS Compliant
On occasion, when deleting event rules from EFT the EFT GUI will crash.
Scenario where EFT may crash/hang when PCI Compliance Report was being generated
Numerate fails when the intial file is 0KB
ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP
ICIConnectedUser interface member TransferredSize does not return result for SFTP
ICIConnectedUser interface member FileName does not return result for SFTP
Custom command "Redirect output to clients" doesn't work properly when triggered by FTP protocol
Folder Monitor reconnection logic does not properly update FM's enabled state
When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.
WTC is not disabled after EFT trial has expired
No feedback was given when permissions are denied to a folder
Firefox version 50 uploads would sometimes fail
Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions
Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name
Filter button was not properly highlighted
Renaming was causing error in developer console
When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed
Renaming Workspace as owner failed to propagate to participants
February 2017
Version 7.3.5
February 08, 2017
New Features
Added debug level logging setting for PGP through Admin User Interface
Enhancements
Upgraded Web Transfer Client (HTML5) to 1.3.0
Updated SSL certificate manager to use SHA2
Fixes
Fixed comment section when creating a workspace (improperly titled "Message" in prior build)
Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)
Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)
Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)
Fixed change password request to use the pre-configured domain (site connection settings)
Fixed issue when attempting to use SSL cert authentication with a null password
Fixed rolling of EFT.log when running a Command Action and the log size exceeds MaxFileSize
Fixed logging for failed upload/download over SFTP protocol
Fixed issue where EFT would convert a physical folder into a virtual folder when using the Active Directory profile as the users home folder
Fixed potential out-of-memory crash when network folder monitor receives a large number (20,000+) of files
Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
Fixed report "Event Rules - Actions (Summary)" to allow Event Name field to support up to 250 characters
Fixed issue when attempting to change Active Directory passwords through the Web Transfer Client
Fixed GUI error message when using a specific multicast IP address (EFT Enterprise Only)
Fixed reporting of WTC CAL registration under Help>About
Fixed ability to save new password dictionary file when changing site settings
Improved ClientFileSystem locking for more granular FileLocker action
Fixed issue with Workspaces shared folders disappearing after upgrade from 7.3.0.3 to 7.3.3.21
Fixed issue with users unable to login after upgrading to 7.3.3.14
Fixed issue with guest Workspaces user unable to login after upgrade
Version 7.2.8
February 08, 2017
New Features
Added SFTP flow control improvements by RFC 4254
Enhancements
Upgraded Web Transfer Client (HTML5) to 1.2.1
Updated SSL certificate manager to use SHA2
Fixes
Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)
Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)
Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)
Fixed return value of inherit state of CCIClientSettings::GetForcePasswordResetOnInitialLogin
Fixed EX logs to properly report failed uploads for SFTP
Fixed error code in cl*.log to show correct error code when target host is unavailable
Fixed compatibility with Symantec DLP (EFT Enterprise only)
Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
Fixed issue of removing source files after compress action when using ZCompress format
Fixed issue with properly handling WTC licenses over 9,999 users
December 2016
Version 7.3.3
December 06, 2016
New Features
Added EFT Outlook Add-In and browser support for exchanging files in Workspaces
Added controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication - (EFT Enterprise only)
Added the Advanced Authentication module for EFT Enterprise
Added HTTP Strict Transport Security (HSTS)
Added new preconfigured reports
Added additional logging for CFileSystem object
Added auditing of the originating IP for load-balanced HTTP(S) connections as an Advanced property
Added new COM property that exposes "force password change upon first login" flag
Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder
Added additional logging when debugging
Enhancements
Updated Jquery version to 1.9.1
Updated OpenSSL library to 1.0.2j
Updated PGP library
Improved URL encoding function in ClientFTP
Improved performance of Admin UI when populating "Group Membership" tab
Improved password complexity warnings to end user
Optimized quick search feature in environments with large amount of users
Improved retry transfer logic over high latency networks
Updated odb version to 2.5.0 a11
Fixes
Fixed memory leak in FIPS SSL
Fixed error when trying to download files containing a comma
Fixed High CPU utilization with large volume of user connections
Fixed issue of having to re-apply permissions when changing the case of the SAMAccountName
Fixed Event rule settings where site paths without wildcards were using physical path vs virtual path
Fixed event timer issue of calculating the next run time at beginning of DST hour
Fixed alphabetically sorting of event rules within folders
Fixed dead lock in FTPS
Fixed issue of not reporting correct PASV port in the ex.log
Fixed issue where Admin GUI incorrectly restores the last selection when refreshing UI
Fixed issue of exporting event rules with stop-action set to "Stop processing this and more rules"
Fixed issue of downloading EFTClient.txt when using HTTP protocol
Fixed issue of editing comments at the Event rule folder level
Corrected GUI to properly show the inherited value of Account Security option as "Disable"
Fixed email notification to not truncate passwords that use " <v"
Fixed issue with restoring EFT Workspaces when restoring a backup
Fixed intermittent crash of Admin GUI when creating users from an EFT Admin remote GUI
Fixed compatibility with SFTP authentication and WingFTP 4.6.2 using Public key and Password authentication
Fixed intermittent Admin GUI crash on close
Fixed EFT service crash when site is deleted
Fixed reset password issue for external participant in LDAP site
Fixed Deadlock in EventRuleQueue in clustered EFT on server startup
Removed using FTP Auto mode for client transfers through DMZ gateway as SOCK5 proxy
Fixed issue of not showing failed event rule downloads using wildcards under the status tab of Admin UI
Fixed "Rest offset" command in FTP sessions
Fixed issue of accessing Ban IP address when large amount of IP addresses are configured
Fixed unhandled exception when backing up HA site
Fixed Mobile Transfer Client crash when attempting to use custom branded MTC
Fixed crash in HTTP session manager
Fixed DMZ crash when transferring files by FXP
Fixed folder monitor crash when transitioning back to event rule load balance master
Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition
Fixed ClientFTP retry logic after SSL_connect error
Fixed issue of removing source files after compress action when using ZCompress format
Fixed issue of large file uploads being reported as individual chunks.
Fixed Admin UI crash when working with virtual folder with bad alias name
Fixed issue where changes applied by user level admins did not save after server restart
Fixed change password issue through web client for ODBC sites
Fixed error messaging when user without upload permissions attempts to upload via the web client
Fixed reporting of large file uploads to display only one file entry versus individual chunks
Fixed issue of exporting PGP public keys with spaces between each line of the public key blob
August 2016
Version 7.3.2
August 30, 2016
New Features
Admin GUI warns users when they are close to or have exceeded number of CAL users
Auditing and Reporting Module (ARM):
Audit originating IP for load-balanced HTTP(S) connections
Changed Web Transfer Client licensing from concurrent base to client access license (CAL)
Webclient updated to 1.2.2 build 2
Warning Banner added to indicate if CAL is exceeded
Enhancements
Update SSL lib to 1.0.2h
Fixes
EFT log erroneously reports “Error cfg.write can't save server settings”
EFT with DMZ crashes on begin transfer file by FXP
Crash in HTTP session manager
Crash in the CommandAccess internals when saving command execution results to log file
Administrator Interface (AI):
Failed Event Rule downloads using Wildcard do not appear in status tab
Windows 2012 R2: Admin GUI crashes with coredump.
When clicking on a help topic the software posts a script error
Admin GUI may crash on close
Admin GUI hang scenario when attempting to stop an FTPS event rule transfer
SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth
EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols
The Test Button on the Connection Profiles does not connect when using DMZ as Proxy
Event timer calculates the incorrect next run time at begin DST hour
"Rename transferred file to"-function is not working when destination file size/crc is equal to the original value
A folder monitor event rule stops invoking events after 1000 files are rejected by condition
MTC crashes the EFT Service when attempting to use a custom branding
July 2016
Version 7.2.4
July 05, 2016
New Features
(ARM) Audit originating IP for load-balanced HTTP(S) connections
Added configurable AdvancedProperties (“AutoSelecPGPCiphers”, “AutoSelectPGPMAC”), default to TRUE.
Added additional logging for CServer::Serialize method
Enhancements
Dramatically reduced the amount of Event Driven Changes that must be versioned and propagated when we handle ClientLoggedIn and ClienLogged events (Date granularity rather than time).
Improved interoperability issue with BouncyCastle
Update SSL lib to 1.0.2h
External participants in LDAP site Workspace are now able to reset password
Fixes
PASV Port utilized being logged incorrectly in ex.log
EFT does not properly log the last invalid login before auto ban via SFTP
Crash when deleting a Folder Monitor rule while event rule is being executed
Crash in the CommandAccess internals when saving command execution results to log file
EFT.log is flooded with an error when an FM folder is not accessible
Crash in HTTP session manager
Admin GUI hangs when attempting to stop an event rule transfer
Inherited value of Account Security setting is not properly displayed in the ST/user level
Remote user admins are running into runtime errors frequently
The EFT Admin interface keeps crashing under specific scenarios. Improved resilience.
If display text size is set to 125% or 150%, some options such as "next" and "finish" are pushed off and no longer visible. There appears to be scaling issue with larger text size enabled.
Cannot access the IP Ban list via remote admin, system locks out and says "Ban IP list not available"
Failed Event Rule downloads using Wildcard do not appear in status tab
Event rules are not alphabetically sorted in the event rule folder
Unable to open AWE task builder if file "EFT" exists in path of installation
GSAWE.exe process has a deadlock
AD/LDAP: Incorrect login names lock EFT up for a long time.
Unable to switch client's two-factor auth setting on PCI site
Complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process was causing a hang when done incorrectly.
Disallow using FTP Auto mode for client transfers through DMZ Gateway as SOCKS proxy
SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth
"Rename transferred file to"-function is not working when destination file size/crc is equal to the original value
EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols.
Unable to switch client's two-factor auth setting on PCI site via COM script
The Test Button on the Connection Profiles does not connect when using DMZ as Proxy
Unable to export event rules with stop-action set to "Stop processing this and more rules"
Cannot edit comments when event rules viewed through event rule folder
Event timer calculate wrong next run time at begin DST hour
EFT may crash when FM rule sweeps a folder and admin edits that rule.
Event Rule Load Balancer threads are blocking for extended periods of time.
High CPU usage with a lot of user connections
Deadlock occurrence during load balanced event rule startup.
Deadlock in EventRuleQueue in clustered EFT
When making changes to event rule comments via AI, the service hangs and the nodes get out of sync
Crash when stopping site on 1 node and trying to log into admin GUI
Crash on startup due to mixed HA status tracking
Event rules are being load balanced when they shouldn’t be
Unhandled exception while performing back up
MTC crashes the EFT Service when attempting to use a custom branding
If the PGP key name is more than ~30 characters it is cut off in the OpenPGP action dialog.
The “Enable Compression” button was non-functional and would always auto-select compression setting from the public key.
SSL FIPS subsystem breaks down disabling users from establishing SSL connections (HTTPS and FTPS)
Unable to download EFTClient.txt when using HTTP protocol
Specific characters are truncating EFT emails
The ChangePassword.htm file is always being served up from the web/public folder instead of the web/custom/<sitename> folder
April 2016
Version 7.3.0
April 25, 2016
Enhancements
Upgraded PGP library.
Protocols - FTP/S: Set default FTP "ReplaceBackslash" advanced property to true.
Fixes
Fixed issue where incorrect login names cause EFT to hang.
Fixed a potential EFT Service crash.
Corrected "Enterprise-only" Help references to Folder Monitor, Timer Event, and File Transfer Client.
Fixed display issues for proxy settings on Windows Server 2008 R2.
Fixed display issues for PGP key names greater than ~30 characters in the OpenPGP action dialog.
Relaxed field validation on proxy settings that aren't in use.
Fixed inability to switch client's two-factor auth setting on PCI site.
Fixed inability to switch client's two-factor auth setting on PCI site via COM script.
AD Auth, complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process is causing a hang when done incorrectly.
Fixed event rule prioritization.
Fixed logic flow issues for File offload/download rules using Socks.
Fixed a potential crash associated with FM rule sweeping a folder while admin is editing the same rule.
Fixed a potential crash that occurs when deleting an FM rule while it's executing.
Fixed a deadlock in EventRuleQueue EFT HA.
Corrected erroneous event rule load balancing.
Fixed a potential HA node crash related to conflicting node statuses.
Fixed a potential EFT service crash for HA environments.
February 2016
Version 7.2.1
February 15, 2016
New Features
Added support for RSA-authenticated sites to also request user passwords in a two-step authentication model, enabled via registry
Added support for EFT COM Admin interface connections from 64-bit processes
Added context variables TRANSFER.RATE_KBPS, TRANSFER.BYTES, and TRANSFER.SECONDS to event rule actions
Added per-user, per-file metadata operations to Workspaces
Added expiration to Workspaces
Added administrative option to enable Workspace expiration
Added ability for Workspace creators to set an expiration date on WorkspacesAdded "On Workspace Expired" event
Added detailed auditing of file and folder operations within Workspaces
Added per-user, per-file metadata operations to Workspaces
Added ability through Event Rules to notify Workspace owner when a file is uploaded
Added Workspace notification email (templated) when adding participant via Admin console
Added context variable (and condition variable) WORKSPACE.OWNER_EMAIL to WS-related and FS-related events
Added handling for an OnTimer exception which caused the admin console to disconnect from EFT Server
Added support for Workspaces REST API 100-Continue header, per HTTP 1.1 specification
Enhancements
Improved performance with extremely large password dictionaries
Enabled scrolling to view full event rule descriptions
Improved performance of HA mode under high volume of login operations
Updated SSL libraries to latest stable release
Updated SSH HMACs to include SHA-256 and SHA-512
Improved performance of rendering contents of a folder that contains a large number (>500) subfolders.
Improved performance of searching within a folder that contains a large number (>500) subfolders.
Improved auditing and reporting of Workspaces activities
Fixes
Fixed a problem where permissions for a user were lost when changing the case of the SAMAccountName and had to be re-added
Fixed a problem where admin permissions were mistakenly removed
Fixed broken inheritance of permission groups for first logged in clients
Connection Profiles are now greyed out in SMB version
Fixed admin console crash occurring when refreshing the VFS tab
Fixed a problem where the admin console crashes upon site creation when the default template home folder setting is discarded
Fixed a problem where the home folder is incorrectly set to the previously used entry during user creation
Fixed an issue where right-clicking user\show VFS is not functioning properly in some environments
Fixed a problem where a user could not be deleted from a site if the server is not located in the first server group
Fixed an issue where, during manual module registration, the wizard becomes unresponsive
Fixed broken AWE task search functionality
Fixed a problem where the ARM connection test generated an error in the Windows Event Log
Fixed a bug where the COM method ICEventRule.SetHASchedulingParams seems to work for any event rule type and non-HA EFT installations
Fixed a problem where the ICIAutobanIPAccessRule.BannedIPs COM property shows as empty when the admin console shows addresses on the IP ban list.
Changed the event rule folder naming convention to follow that of event rules
Event rules are now alphabetically sorted in event rule folders
Fixed a bug where the apply option was not enabled at the event rule folder level when event rules were either enabled or disabled
Fixed an issue where timer rules skipped their scheduled execution time due to delays caused by the retry logic of ClientFTP
Corrected the display of comments for imported event rules
HA secondary nodes now verify that the ftp.cfg file can be found during install
Fixed a case where the backup list got an invalid value.
Disabled option to use local system accounts when in HA mode
No longer backing up all user data from site root for HA installations
Scheduled PGP decrypt/encrypt event rule settings must now be supplied with the full file path instead of just the virtual path
Fixed a problem where PGP private key passphrases were appearing in plain text in EFT.log
Fixed a problem where a site's max concurrent socket connections policy could be broken in high concurrency situations
Corrected an issue where SSL options were not being updated
SSL sessions are now being reused
Fixed the OPTS MLST feature (FTP/S)
Fix a problem where EFT was not returning any type of error When issuing an "ls" command on a non-existent directory
Made return codes for maximum Windows file path exceeded errors consistent in HTTP responses
HTTPS offload transfers always failed when connection timeout set to 0
Now greying out HTTP proxy setting when selecting SFTP protocol in the offload configuration wizard (event rule) since SFTP is only supported through Socks 5 proxies
Fixed a problem where generated SSL key files cannot be assigned as SFTP keys
Unified failure messages returned on failed SFTP authentication attempts to avoid user account enumeration
Disabled default use of diffie-hellman-group1-sha1 key exchange, now enabled only via registry
Fixed the file upload button on the tool bar
Fixed the folder upload button when running in Chrome
Fixed the filter button on the tool bar
Fixed an issue with the refresh button
Resend Workspace invitation will now work as expected
October 2015
Version 7.2.0
October 27, 2015
New Features
Added registry setting ExcludeVFolderInQuotaCalc to exclude virtual folders from quota calculations
Added event rule folders which support one level deep folder organization of event rules
Added connection profiles which allow definitions of host interfaces that can be referenced inside event rules
Added file/folder event rule actions (create, delete, rename)
Added compress/decompress event rule actions
Added "Invoke Web Service" event rule action
Added "If File Exists" event rule condition
Added event rule import/export capability
Added event rule change log to maintain modification history of event rules
Added new role "Event Rule Administrator" that can be granted access to specific event rules, AWE tasks, custom commands, and connection profiles
Added server credential verification in Offload events for validating SSL certs and/or SSH keys of remote servers
Added folder browse control within the offload action builder
Added enhanced event rule logging to allow logging targeting a specific site or rule
Added registry setting ExecuteTransferActionsInParallel enable/disable parallelization of all contiguous offload actions (upload/download/move)
Added restore for HA mode configurations allowing a restore from backup when running in HA mode
Added backup run-on node list for event rule load balancing
Added registry setting DisableEFSChecksForPCIReport to bypass EFS checks when running PCI DSS report
Added support for navigating directories via the browser’s back and forward buttons
Added the ability to be directly deposited into a specified directory via a link
Added support for viewing Workspace invitation statuses in the “Edit Workspace Participants” dialog
Added the ability to resend pending Workspace invitations from the “Edit Workspace Participants” dialog
Added text in the “Edit Workspace Participants” dialog to convey the fact that no users are collaborating in the Workspace for shared folders in which all collaborators have been removed
Added localization mechanisms to facilitate the custom addition of additional languages
Added German and Dutch translations
Added support for WCAG Guideline 1.1
Added a configuration file variable to disable CRC in the event upload verifications are not required
Added configuration file variables to specify custom default Workspace sharing permissions for user-initiated folder sharing
Enhancements
Improved performance of ODBC user synchronization process when there are many new users
(ARM)Improved speed of ARM queries used for time-range based reports
Redesigned WTC interface to enhance usability and aesthetics. All file and folder operations are now displayed in the newly added toolbar
Upgraded OpenSSL to fix a high severity vulnerability
Upgraded OpenPGP library to improve configuration flexibility and compatibility with other implementations
Made SFTP and FTPS logging consistent with previous EFT Server releases
Remove legacy behavior of caching the IP address of the last successfully connected host
Fixes
Fixed improper inheritance of initial password reset option
Fixed a problem where the EFT service hangs at startup and is unable to connect to the EFT console until after a restart
Fixed a problem where EFT was responding with “no such file or directory” when a “cd ..” command was performed on the root directory
Fixed a problem where EFT was not respecting the ReplaceExistingOnRename registry setting
Fixed a problem where negative “days remaining” was being sent to users in the expiration email reminder
Fixed a problem where logging in “change password” administrators are improperly shown the VFS view from the server tab
Fixed a problem where EFT Server crashes when authenticating a user with a DES style password
(AWE)Fixed a problem where the value of %FS.FILE_SIZE% was not maintained after executing an AWE command that deleted or removed the file from the source directory
(AWE)Fixed an issue where the Running AW Task limit was not being respected
(ARM)Fixed a problem where EFT was using an unsupported key length longer than 30 digits when creating an Oracle ARM database
(ARM)Fixed an issue where running reports via an event rule caused extreme memory usage and eventual crash of the EFT service
(ARM)Fixed a problem where relevant information was not being logged by the ARM queue stats logger
Fixed a problem where AD sites do not list the principal name of users if they login before EFT pulls users from the AD server
Fixed an issue where automatically creating a home folder for new LDAP users only worked if the site’s users had been synced
Fixed a problem where a LDAP user’s permissions were lost when the case of the user’s name was changed on the AD server
Fixed a problem where LDAP users can't change their password when a 389 Directory Server is used
Fixed a crash that occurred when removing users from an ODBC site
Fixed a problem where ODBC sites were allowing creation and authentication of usernames containing trailing spaces
Fixed a problem where existing users on an ODBC site could not be moved to a different settings template using either the Admin console or COM API
Fixed an issue where the provisioning of user accounts through EFT Server’s COM API was taking longer than it did in previous releases
Fixed a problem where the CISite.IsFolderVirtual COM method works incorrectly after a call to CISite.GetFolderList
Fixed a problem where the ICIFolderMonitorEventRuleParams::PollIntervalSeconds property could not be set with a value exceeding 9999
Fixed an issue where download actions incorrectly interpret destination paths when the file name is explicitly given using %SOURCE.FILE_NAME%
Removed spurious On User Account Disabled event triggers happening when users were deleted
Fixed an issue in the timer scheduler dialog where if “Every weekday” is selected, “Every X day(s)” will still affect the holiday/runtime calendar
Fixed a problem where the EFT service would crash when removing an event rule
Fixed a problem where folder sweep was crashing the EFT service when the rule was canceled during execution
Fixed an issue where starting nodes in clusters under high load would cause them to become out-of-sync
Fixed a problem where EFT Server deployed in a HA environment had excessive memory usage when experiencing a high user connect/disconnect rate
Fixed the double execution of Folder Monitor event rules under certain conditions when in HA mode
Fixed an issue where EFT Server was experiencing unusually high CPU usage in a clustered environment
Fixed deadlock occurring when EFT is deployed in a clustered environment
Fixed a problem where EFT was returning a zero exit code upon failure to access the shared configuration folder at startup which precluded a periodic restart/retry by the Service Control Manager
Fixed a problem where PGP decryption actions in a folder monitor rule were creating 0 length files if the file was encrypted with a different key
Fixed a problem where files encrypted by EFT Server when compression is enabled could not be decrypted by Ipswitch WS_FTP Professional 12.4.1
Fixed a problem where PGP keyring files were empty after upgrading from EFT 6.4.x/6.5.x
Fixed a problem where PGP encrypted files lack a reference to the original filename in the literal data packet
Fixed a problem where the EPSV command does not complete successfully when a client tries to connect to EFT Server through the DMZ Gateway
Fixed a problem where EFT fails to recognize FTP commands that use a double slash in the path reference
Fixed an issue where files being actively uploaded over SFTP could be viewed on disk over a separate FTP connection
Fixed issues with the FTP PASV port selection algorithm
Fixed a command socket race condition
Fixed a problem where EFT Server should have been reporting an error when attempting to download a file over FTP using an offset greater than the length of the file
Improved consistency of return codes when the maximum Windows file path length is exceeded in the HTTPS interface
Fixed a problem where event rules were creating 0 length files when unsuccessfully downloading over HTTP/S from Oracle and IIS HTTP/S servers
Fixed a problem where the status tab was incorrectly showing 0B and 0bps for files downloaded via HTTP/S event rules
Removed erroneous trailing slashes on folder names in SFTP PWD and CD requests
Fixed a problem where the "Preserve Remote timestamp for downloaded files" setting was not working for SFTP
Fixed a problem where severe memory fragmentation due to heavy SFTP load was causing EFT Server to crash
Fixed a problem where EFT was responding with the error "SFTP21 module was not initialized" for SFTP outbound connections
Fixed a memory leak in SFTP
Fixed an issue with inconsistent file sizes in the EX logs for files download through SFTP
Fixed an issue where SFTP was using local server time instead of UTC
Fixed an access denied error in the SAT send page that occurred when trying to send mail and the adhoc administrator is not a full administrator
Fixed a crash occurring when EFT was validating CSRF tokens
Fixed a problem where attempts to spoof the CSRF token could crash EFT
Fixed a problem where EFT was responding with "HTTP/1.1 412 Precondition Failed" when attempting to open remote files in the Java based WTC
Renamed the “Joined Workspaces” folder tree to “Shared with Me” to facilitate easier user recognition
Extra spaces are trimed from usernames when copying/pasting into the login page username field to avoid login errors
Fixed a problem with the WTC where prepending or appending a slash onto a folder name when creating it caused the listing pane to go blank
Fixed an issue where new workspace invitees were redirected to a 404 error page when the initial password reset option is on
Fixed an issue where renamed Workspace folders failed to display the updated folder name in collaborators’ views
Increased the AJAX timeout limit to 4 minutes to lessen the likelihood of errors during large file uploads
Fixed an issue where the UI would only partially render when logging in under certain conditions
Improved formatting for improperly-handled transfer pane errors
Resolved an issue where users would temporarily see Workspaces elements even when the feature was disabled
Fixed an issue where users removed from a Workspace would still appear in the “Edit Workspace Participants” dialog
Fixed an issue where uploads of 0-byte files failed the verification process
Fixed an issue where spaces in file names where replaced with “%20” encoding when uploading via Safari
Fixed an issue where the sharing banner failed to appear when creating a Workspace from within the directory
Resolved an issue where the transfer pane queue tabs failed to expand and collapse under certain conditions
Fixed an issue where global search terms were retained as a file list filter after disabling global search and failed to show in the search bar
Fixed an issue where uploads interrupted manually or due to a network interruption required manual user intervention upon resume
Fixed an issue where a timeout would occur with an upload in progress
Resolved an issue where the layout would break if the user’s password was nearing expiration
Fixed an issue where the multiple file download feature failed to download all files for selections in excess of approximately 75 items
Addressed a cross-site scripting vulnerability in the folder creation modal
Fixed a problem where IE8 and IE9 were not able to use single click URLs to download or save files
Fixed site specific workspace invitation templates
Version 7.1.5
October 23, 2015
New Features
Added Advanced Property to ignore virtual folders during quota calculation
Enhancements
Improved CPU usage
Restored reference to original filename in literal data packet
Corrected connectivity issue related to port used for data connection in PORT mode
Fixes
Fixed enforcement of running task limit
Fixed key length problem in Oracle database implementation
Removed capability of creating users with trailing spaces following their username (ODBC)
Fixed bug in ODBC that disallowed moving users between Settings Templates
Remediated potential service crash due to corrupted buffers in Folder Monitor
Remediated potential service crash during Event Rule removal
Fixed service crash due to internal race condition
Fixed potential crash upon admin connection related to empty permission list in root site folder
Fixed logging inconsistencies between EFT 6.5 and EFT 7
Fixed broken inheritance from Settings Template to User-level “Force users to change their first-time password…” setting
Fixed EPSV command problems over DMZ Gateway
Restored support for commands preceded by double slash
Fixed occasional data socket failures in PASV mode
Fixed inconsistent file sizes in the EX logs when downloading files
Restored 0 byte upload logging
Fixed bug where local server time was being used instead of UTC
Fixed potential crash during CSRF token evaluation
Fixed server crash related to Opera and other browsers connecting
Fixed UTF8 encoding of filename in uploads from IE11
Fixed browser sticking during upload verification on moved file
Fixed broken page displayed when password expiration was enabled
Improved skip / overwrite prompt
Fixed redirect for 404 on Workspace invitations when initial password reset option is ON
Fixed forwarding when WTC is disabled for a particular user
July 2015
Version 7.1.3
July 22, 2015
Enhancements
Upgraded OpenSSL to mitigate vulnerability CVE-2015-1793: https://www.openssl.org/news/vulnerabilities.html#2015-1793
Improved resilience to loss of HA Mastership
Improved recovery from scenario where no node is master
Updated OpenPGP to latest /n software libraries
Fixes
Decrypting PGP files with folder monitoring created 0kb files if the PGP file was encrypted with a different key
Corrected potential deadlock in clustered environment.
Fixed bug where PGP encryption algorithm was set to AES128 regardless of the public key cipher used.
Fixed a scenario where Ipswitch WS_FTP Professional 12.4.1 failed to decrypt files encrypted by EFT Server 7.0.x with compression enabled.
Alleviated potential for PGP keyring files to become empty after upgrading to EFT 7.x from EFT 6.4.x/6.5.x
Fixed an issue where SSL Compatibility Allowed Versions would be changed during SMB to Enterprise upgrades.
Corrected EFT service crash scenario when specific HTTP/S client connected.
Eliminated memory leak scenario in SFTP.
June 2015
Version 7.1.2
June 24, 2015
New Features
Added registry value for "SFTPProcessThreadStackSize" and changed default stack size to 512Kb
Added a boolean AdvancedProperty to bypass EFS Checks when running PCI DSS report
Added support for SHA-512 passwords over FTP
Enhancements
Improved performance of VFS management
Improved search function in Admin UI
Mitigated hang in Status Viewer when connected to ARM database
Improved performance for ODBC synchronization
Improved Move/Copy action error code accuracy
Reduce CPU utilization with large volume of user connections on HA EFT cluster
Improved startup synchronization for clusters under high load
Improved CPU utilization during CreateWorkspace request
Expand support SHA-512 hashed passwords to HA mode
Fixes
Fixed server hang at startup requiring service restart to connect to Admin UI
Fixed manual registration
Revoked site admin permission to retrieve ARM password via COM
Fixed issues during account creation on AD sites set to use User Principal Name
Automatically create home folder for new users even when LDAP hasn't been synced
Fixed date parsing in ClientFTP LIST command for AS/400-like servers
Corrected ClientFTP port selection in active mode
Addressed client connection failures
Fixed CISite.IsFolderVirtual behavior after call to CISite.GetFolderList
Addressed Folder Monitor double executions
Fixed registry override to replace a folder/file with the same name
Stop caching IP address of last successfully connected host
March 2015
Version 7.1.0
March 02, 2015
New Features
Added EFT Workspaces, a collaboration tool to allow users to easily share files and folders
Added mechanism for importing accounts with SHA-512-hashed passwords
Added advanced property for controlling HTTP request type for CIC actions
Added wildcard support for CIC actions
Added controls for users to share folders as Workspaces and control participants' permissions
Created a registration page for users invited to participate in Workspaces
Added multi-file download option
Added ex logging for HTML5 client uploads
Enhancements
Changed default report type from HTML to PDF
Improved performance of VFS management
Improved feedback on AJAX request problems when they occur
Improved feedback for failed upload verifications
Improved Ctrl+F "Search" function
Improved accuracy of HA node status tab
Fixes
Removed redundant Windows event log error for EFT 7 trial expiration
Fixed bug where email notification reminder is sent despite option being disabled
Resolved a performance issue where the Transfer Engine was requesting too much information when connecting to Admin Interface
Fixed GUI bug where VFS Tab was not jumping to usernames when trying to add a user
Corrected virtual folder display problems in Admin InterfaceFixed broken filters for “AS2 – Transaction Overview” report
Corrected entries for ReportPort and LocalPort in tbl_Authentications
Fixed bug where home folder was created and replaced on first login despite already being configured
(AS2, Enterprise only) Resolved an error generated every time the user DB is refreshed: "Remap user's home directory failed: client home directory is root"
Fixed a bug that occasionally caused EFT 7.0.3.10 to crash when removing users from an ODBC site
Restored COM API change password functionality
Fixed SSHFIPSEnabled COM method, which was interacting with the SSL settings rather than SSH settings
Fixed issue where CIC Report contained truncated x-header information
Cleaned up horizontal scroll appearance mechanism in CIC before it's needed
Fixed a potential EFT crash in event rule execution
Restored event rule e-mail override functionality
Fixed service crash triggered by FM event rule removal during folder sweep
Fixed bug where Folder Monitor always followed synchronous logic flow
Fixed bug where custom commands' "if action failed" block wasn't being triggered
Addressed an issue where HA Folder monitor rules could sometimes runs twice
Fixed loss of custom account details on 6.5 to 7.0 upgrade
Restored population of %FS.PATH% and %FS.VIRTUAL_PATH% context variables from Mail Express transactions
Fixed bug where 0KB files were not deleted in PGP event rules
Corrected change in ex.log entries FTP/S and SFTP paths were no longer relative to the root
Restored trailing slash for FTP PWD
Removed redundant slash from FTP paths
Fixed bug where EFT Client FTP was choosing the wrong port in active mode
Fixed Client FTP parsing issues for "LIST" command on AS/400-like servers
Fixed bug where "local server time" was not being used
Resolved EFT crash related to processing invalid MLST command
Fixed issue where 'SIZE /' returns 501 rather than '550 - File not found'
Made uniform return codes when maximum Windows File Path is exceeded in HTTPS
Fixed vulnerability in SFTP due to out of memory crash
Restored "Preserve Remote timestamp for downloaded files" functionality for SFTP
Removed erroneous "folder not found" SFTP errors from status tab
Fixed a bug preventing generated SSL Key file being assigned as SFTP key
Restored logging for 0 byte uploads over SFTP
Re-enabled use of backslash when changing directories with SFTP
Restored On File Upload event rule trigger for zero byte SFTP uploads
Removed extra comma in SSH_MSG_KEXINIT exchange when last cipher and MAC were not selected
Fixed bug where EFT would disallow HEAD requests for users without Download permission
Re-enabled CRC verification where it wouldn't work with EFS enabled
Web Interfaces – Web Transfer Client (Java)
Fixed WTC Java password change redirection to return to WTC Java instead of HTML5 client
Stopped app from timing out during long uploads
Fixed display issue with UTF-8 characters in Internet Explorer
Restored file upload functionality for WTC Basic in Internet Explorer
October 2014
Version 7.0.3, R2
October 24, 2014
Enhancements
Updated PCI report for PCI DSS by adding SSLv3 protocol checking to section 4.1 that will prompt a warning
Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities
Set SSLv3 to off by default for new installations in response to POODLE vulnerability
Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities
Set SSLv3 to off by default for new installations in response to POODLE vulnerability
Version 7.0.3 R1
Mon, 10/13/2014
New Features
Added Content Integrity Control module and Event Rule action
Added AD and LDAP support in high availability installations
Added default Event Rule load balancing settings for active-active clusters
Added cluster information to Status tab for active-active cluster nodes
Added ability to refresh and keep user logged in
Added an indicator to illustrate that Global Search is "loading" when enabled
Added simple mechanism for issuing a Terms & Conditions acceptance dialog to end users
Enabled the "If Using Web Transfer Client" condition in EFT's Event Rules for the HTML5 WTC
Enabled On File Upload for HTML5 WTC
Enabled On Verified File Upload for HTML5 Advanced WTC
Enabled uploads of large files, with up to 20GB tested
Enhancements
Changed Single-click URLs and single sign-on to use the HTML5 WTC instead of the Java WTC
Created an upgrader to facilitate upgrading the WTC without upgrading EFT
Improved performance of uploads in all supported browsers
Removed notification in "basic" HTML5 WTC that previously alerted users no licenses were available
Improved performance of RESTORE operation
Fixes
Fixed issue where invalid home folder path results in corrupt ftp.cfg when upgrading from 6.5 to 7.x
Fixed a problem where adding users to a newly created Permission Groups fails with a message "Operation Failed"
Fixed an issue where "Show VFS Home folder" command not working for virtual folders
Fixed a problem where EFT 7.0 fails to load a 6.4 configuration on upgrade
Disabled "Create User Group" option for user-level admins
Fixed a problem where config backup wouldn't gracefully disconnect admin during backup
Fixed a problem where EFT logged every connect/disconnect to the server
Fixed a problem where "Browse VFS" dialog returned wrong path results in "Access Denied" message box
Fixed problem where renamed permission group fails to propagate new name to Folder Permissions list in VFS Tab
Fixed a problem where EFT logged that it was serializing the EFT.cfg file upon every client connect
Fixed a problem where SSH Server would not throttle bandwidth for connecting clients
Restored ability to Delete/Modify virtual folder in EFT VFS when physically deleted or inaccessible
Fixed a problem where a “User Admin” or “Change Password Admin” disabling a single account caused EFT to mark all user accounts the admin has access to as Updated
Fixed a problem where a new user's home folder is set to "/" even when "Automatically create a home folder for new users" is not selected
Fixed a GUI crash caused by an admin level "User" being unable to access VFS
Fixed Help> About of MTC Registration where it previously showed 0 licenses
Fixed an issue where under certain conditions expanding a node in the VFS Folder tree displays a persistent hourglass node with the text "Loading" that requires further interaction before going away
Fixed an issue where UI doesn't update properly when switching between settings templates and users
Fixed formatting error in Security Failed Logins report
Fixed a problem where upgrading to EFT 7 caused "Activity - By File Report" to not return files that were uploaded and then processed with "File Uploaded" event rule
Addressed cases where ARM failed to audit the parameters of some event actions
Fixed issue where AD Accounts in a child domain cannot connect to EFT over SFTP, while other protocols worked correctly
Fixed special character handling for AD Auth site's Domain and Group fields
Fixed issue where upgrades involving AD Sites with virtual directories broke user folder permissions
Fixed issue where AD physical home folder assignments had changed in 7.0
Fixed a problem where AD user accounts didn't update on service restart in HA mode
Fixed an issue where AD Password Expiration notifications were sent when corresponding feature was disabled by default
Fixed timeout when creating AD Sites with 150K + users
Fixed LDAP issues when poorly connected/low performance server was in use
Fixed reduction of ODBC synchronization process performance
Fixed a problem where CreateUserEx call for an ODBC site is 3-4x slower on average compared to 6.5
Fixed an issue where site admins could obtain ARM password via COM
Improved usability of event rule function: rule.GetHASchedulingParams()
Removed ability to add a non-existent AWE task to an event rule
Fixed a problem where Download actions did not work if username length is 40 or more characters and used mask in source path.
Fixed a problem where FM failed to move all files in HA configurations
Fixed an issue with "Monthly" and "Yearly" timers not working correctly in 7.0
Addressed a problem where scheduled event rules periodically stop working after upgrading to EFT 7
Fixed an issue where failure to deliver event is not being logged
Fixed a problem where event rules weren't executing on fully qualified domain names
Addressed scenario where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message
Fixed a problem where an event rule couldn't utilise the Settings Template condition
Fixed issue where additional items were added to the registry after a backup & restore
Fixed node name in error message when opening up a 2nd Admin console in an HA environment
Fixed a problem where Certificate Signing Utility returned "Error. Request not signed." error
Corrected issue where literal 'CWD ..' while in the root folder will return 501 syntax error
Added filenames and corrected incorrect port number in u_ex log file
Corrected issue where "ls filename" command responds with a 550 permission denied message
Fixed issue where incorrectly configured FTP port range heavily raised CPU usage and broke passive mode with no errors
Restored ability to use backslash when changing directories with FTP
Fixed a problem where Rename Transferred Files option does not work in event rules over SFTP
Fixed issue where tbl_Protocol_commands does not record creation of Folders from WTC when folders are copied
Restored Web Session Timeout registry override units to minutes (6.5) instead of seconds (7.0)
Fixed a problem where HTTP redirection to built-in pages (login, change password, etc.) failed to work behind NLB or WAF even when X-ORIGINAL-PROTOCOL: https was used
Fixed problem where users are unable to create new folders using PTC upon initial login
August 2014
Version 7.0.1
August 11, 2014
New Features
Added HTTP CRC calculation logging
Enhancements
Improved performance of restore operation
Improved Backup Configuration performance and stability
(WTC/Workspaces) Upgraded Jument to 1.0.1 build 3
New text for login error on Web interface
Fixes
Fixed a bug where EFT would send AD Password Expiration notifications when corresponding feature should be disabled by default
Fixed a problem where EFT logged sensitive information to EFT.log in specific cases
Fixed a memory leak related to FIPS SSL
Fixed a bug where ARM failed to audit the parameters of some event actions
Addressed a scenario that caused a failure to upgrade Oracle database
Fixed a bug related to new user creation, where the home folder for the user was automatically assigned to be / even when "Automatically create a home folder for new users" was not selected.
Addressed a scenario where EFT may crash in high load when ODBC authentication is used.
Refined usability of event rule function: rule.GetHASchedulingParams()
Addressed EFT hang during DMZ use.
Addressed issue where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message.
(AS2, Enterprise only) Fixed issue where testing an AS2 connection via a proxy when a DMZ server is offline would cause the GUI to timeout.
Refined behavior of Restore from Backup button in the new site wizard to operate intuitively.
Corrected issue where EFT incorrectly balanced FM events with long file names
Addressed crash in HA when deleting HA timer rule
Addressed scenarios where EFT 7.0 may fail to upgrade from 6.5 when a client had incorrect home folder
Fixed EFT service memory leak and crash while using literal site command to call custom command via FTP protocol
Fixed EFT service crash when using literal X-CRC command
Fixed bug where SFTP created incorrect folder listing which may cause problems for some SFTP clients.
Fixed bug where Web Services was not accessible via web browser. 404 returned.
Corrected HTTP redirection to built-in pages (login, change password, etc.).
Refined per-Site customization of Web interfaces to work as expected
June 2014
Version 7.0.0
July 03, 2014
New Features
Added High Availability (HA) mode of operation for active-active failover and load balancing without requiring Windows Clustering Services nor Veritas Clustering
Added support for High Availability configuration
Added High Availability reports to group output by cluster node performing the activity
Added support for HA installation mode, including enabling required Windows features to support message queuing
Provided command line installation options for HA configuration
Added support for load balancing Folder Monitor and Timer event rules in HA mode
Added new HTML5-based Web Transfer Client to provide similar functionality to Java applet with fewer deployment problems
Added self-healing ARM connections
Added end time to ARM database to record when an event action stopped in addition to its start time, which had already been recorded
Provided command line installation options for serial number (activation) entry
Enhancements
Updated OpenSSL library to version 0.9.8za
Updated OpenPGP library
Enable Large Address Aware feature so that EFT Service process can access up to 4GB memory
Updated password hashing mechanism to use salted, iterated PBKDF generation to improve security
Updated PCI/DSS module to audit compliance with PCI DSS v3
Improved skipped file handling during Event Rule Offload action
Improved CRC checksum calculations efficiency for files on high latency links to network share
Increased default ARM queue size to 1000
Improved handling of asynchronous Custom Command and AWE Task execution for deterministic, reliable behavior under load
Fixes
Fixed scenario where a Folder Monitor rule set to trigger with both ‘Folder Change Notification’ and 'Folder Sweep' turned on may stop processing new files.
Updated GUID generation to use sequential GUIDs to reduce index page fragmentation
For version 6.5 and earlier, refer to the EFT Enterprise release notes.