New Features

• When defining a new password for an account, it is now possible to define a minimum level of complexity and strength. [#4700]
• You can now set an email as part of the user's account details. [#5125 …

Introduction

What is Let's Encrypt?

Let's Encrypt (sometimes shortened as LetsEncrypt) is a certificate authority that provides SSL/X.509 certificates at no charge. You can read more on the subject in the Wikipedia article on Let's Encrypt.

A Let's Encrypt certificate is valid for 90 days, but it is …

New Features

• You can now define a custom CSS file for HTTP/HTTPS file transfer services. [server-side][http][https] [#5101]
• You can now automatically get SSL/X.509 certificates signed by Let's Encrypt's certificate authority. [ftps][https] [#5117 …

New Features

• It is now possible to define a list of HTTP Host header origins accepted by the HTTP file transfer services and …

New Features

• SuSE Enterprise Linux without the Security Module and OS X are now distributed with OpenSSL 1.1.0h, making it possible to use TLS 1.2 and SHA2. [#5030]
• It is now possible to use variable …

New Features

• In the event handler configuration, it is now possible to filter the …

New Features

• When the remote FTP/FTPS server supports the MLST command, SFTPPlus will use it to determine the existence of remote paths. [client-side][ftp][ftps] [#3885]
• For a transfer, it is now possible to execute …

Defect Fixes

• The HTTP API authentication for an account now fails when the account is accepted by the remote HTTP API but the associated group is disabled. [server-side][security] [#5058]
• A defect was fixed in Local …

New Features

• The HTTP and HTTPS file transfer API now support session based authentication. The Basic Auth login is still supported. [server-side][http][https] [#5009-1]
• The HTTP and HTTPS file transfer services now have a session …

New Features

• The Azure File Service of the Azure Storage Account is now available as a location for client-side transfers. [client-side][http] [#4988]
• It is now possible to define a client-side file transfer that will wait …

Introduction

What is business continuity planning (BCP)?

According to Wikipedia, business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to a company.

Business Continuity Planning also includes these five components as defined by the SANS Institute. These components are:

• Business Resumption …

New Features

• The OpenSSL library used by SFTPPlus on Windows was updated to OpenSSL 1.1.0h. [#4579]
• It is now possible to define virtual folders that are available to all accounts from a group. These …

Introduction

The following is a short guide on how you can set up a security scanner for your SFTPPlus MFT Server installation. For this guide, we have chosen a free and open source scanner, OWASP Zed Attack Proxy or zaproxy, as an example.

Of course, there are a number of …

Why get ready for IPv6?

According to the Akamai Q1 2017 State of the Internet Connectivity Report, "approximately 5 million IPv4 addresses were depleted from available pools at the Regional Internet Registries in the first quarter, leaving approximately 39 million addresses remaining."

In response to the steady depletion of IPv4 …

Default SSL cipher suites

With the release of SFTPPlus 3.32.0, we have changed the default set of SSL cipher suites for the Local Manager and the HTTPS service. As with any product that runs in many environments, SFTPPlus uses a default set of SSL-related parameters that are a …

Customers using HTTP/HTTPS services should upgrade to 3.33.0

The SFTPPlus version 3.33.0 release is a major security update for the HTTP/HTTPS file transfer service and the SFTPPlus Local Manager service.

This update addresses the vulnerabilities concerning Cross-Site Request Forgery Attacks and Cross-Site Scripting Attacks …

What is Data Loss Prevention (DLP)?

Data Loss Prevention (or DLP for short) is the application of technology and policies in order to detect and prevent potential data breaches and data ex-filtration. Data that is of particular interest include sensitive emails, documents and other information leaving the organizational boundary. Data …

New Features

• SFTP and SCP file transfer services can now listen on IPv6 addresses and accept connections from IPv6 clients. [server-side][sftp][scp] [#1924]
• The HTTP and HTTPS service now accepts creating new folders with the …

Why read this?

As part of meeting the Accounting component of the AAA (Authorization, Authentication and Accounting) framework, each event and action on the server and/or the client-side are recorded by SFTPPlus. These events have an associated Event ID which is also publicly searchable both on our website and …

New Features

• The option to enforce unique names for uploaded files is now available for the HTTP and HTTPS file transfer services. [server-side] [#4465]
• A SOCKS version 5 (SOCKS5) proxy without authentication can now be used …

New Features

• It is now possible to dynamically dispatch files to different destinations based on the name of the file which was dispatched. [#4555]
• The HTTP authentication method can now send requests which are authenticated using …

Where does SFTPPlus sit in your IT infrastructure

The SFTPPlus software stands at the OSI Layer 7 or the TCP Layer 4. In order to have a fully fault tolerant system, you need to implement resilience at all the other layers including the OS. SFTPPlus can be integrated with external …

Why read this guide

In order to implement a secure managed file transfer system, you will need a good understanding of the supported services and protocols involved.

This article provides an overview of the supported protocols, including the advantages and disadvantages of these protocols as well as situations for the …

Why read this article

In order to have a fully established file transfer and sharing system, you need to implement integration at all the other layers including the OS. SFTPPlus can be integrated with external tools and third parties in order to help establish these integration requirements.

This article is …

New Features

• An event with ID 30079 is now emitted when an SFTP location sends a banner message during authentication. [#4293]
• The HTTP file transfer service now supports the HEAD method for folders which return OK …