Support for DWP Generic File Transfer Service (GFTS) & migration to SFTE

DWP is replacing Generic File Transfer Service (GFTS) with a new application SFTE (Single File Transfer External).

For DWP, this new application is built on modern technology with a more robust and scalable platform to support current and anticipated future needs.

For DWP partners, changes are enhanced security including authentication and encryption standards.

The same Secure FTP (FTP over TLS) file transfer protocol is used. TLS 1.2 or TLS 1.3 are supported with mutual TLS authentication. File transfers continue to be authenticated based on username and password credentials.

SFTPPlus has worked with DWP and customers for many years to provide SFTPPlus compatibility with GFTS and is supporting the move to SFTE with updated software and technical support.

Technical considerations, all of which are supported by SFTPPlus

SFTPPlus is actively developed and we always keep our product up to date to make sure it meets the latest requirements in the field of automated file transfers.

SFTPPlus supports all TLS 1.2 and TLS 1.3 cipher suites required by DWP.

SFTE uses both certificate base TLS 2 way authentication and username/password authentication. SFTPPlus can use both authentication options. During certificate authentication, SFTE utilises a two-way certificate handshake. Certificate handshake is supported by SFTPPlus.

When entering Passive Mode, DWP require your system to respond back on the same external IP address as you have provided via the submitted connectivity documentation. SFTPPlus can be configured to respond with a public IP, even when deployed behind a NAT firewall.

Any FTPS client interacting with DWP SFTPE should issue a PROT P command prior to login, so the username and password are sent protected. SFTPPlus supports PROT P and it will always send the credentials only after the security was established for the FTPS command channel.

SFTE will virus scan incoming/outgoing files. Files failing the virus check will be quarantined and deleted. SFTPPlus can run a virus scan prior to sending and can also work along on-the fly AV scans.

Explicit Passive TLS mode must be used in all cases to provide the necessary levels of security to allow for simultaneous transfers. SFTPPlus supports Explicit Passive TLS mode, and can enforce that the TLS session is reused between the FTPS command channel and the passive data channel.

Your FTP (File Transfer Protocol) configuration should include an appropriate Retry Policy, to enable the auto recovery of any file that may initially fail a transfer action. File transfers can fail for multiple reasons which are often for short periods. A good retry policy will negate the need for any manual intervention and prevents unnecessary delays to the file transfer. SFTPPlus supports configurable retry policies for reliable delivery of files.

About SFTPPlus

SFTPPlus provides enterprise strength secure, managed file transfer with audit, authentication, automation to meet all your requirements using a single product suited to all use scenarios.

Supported protocols include: AS2, SSH/SFTP, FTPS Explicit and Impliict, HTTPS, PGP, SCP, WebDAV. Can be deployed on-premise, cloud or container. Windows, Linux, macOS, Kubernetes, Docker, Azure etc

FIPS 140-2, GPG 13, HIPAA/HITECH ready.

Client and Server are installed as a single product and managed from an unified web based GUI.