Enhanced File Transfer (EFT) Server Version History

 

September 3, 2008, 5.2.5 Build 08.26.2008.1

• Resolved issue where transfer status was not properly displayed in Web Transfer Client.
• Updated Web Transfer Client to be compatible with Firefox 3.0 for Windows and Safari 3.1.1 for OS X.
• Fixed PGP private key issue with whitespace in passphrases.
• Improved HTTP POST memory and CPU efficiency and speed.
• Fixed COM method GetUserSettings to be case insensitive.
• Added GetPhysicalPath (string VirtualPath) function to COM interface.
• Resolved ARM connection handling error to MSSQL2005.
• Updated Site Setup Wizard to correctly require SSL certificate passphrase.
• Added SSL close_notifiy message to ensure support for FileZilla client.

July 22, 2008, 5.2.4 Build 07.22.2008.1

• Improved refresh rate for AS2 Test GUI.
• Improved AS2 configuration usability.

July 18, 2008, 5.2.3 Build 07.18.08.1

• Added Drummond-Certified AS2 support in compliance with RFC4130
• Enhanced AS2 to include Multiple Attachment support
• Enhanced AS2 to comply with the AS2 Reliability specification
• Added support for Web Services invocation of Event Rules 
• Enhanced PGP architecture by upgrading the core PGP libraries
• Enhanced the PGP encrypt Event Rule action to automatically ignore files with *.pgp or *.gpg extensions for encrypt operations
• Enhanced the PGP decrypt Event Rule action to process files with *.pgp or *.gpg extensions exclusively
• Corrected issue where loss of LDAP connectivity would disassociate users from groups.

August 12, 2008, 5.1.34

• Improved Web Transfer Client proxy connection handling.
• Improved Web Transfer Client logout.
• Enhanced Web Transfer Client date format options.
• Enhanced Web Transfer Client to remember EFT login to reduce login popups when connecting through proxy.
• Added support for NTLM authentication for browser/SAT module connections.
• Corrected auditlogger SQL formatting issue when writing to disk file while disconnected from DB (MS SQL or Oracle).
• Corrected idle admin port timeout issue.
• Corrected Site Creation wizard error when specifying ports for additional network adaptors.
• Corrected issue when failed LDAP query would disassociate users from groups.
• Updated Oracle version of default ARM reports to match SQL.

May 16, 2008, 5.1.30 Build 05.06.2008.1

• Added support for certificate based SSL authentication for Offload and Copy/Move event rule actions – requires registry entries to enable
• Added new replacement variables for the FTP login banner (%DATE% and %TIME%)
• Corrected a crash that occurred when specifying a non-existent group
• Corrected the Send Report event rule action so that only the report output chosen is generated
• Added a new context variable (%FS.REPORT_FILENAME%) for report generation, which is just the filename of the report, not the full path, for convenience in copy/move event rule actions
• Added field to database to capture login name of users connected to the server's administrator port
• Added optional registry setting that improves the internal save process for the server's configuration data - only affects very large configuration files (such as those with hundreds of event rules)
• Added support of auditing to an Oracle database – requires a registry entry to enable
• Corrected a crash that occurred when calling the AddIPAccessRule() method via COM
• Corrected problem in which legacy configuration files were designated incorrectly as corrupted
• Corrected a problem with Web Transfer Client filter results linking to other folders
• Corrected FTP result codes for non-wildcard list command per RFC959 specifications
• Corrected multiple GUI and service runtime crash conditions
• Corrected an issue in which no error was being reported when the connection was lost while writing to a network resource
• Corrected a crash that occurred occasionally at service shut down
• Corrected problem with inheritance and resulting folder permissions
• Corrected various memory and handle leaks
• Performed various stability related improvements to the monitor folder event rule
• Expanded LDAP connection string to support up to 512 characters
• Increased the default timeout values for COM
• Reduced timeout values for administrator login

February 28, 2008, 5.1.6 Build 2.28.2008.1

• Added SOCKS outbound proxy support (available in Copy/Move Action dialog)
• Added registry value that can be used to override default AD Auth Manager behavior of creating home folders that are virtual paths to the AD users home folder value
• Added support for "X-ORIGINAL-PROTOCOL" header over HTTP/S to facilitate terminating SSL connections in front of the EFT Server or DMZ Gateway
• Enhanced Copy/Move Event Rule to allow the use of context variables as a first entry in the destination path
• Corrected two memory leaks (folder monitor health check, and when offloading files)
• Corrected problem where rules can't be deleted when no actions are defined
• Corrected Administrator Interface crash when applying changes to rules under certain conditions
• Corrected problem where offload event using SFTP protocol sometimes fails
• Corrected rare crash that may occur when multiple administrators are configuring the server simultaneously
• Corrected problem where an LDAP site with thousands of groups would hang upon opening the site
• Corrected problem where the Timer/Scheduler would not fire under rare conditions
• Corrected problem with terminating a rule prematurely if changes are made to that rule while the rule is executing
• Allowed system to disable users after multiple invalid login attempts even when PCI DSS HS Module is expired
• Corrected problem with apostrophe in filenames not working properly in Web Transfer Client
• Corrected problem with Filter button/command not working in Web Transfer Client on rare occasions
• Corrected problem with sibling files and folders being transferred (not just selected folder) in Web Transfer Client

January 2, 2008, 5.1.1 Build 12.19.2007.1

• Added the ability to create PCI DSS Sites for all supported authentication types
• Added new wizard page to optionally enable Data Sanitization when creating a new site
• Added a compliance check for data sanitization per PCI DSS 9.10.2
• Added a compliance check for NOOP command and site-to-site transfers per PCI DSS 2.2.3
• Added a compliance check for SSL clear command and data channels per PCI DSS 4.1
• Added a compliance check for more than one admin with full control over EFT Server per PCI DSS 7.1
• Added a compliance check for any expired certificates or keys per PCI DSS 3.6.4.9
• Added support for AES-256 cipher (SFTP)
• Added SSL certificate chaining to mitigate the problem of expired intermediate keys
• Added new COM methods for client account lockout and IP access controls (see help file for details)
• Added a new Web Transfer Client "signing" security mechanism to mitigate risk of rouge servers deploying malicious web transfer clients
• Added a progress bar and animated graphic to communicate transfer progress in the Web Transfer Client
• Added true "logout" for Web Transfer Client (previously you had to close the browser to kill the session)
• Added ability to hide files marked with a "hidden" attribute on the local file system (Web Transfer Client)
• Added new client (user) context variables including last login time, password expiration date/time, reset password at first login, account expiration date, and whether account is active or not. See help file for details
• Added functionality to check for improper PGP passphrases when a new encrypt/decrypt rule is created
• Added an error message to the Windows application event log when SSL fails to initialize
• Enhanced the sorting algorithms used for users, groups, commands, event rules, etc.
• Enhanced EFT Server GUI icons with high-color and XP-color definition
• Enhanced usability by setting default values and by improving text throughout the UI
• Enhanced PCI DSS reporting to create HTML format reports if a PDF reader not available
• Enhanced checksum calculations (incremental CRC32 for improved throughput on transfer verification) for Web Transfer Client
• Enhanced Auditing and Reporting module (ARM) database connectivity logic (connection pooling) to provide superior performance when under heavy loads
• Increased character limit for the AD user description field from 100 to a limit of 1024 characters
• Corrected instability issues that caused crashes or hangs under rare situations, due to deadlocks and/or race conditions
• Corrected directory listing problems on Mac OS (Web Transfer Client)
• Corrected drag and drop within remote pane intermittently failing (Web Transfer Client)
• Corrected various instability issues that could cause crashes in the Web Transfer Client
• Corrected a potential security vulnerability where a user could change into a directory that they had no permissions to (affects SFTP only)
• Corrected issue with Apply button not being disabled once an Event Rule is deleted
• Corrected inconsistency with how accounts were shown as enabled/disabled when using AD authentication
• Corrected LDAP user authentication issue where an extra comma was being supplied in the bind string
• Corrected incompatibility issue with Windows 2000 where EFT would fail to start (EFT 5.1 and above)
• Corrected error when calling COM method AddUserToPermissionGroup() under LDAP sites
• Corrected problem where new SSH keys were not displaying in the SFTP public key select window
• Corrected problem where SFTP login failed Event Rule would trigger twice (or multiple times) rather than just once upon login failure
• Corrected problem where newly created SSH keys were not appearing in the SFTP key manager key selection list
• Corrected problem where Timer Event Rule triggers where sometimes skipped
• Corrected problem where renaming a folder in the VFS or by a connected client no longer causes permissions on all subfolders to reset their permissions to "inherit"
• Corrected problem where users would disappear from a group if they were moved to a different User Settings Level template
• Corrected problem where users disappeared from a group after being moved from a different group upon site restart (using LDAP authentication)
• Corrected problem where the file copy/move Event Rule action would trigger a failure even when the file was moved successfully
• Corrected problem where EFT would generate temporary files in the install directory for no apparent reason (.041 extension)
• Corrected problem where downloads using wildcards were failing to use the DMZ Gateway as a proxy server (when set to do so)
• Corrected problem where allowed/denied IPs weren’t applied until site restart
• Corrected problem where an incompletely defined download rule could be saved, possibly corrupting EFT’s configuration file
• Corrected problem where reconnecting to the auditing database would result in a near-instant disconnection
• Corrected problem where DMZ gateway did not retain its "Client IP" settings on restart (requires update to DMZ Gateway server)
• Corrected problem with files re-uploading when Refresh is selected (Web Transfer Client)
• Corrected problem with not being able to rename files in Safari over HTTP protocol (Web Transfer Client)
• Corrected problem with resume download not working (sometimes resume button not appearing at all, other times it would appear but resume would fail)
• Corrected problem with transfer resume under SFTP protocol with some SFTP clients
• Corrected problem with large (2 GB+) files over SFTP to certain servers, such as ProAtria SFTP Plus
• Corrected problem with not being able to add a user/group to virtual folders or subfolders until Refresh button was clicked
• Corrected problem with user account impersonation: files could be renamed over some protocols but not others even when rename permission was provided
• Corrected problem with admin console session being lost when testing event rules
• Corrected problem with wild cards in a download action not downloading files that matched the mask
• Corrected problem with not being able to change the Site Root folder (it would revert back to the previous root folder upon restart)
• Corrected problem with the Event Rule Offload action not using the DMZ Gateway Server as an outbound proxy (when set to do so)
• Corrected problem with server response code returning 250 instead of expected 230 for successful logins
• Corrected problem with %Event Reason% parameter tag always showing "Action Completed Successfully" rather than the appropriate failure reason
• Corrected problem with auditing of large (over 2 gig) transfer sizes to the Auditing and Reporting database (SFTP transfers only were affected)
• Corrected problem with zero or negative values being stored in identity field in the ARM database after auditing entered failure state.
• Corrected problem with the ARM Component One Report Editor help file not displaying
• Corrected problem with COM method CreateComplexPassword() not handling VBScript reference parameters
• Corrected problem with EFT’s COM functionality not working in 5.1 when called from VB apps. Error received was MX Error 52 (00000034)

November 14, 2007 5.1.0 Build 11.14.2007.2

• Added optional high security module to monitor and alert Payment Card Industry Data Security Standard (PCI DSS) violations including:
  • Default password, banner message, or port values in use (PCI DSS 2.1)
  • Unsecure protocols in use (PCI DSS 2.2.2)
  • Password length, expiration and complexity violations (PCI DSS 8.5.10,11)
  • Disk quota not set (PCI DSS 3.1)
  • Administrator IP address filter not set (PCI DSS 1.3.1, 1.4.1)
  • Secure remote administration not set (PCI DSS 2.3)
  • DMZ Gateway not set (PCI DSS 1.3.4)
  • DoS and flood settings too low (PCI DSS 6.5.9)
  • Encrypting File System (EFS) in use (PCI DSS 3.4.1)
  • Check if passwords are being reused for any account (PCI DSS 8.5.12)
• Added daily automatic or manually generated report on current PCI DSS compliance status, including all violations, justifications, and compensating controls (PCI DSS 10.6)
• Added optional high security module to enforce compliance with Payment Card Industry Data Security Standard (PCI DSS) including:
  • Disabling of anonymous account types (PCI DSS 8.5.8)
  • Disabling of weak SSL versions and ciphers (PCI DSS 4.1)
  • Disabling of weak keys (PCI DSS 3.6.1)
  • Disabling ability to reuse prior passwords (PCI DSS 8.5.12)
• Added new high security features as part of PCI DSS HS module including:
  • Data wiping (sanitization) (PCI DSS 9.10.2)
  • Removal of old data automatically (PCI DSS 3.1)
  • Removal of or disabling of inactive accounts (PCI DSS 8.5.5)
  • Redirecting HTTP to HTTPS port; previously could only be configured in the registry, is now available in EFT Administrator (PCI DSS 2.2)
  • Forced expiration of user account passwords (PCI DSS 8.5.9)
  • Forced password reset on initial login (PCI DSS 8.5.3)
  • Temporarily lockout users if incorrect login attempts limit is exceeded over a specified time (PCI DSS 8.15.13,14 )
  • Automatically disconnect users after a specified time of inactivity. (PCI DSS 8.5.15)
  • Audit server configuration changes to database (PCI DSS 10.2.2)
  • Audit initialization of auditing & reporting system (PCI DSS 10.2.6)
• Added SSL certificate-based authentication (in addition to certificate + password)
• Added IP filter masking feature at account (user) level
• Added support for importing and authentication of multiple SFTP keys stored in a single key file, association of one or more keys to a user account, and assignment of the same key (or keys) to more than one user account
• Enhanced the Server, Site, New User, and New Connection wizards
• Enhanced one-way encryption applied to all passwords stored in EFT Server’s configuration

August 1, 2007 5.0.1 Build 07.27.2007.1

• Added SHA256 based password hashing to stored passwords
• Added "%SERVER.NODE_NAME%" to Server Context Variables and Condition builder
• Added Event Rule Builder tree line thickening and colorization
• Added missing keyboard accelerator under Security tab
• Added prompt when password-only administrators queue up multiple actions before applying changes
• Added ability to sort by users in Password Management admin GUI
• Enhanced Admin connection SSL failure handling
• Enhanced Local file system copy/move actions are now logged to the CL log file
• Corrected issue where auto-assigned home folders failed when specifying an AD group
• Corrected issue with renaming a group name
• Corrected issue where site administrators could not manage PGP keys
• Corrected issue with offloading files through SFTP protocol
• Corrected issue where users received GlobalSCAPE EFT Server Administrator crash report after reboot
• Corrected issue where users were not able to offload to TitanFTP using SFTP protocol
• Corrected issue where Connect to TE button was not available after clicking disconnect from TE
• Corrected issue with bandwidth throttle causing FTP upload problems
• Corrected problem with the configuration file being read when NT/AD domains were unavailable
• Corrected Web nag Issue with DMZ Gateway
• Corrected issue where Timer events would execute more often than expected
• Corrected duplicate keyboard accelerator for New User Account Setup wizard
• Corrected issue where retry logic for SFTP offload reported incorrectly after success
• Corrected issue where the server incorrectly returned "Delete selected admin account" prompt
• Corrected issue where NTLM/AD full permissions were required to delete or rename
• Corrected issue where VFS tab displayed two EFT local servers incorrectly
• Corrected issue where "If protocol does equal FTP over TLS" condition could fail
• Corrected problem with "Download file from host" condition incorrectly displaying "Source" and "Destination" fields
• Corrected issue under Server-Administration tab where focus incorrectly switched after GUI refresh
• Corrected issue where Server administrators could delete themselves if logged in with a name that differs from original only in case
• Corrected issue where Settings Level admin could remove/rename inaccessible folders in VFS
• Corrected issue where Server level sub-administrators could alter their own delegations
• Corrected issue where sub administrators could not rename themselves properly
• Corrected problem with Admin management confirmation dialog
• Corrected issue where validation was not handled properly while deleting super-admin account in EFT
• Corrected issue where Site Rename option did not function properly
• Corrected issue where "Apply your changes or refresh settings" dialog box appeared twice
• Corrected issue where User Login Failed event rule did not run when using SFTP with an invalid account
• Corrected issue with ARM losing connection to the SQL database
• Corrected issue where EFT did not detect changes to the users home folder in AD

June 28, 2007 5.0 Build 06.27.2007.2

• Added complex event rule creation supporting multiple actions, simple or compound conditions, else statements and nested logic
• Added ability to clone an existing Event Rule
• Improved Event Rule sorting, displaying, comments, selecting, and tooltips
• Added multiple settings to the offload/download Event Rule action (connection limit, use proxy, retry, - see help file for complete list)
• Added ability to conduct EFT Server offload/download initiated events through the DMZ Gateway
• Added auto-heal, polling, and failure notification feature to the Folder Monitor Event Rule trigger
• Added a new Folder Clean-up Action to remove old files
• Added many more date/time options to the Timer/Scheduler Event Rule trigger
• Added new file events, event types, and conditions to the Event Rule system (see help file for details)
• Added User customizable SFTP Banner Message
• Added SSL cipher selection list and manual specify cipher option
• Added HTTP to HTTPS redirection (enabled from registry – see help file)
• Added option to choose from one or more SSL versions
• Added Password Complexity feature with granular options including min. length, must contain N number of digits, chars, special chars, not in a dictionary forward or backwards, contains username, or has N repeating characters.
• Added multiple levels of Delegated Administration including server admin, site admin, settings level admin, and help desk (change password) admin options. Concurrent administration also supported
• Improved Web Transfer Client functionality – folder transfers, logout, change password, and UTF-8 encoding support
• Added alpha sort to Administrative GUI interface
• Added type-ahead functionality to Administrative GUI interface
• Added custom user fields to Administrative GUI and COM
• Added new LDAP advanced settings – page size, referral chasing, LDAP version choice, timeout, search scope, use server page control, and select attributes
• Added LDAP and Active Directory Test Query function for authentication troubleshooting
• Expanded COM API to include more methods and properties (see help file for complete list)
• Corrected issue IBM z/OS 1.7 using SSL explicit connections
• Corrected issue with setup wizard “create home folder” checkbox not taking precedence over default settings
• Corrected issue with OnTimer events not triggering as scheduled
• Corrected issue where EFT field character limits were shorter than Active Directory limits
• Added 8bitmime support to SMTP
• Corrected issue where DMZ required a manual restart on IP Access table changes
• Corrected issue where DMZ internal communications were not always over EFT Servers Home IP
• Corrected issue with certain SFTP clients where file resume did not always work
• Removed prompt from VFS when deleting last selected item under Server tab
• Corrected timeout issue with specific On Service Start/Stop event rules
• Corrected issue where site administrators received operation errors under specific configurations
• Corrected problem with ampersand character flagging an email address as invalid
• Corrected issue with Timer Rule events improperly handling files with no extension
• Corrected issue where the server engine was not properly handling daylight savings time
• Corrected problem with Active Directory authentication when pulling from Universal Groups that contain empty global groups
• Corrected DMZ issue with irregular PORT reply in multiple IP environments
• Corrected hanging issue in SMTP code
• Corrected issue where specific changes to the ACL returned a 530 error to the user
• Corrected issue where login failure email notifications did not occur under specific conditions
• Corrected improper quota handling under HTTP/S protocols
• Corrected File Integrity Check issue with Web Transfer Client and large files over HTTPS

April 17, 2007 4.3.4 Build 04.16.2007.2

• Corrected Daylight Savings Time (DST) problem in recurring Timer Events where the server overcompensated for DST changes
• Corrected issue with Event Rule's "Download" action causing files to be downloaded as folders when the file lacked an extension
• Corrected problem with the EFT Web Transfer Client (WTC) hosted under the latest version of the Java (1.6) Runtime Environment
• Corrected a minor security vulnerability (denial of service) when negotiating the data channel for PASSIVE mode transfers in the FTP protocol through the GlobalSCAPE DMZ Gateway product

January 30, 2007 4.3.3 Build 01.30.2007.1

• Corrected problem with user level permissions using Active Directory authentication
• Corrected issue with home folder quota calculation over HTTPS connections
• Corrected issue with On Timer event logic and daylight savings time
• Added permissions checking logic to basic HTML interface for Active Directory authentication
• Corrected issue where HTTP engine reported incorrect port to logging
• Fixed response parsing for SSH_FX_STAT command
• Added error handling for Event Rule SFTP downloads using Public Key Authentication
• Fixed refresh issue with the SSL Certificate Manager interface
• Modified MLST command for RFC compliance
• Added AES-128 option for SFTP connections
• Corrected issue with ARM registration messages
• Corrected problem with DMZ Gateway alternating between connected and disconnected states
• Corrected problem with reports not generating when clicking on another report while generating an existing one
• Fixed crash caused by logging in with wrong administrative password
• Fixed crash caused by internal integrity checks when external software modifies the server executable
• Corrected problem with event rule "stop processing" action not being respected

November 8, 2006 4.3.2 Build 11.07.2006.1

• Added auditing module fail-over logic and notification handling
• Added support for Active Directory Universal Groups
• Added double-click report launching
• Added mechanism to cancel in-progress reports from loading
• Added logic to distinguish between a user-disabled vs. system disabled folder monitor due to a severed UNC resource connection
• Added ability for LDAP accounts to authenticate against the LDAP server on demand
• Added checks to gracefully decline encryption and decryption of files larger than 2GB
• Corrected issue where renaming reports could cause the reports to stop working
• Removed internal overhead from Operational Failures report
• Corrected issue where HTTP/S passwords were not being audited
• Installation will no longer proceed without creation of ARM database password
• MSDE installation size is reported correctly during installation
• Corrected problem where trial serial numbers were not remembered under certain conditions
• Corrected truncation problem with renaming files on OpenSSH servers
• Corrected problem with performing MLST/MSLD listings on files larger than 2GB
• Corrected problem with Web Transfer Client CRC checking of large files transmitted over HTTP/S
• Corrected problem where the server returned errors over SFTP when resuming transfer

August 1, 2006 4.3 Build 08.01.2006.1

• Added Auditing and Reporting Module (ARM)
• Added support for wildcards "*" and "?" for physical FTP directory listings
• Added ability to define proxy settings through the registry for Copy/Move (outbound) and download (inbound) Event Rule actions

June 28, 2006 4.2 Build 06.27.2006 1

• Added the ability to delete the source file after a successful download operation as part of the event rule download action
• Optimized EFT’s handling of configuration data to support many thousands of event rules
• Optimized IP Access list so that IPs are shown in sequential order
• Optimized HTML listing to support RFC 1738 guidelines for “special” characters (sec. 2.2)
• Optimized quota checker to automatically refresh used disk space value
• Corrected problem with e-mail notification action message formatting
• Corrected problem with stability when transferring huge amounts of data over SFTP protocol from the DMZ Gateway to EFT Server
• Corrected problem where LDAP authentication failed if base DN was not pointing to an OU just below the O
• Corrected %FS.VIRTUAL_PATH% context variable for SFTP transactions to be consistent with values shown when other protocols are used
• Corrected problem where offload return codes showed as “failed” even if the transfer was successful
• Corrected problem where offloading a large file would lockup inbound connections to the server
• Corrected problem with OpenPGP key importing that would cause the keyring to become corrupted
• Corrected problem with folder monitor event where if a change was made to the event it would not process the change until the server was restarted
• Corrected problem with timer event rule sometimes failing to execute
• Corrected problem with folder monitor event rule sometimes failing to trigger when files were added to the folder using FTP

June 5, 2006 4.1.1 Build 06.02.2006.4

• Corrected problem with configuration file message size limits that would prevent the addition of event rules once a large amount of rules were present.
• Corrected problem with the email action editor dialog to avoid improper CR/LF handling and incorrect display.

May 24, 2006  4.1 Build 05.24.2006.2

• Enhanced the Monitor Folder rule sub-system so that multiple folder monitor rules could execute actions concurrently.
• Enhanced COM Admin Interface by adding methods for GetAppletEnabled and SetAppletEnabled under ICIClientSettings Interface.
• Enhanced the "Append" permission in the VFS to apply to all protocols, not just the "APPE" command in FTP.
• Enhanced the product's Event Rule command error logging to output failed command parameters to CMDOUT.LOG.
• Enhanced logging to hide passwords for failed logins, rather than show incorrect passwords in plain text.
• Enhanced Web Transfer Client performance through various internal optimizations.
• Enhanced FTP Protocol to support a new command "XNOP" to avoid command channel timeouts during long transfers. XNOP is returned as part of the FEAT response so that clients can that support XNOP can take advantage of this command.
• Corrected SMTP engine to be compliant with RFC 2821 (Simple Mail Transfer Protocol) for end-of-line character sequences.
• Corrected issue where adding a slash "/" to the path value in the copy/move action would prevent copy/move from offloading data.
• Corrected loss of NT/AD user settings after service restart where the network was unavailable
• Corrected a problem where the port conflict message would appear inappropriately
• Corrected Web Transfer Client performance issue when attempting to open a folder containing thousands of files.
• Corrected problem where addition of new event rules would fail when the size of the event rule configuration grew beyond 32KB.
• Corrected fault when the event rules list was altered while multiple uploads were occurring that caused event rules to fire.
• Corrected problem with the "Require certificates from connected clients" feature incorrectly applying to more than one site.
• Corrected authentication problem with users connecting via SFTP using AD with password-based authentication.
• Corrected problem with File Upload Failed notification action not being triggered.
• Corrected problem with Event Rule parameter %FS.FILE_NAME% not being populated when a file was removed from monitored folder.
• Corrected listing issue with NLST (ls) being unable to produce a directory listing when connecting via PORT mode over the DMZ Gateway.
• Corrected problem with Event Rules triggering a command that failed causing other Event Rules to stop working.
• Corrected issue with Event Rules "If Failed" action being executed even when it was unchecked after having been previously checked.
• Corrected problem with "Monitor Folder" Event Rule that caused EFT Server to stop processing more rules after a period of time.
• Corrected issue with resumed uploads of 0 bytes causing an "On Upload" even to fire.
• Corrected problem with VFS when usernames with an underscore caused groups with similar names not to appear in the VFS user list.
• Corrected internal thread synchronization problem that sporadically caused EFT’s service to stop and EASServer.exe to go into a non-responding mode.
• Corrected problem where NT Auth users were not able to login using logon name i.e (Domain\Username) over sftp protocol on the first attempt.
• Corrected crash when EFT Server was behind an Alteon switch.
• Corrected problem where, under certain upgrade paths, all OpenPGP keys created in the prior build displayed a key size of 1024 (affected only the display of this value).
• Corrected issue with users being duplicated after successful connection with different login credentials such as('Domain\Username') for the same user.
• Corrected HTTP such that the realm value shown to connecting HTTP clients when authenticating does not show the internal address.
• Corrected EFT Server service crash when connecting to AD/NTLM site with an invalid username.
• Corrected a problem where the home folder setting at the user's settings level was not always being used to set the home folder for a new user.
• Corrected problem with SFTP Public Key Authentication (PKA) for the Download action of Event Rules that prevented connection to remote SFTP servers.
• Corrected a display issue in the DMZ Gateway where it was showing a negative number of active connections.
• Corrected problem where users were unable to connect to EFT Server using .NET 2.0 Framework FTP object.

February 16, 2006 4.0.11 Build 02.16.2006

• Corrected limitation to the amount of event rules that could be created
• Added capability to authenticate using e-mail aliases in Active Directory (requires registry tweak - contact support for instructions if you desire to use this auth method.)
• Corrected a problem where decrypting a file from a Monitor Folder operation could result in a deleted file
• Disabled a keyboard shortcut resulting in GUI Administrator close when Enter pressed
• Corrected registration information displayed in the Help About box after activation
• Corrected a problem where the Create Certificate command not functioning when a certain combination of options enabled.
• Corrected OpenPGP key expiration logic
• Corrected presentation of certain menus so they would only appear in the right context
• Corrected PGPv9 and GnuPGP migration issues
• Corrected VFS rename issue that resulted in undesired creation of new folder
• Corrected wrong context variable for "local port," "Home IP," and other variables for certain event rule actions
• Corrected event rule trigger for https protocol operations when the User Quota Exceeded is used
• Corrected "Use Mode Z Compression" toggle under settings so that it can be unchecked
• Corrected a minor AD authentication issue with DOMAIN/username sequence
• Corrected fringe crash when deleting groups created under certain conditions
• Corrected fringe crash when going through a particular menu selection sequence
• Corrected an upgrade incompatibility when upgrading from EFT 4.0.5 to 4.0.11
• Corrected security problem where blank usernames could be utilized for admin login IDs
• Corrected file removal issue under certain fringe conditions
• Corrected problem with multiple e-mail notifications being sent under certain event rule triggers
• Corrected minor toolbar icon, typos, incorrect prompts, and other small UI issues
• Corrected Web Transfer Client folder naming issue when escape codes or brackets were used as part of the folder name

January 11, 2006 4.0.10 Build 01.11.2006

• Corrected DMZ Gateway port management for Active Mode FTP connections
• Corrected COM interface marshaling problem in Monitor Folder event that caused OpenPGP operations to fail
• Improved Custom On Timer event to allow hour ranges greater than 24 hours
• Improved Folder Monitor event rule so that file system context variables are updated to new filenames after OpenPGP operations
• Improved wildcard operations (OpenPGP, Move/Copy) so that they do not operate on FOLDERS, only FILES
• Added context variable placeholders to the OpenPGP Action dialog for Monitor Folder event
• Corrected issue with encryption of folders when *.or is used

January 5, 2006 4.0.9 Build 01.05.2006

• Improved thread synchronization of OpenPGP library operations
• Added mechanism to API interface to optionally remove folder inheritance
• Added mechanism to API interface for LDAP site creation
• Corrected error that could cause service crash when passing parameters to custom commands
• Corrected Web Transfer Client registration status information
• Corrected DMZ Gateway to properly close ports when connection is closed
• Corrected LDAP Authentication provider to disallow blank passwords on account verification
• Improvements to Web Transfer Client visualization
• Improvements to Web Transfer Client operation on non-Internet Explorer browsers
• Improvements to performance on OS X 10.4+. The EFT Web Client requires OS X 10.4 or better.
• Encryption of large files over applet uploads now functions as expected.

December 8, 2005 4.0.8 Build 12.08.2005.2

• Updated OpenPGP Libraries to support AES cipher
• Improved cookie handling for Web Transfer Client to avoid inactive timeout failures
• Added manual resume transfer operation for Web Transfer Client
• Added memory mechanism for last remote folder location for Web Transfer Client
• Fixed CRC validation issues in Web Transfer Client, including proper impersonation of user account for NT/AD site
• Fixed issue with SFTP file operations when user home folder is set as root folder
• Fixed issue where stop & start service caused user SSH keys to be forgotten
• Fixed issue with ON TIMER event that caused the timer to stop operating when action failed
• Updated Web Transfer Client interface for improved Transfer Queue layout
• Added "Passive Mode IP Address" feature to DMZ Gateway Server to better handle use behind NAT
• Added "pong" response to EFT Server "ping" message sent to DMZ Gateway Server to keep Peer Notification Channel alive
• Fixed issue where DMZ Gateway server incorrectly fragmented FTP responses to client

November 9, 2005 4.0.6 Build 11.09.2005

• Fixed wildcard support for OpenPGP and MOVE/COPY file actions in event rules
• Fixed issue when EFT "Block site to site transfers" restriction failed to account for PASV commands coming through the DMZ Gateway
• Fixed instability issue from setting up IP Access on EFT while using DMZ
• Users without list permission now receive the HTTP/S default page instead of a 403 error
• Added captions to web transfer client buttons
• Added disable CRC check option to Web transfer client
• Added MOVE and COPY feature to the web transfer client
• Added auto-resume functionality in the web transfer client
• Improved logic for automatically adding quotes to parameters used in Custom Commands via Event Rules

September 23, 2005 4.0.5 Build 09.20.2005

• Event rule processing modified to process download, move, and decrypt actions together for On Timer event rules.
• Corrected event rule processing so a successful Copy/Move action does not trigger "If action FAILED then" notification email.
• Improved display of Trial registration “Evaluation days left” immediately after registration message is received.
• Corrected version EFT 3.5.1 upgrade issue where On File Download event rule gets renamed to File Rename
• Corrected error when modifying user VFS permissions then selecting Refresh.
• Corrected "Enable time out" option to properly disconnect SFTP sessions.
• Improved resuming SFTP uploads when user's home folder is treated as default root.

September 6, 2005 4.0.4 Build 09.06.2005

• Improved reporting of Event Rule variables currently being displayed as N/A
• Corrected manual registration emails addresses
• Improved Web Transfer Client functionality by eliminating double login
• Improved Event Rule logic so Download Fail events are not processed when loading the Web Transfer Client
• Implemented "keep alive" message between EFT Server and DMZ Gateway to avoid network devices closing inactive peer notification channels

July 29, 2005 4.0.3 Build 07.29.2005

• Signed EFT Web Transfer Client files so the certificate is shown as trusted

July 27, 2005 4.0.2 Build 07.27.2005

• Added loading indicator to web transfer client
• Improved security during first install of web transfer client Java applet (changed Java HTTP link to HTTPS when connected via HTTPS)
• Added workaround prompt for attempts to use the web transfer client when Java has not been installed and when authenticating through a proxy
• Improved use of the event rule timer control
• Improved reporting of 404 errors when performing data integrity checks through the web transfer client
• Corrected an error when restarting the EFT Server service using remote administration
• Removed "or subnet" text from IP restriction dialog to clarify use
• Corrected error with cmdout.log not being created or written to file
• Added more branding options to for the deployable web transfer client

July 15, 2005 4.0.1 Build 07.15.2005

• Enhanced communication between EFT and Gateway
• Corrected problem with OpenPGP encryption/decryption speed

July 7, 2005 4.0 Build 07.07.2005

• Added support for DMZ Gateway product for secure transactions across firewall
  boundaries with no inbound holes in firewall required
• Improved Event Rules functionality though addition of "on failed" events, event reordering
• Added ability to monitor a folder for change and execute an event action upon change 
• Add a timer based download action for retrieving files from remote inboxes
• Added streaming repository encryption
• Added MODE Z support with ZLIB compression engine
• Added support to choose SSL versions allowed for secure session (over FTPS and HTTP/S)
• Added support for capturing and displaying connection-activity in real-time
• Improved logging information and provided option for "Standard" and "Verbose" logging
• Added support to limit the number of total concurrent user logins
• Improved Web Transfer Client load times

June 14, 2005 3.5.1 Build 06.14.2005.1

• Signed jar files added with official certification for EFT Web Transfer Client
• Fixed COM connection corrected
• Corrected HTTP/S Upload error from other clients

June 13, 2005 3.5.0 Build 06.13.2005.1

• Added LDAP authentication support (LDAP Auth Manager)
• Added data integrity support (CRC32) for EFT Web Transfer Client
• Corrected event rule locked-file errors for HTTP/S form-based file uploads
• Corrected browser refresh (F5) issue with expired Web Transfer Client sessions.

May 19, 2005 3.4.0 Build 05.19.2005.1

• Added wildcard support for OpenPGP and MOVE/COPY actions in event rules
• Added OpenPGP encrypt/decrypt/sign to OnLogout Event for improved "batch processing"
• Modified "Default Settings Level" to have "max connections per user" and "max connections from same IP" to be UNLIMITED, not 10
• Corrected Web Transfer Client license count validation on server startup
• Corrected issue causing HTTP/S to improperly return "503 Service Unavailable" messages to clients under certain conditions
• Corrected issue with COM Admin improperly set site values, causing unpredictable behavior

May 3, 2005 3.3.0 Build 05.03.2005.1

• Added EFT Web Transfer Client
• Corrected parent path issue in HTTP/S
• Corrected NTLM/AD impersonation issues in HTTP/S
• Corrected file locking problems that caused some files to not appear after uploads when a user home folder was specified to be the root folder.
• Improved COM interface error reporting by implementing ISupportErrorInfo interface
• Updated registration mechanism such that successful registration automatically restarts the service to bring new registration values into effect.

April 4, 2005 3.2.0 Build 04.04.2005.3

• Added FORM-based file upload feature
• Corrected issue so bandwidth limits are now honored by SFTP, HTTP/S
• Corrected issue so disk quotas now honored by SFTP, HTTP/S
• Corrected issue so transfer quotas now honored by SFTP, HTTP/S
• Corrected issue so SSH transfers record file sizes
• Corrected issue so all IP addresses are recognized on multi-homed Win2K3 box
• Corrected issue so logging records the server port number
• Corrected issue for PUT method failing for some uploads: returns "400 Bad Request"
• Corrected issue with right-click editing multiple docs
• Corrected issue in some instances where On File Upload events not triggered when using SFTP
• Corrected issue where some Event Rules did not release handles correctly

March 21, 2005 3.1.0

• Added Username/Password Replacement Variables for MOVE/COPY Event Rule Action
• Added Admin Delegation
• Added support for *nix "shadow" password file formats
• Added support for password creation with special characters

Jan 4, 2005 3.0.1

• Corrected issue with COM Interface communicating with Service
• Updated internal account management logic to support large (30,000+) number of users in authentication store
• Corrected HTTP(S) authentication against domain controller so that domain name is not required as part of username (DOMAIN\username)

Nov 17, 2004 3.0

• Initial Release