EFT Arcus

Back

CHANGE LOG

EFT Arcus v7.4.14

•    Updated EFT to latest OpenSSL and OpenSSH versions
•    Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols
•    Updated Web Transfer Client login page and localization features
•    Automatically encrypt/decrypt data at rest using EFT-managed AES-256 symmetric encryption
              - EncryptedFolders=TRACE added to logging.cfg
              - Allow override of the default key passcode via advanced properties
•    Added support for Just-in-Time (JIT) provisioning for SAML-initiated logins (EFT Enterprise only)
•    Added a User Account Action to allow administrators to automate changes to user accounts (e.g., disable, delete, etc.)
•    Added ability for user to log in with existing EFT account instead of creating a new account after receiving invitation to pick up a file
•    Enhanced usability during initial account registration and change password requests by showing password complexity requirements
•    Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)
•    Added ability to enable HSTS when HTTPS is enabled, independent of the Redirecting HTTP to HTTPS feature
 

7.4.12

WTC/Workspaces Enhancements

  • Added ability to send emails to 20 addresses at once from Workspaces (previously was 10 emails)
  • Added ability to download entire folder structures (as a ZIP)
  • Added ability to move folders in WTC
  • Added a broken transfers warning in WTC
  • Added ability to display full name rather than login name in WTC.

LDAP changes:

  • Allow user lookup in LDAP directory service for SAML and Workspaces logins
  • Map LDAP users to a Settings Template

SSL/SFTP:

  • Updated SSL library to OpenSSL v1.0.2p
  • Updated SFTP FIPS libary to meet current FIPS compliance standards
  • Improved SFTP logging to capture algorithms used

 

Added ability to ignore or enforce the SAML Assertion Signature or SAML Message Signature

Added support for IdP-initiated SAML SSO login

Added the ability to enable/disable RSA SecurID and RADIUS two-factor authentication for Active Directory (internal) users. The account configured in EFT must match the user account on the RSA server. Whatever the user provides to log in to EFT is sent to the RSA server. (Refer to the article at https://kb.globalscape.com/KnowledgebaseArticle11267.aspx for details of changing the challenge text in the dialog box that appears.)

Allow multi-part sequential transfers from the cloud

Added ability to capture the reason for a manual IP ban for remote administration access

Added ability to add context variables and values to web services XML response

Added ability to calculate disk quota for "never logged in" users and/or for disabled users

Removed/hid user disk quota from administration interface

Added ability to specify a whitelist of additional domains and IPs to accept in host header

Added ability to specify Content Security Policy to pass security web scans

Added ability to disallow (Shut Off) Basic Authentication for HTTPS

Added ability to specify HSTS max age

In the Download Action, added option to treat as successful when downloading (FTP, SFTP, and HTTPS) from a remote server and one or more files are missing

Added ability to import/export XML files of Event Rules with password used in the Event Rules

Added "if action FAILED then" logic to Send notification email Action so that the administrator can specify what should happen if the Send notification email Action fails (e.g., stop processing the rule)

AS2 changes:

  • Updated AS2 Signature and Encryption Algorithms for inbound transactions
  • Added custom header support in AS2 Send File dialog box and AS2 Outbound Parameters.
  • Updated AS2 library to the EDI integrator 2016 component
  • Updated signature and MDN algorithms; EFT will use sha-256 for new AS2 connections going forward and use sha1 for existing AS2 connections that have already been defined
  • Added ability to allow asynchronous MDN notifications to process properly in any node in HA cluster
  • Added support for GZIP payloads for MDN responses
  • Added support for specifying MDN signing algorithm (MIC) for inbound transactions

 

Added ability to specify custom headers for outbound transfers

Added ability to specify which signature algorithms to allow for inbound transfers

Added ability to specify which encryption algorithms to allow for inbound transfers

Added ability to specify which signature algorithms to allow for outbound transfers

Added ability to specify which encryption algorithms to allow for outbound transfers

7.4.8

Additions

Admin GUI

  • High Security Module (HSM) is now Advanced Security Module (ASM) in EFT Enterprise Outlook Add-in
  • OAI now provides a Secure Message Delivery Option
  • Microsoft Outlook Digital Signature is now supported with EFT OAI
  • Microsoft Outlook Encryption is now supported with EFT OAI

Remote Agent

  • Agent/Account coexistence
    • Agents can be created on same site as standard user account
  • New Diffie-Hellman key exchange security between EFT and Remote Agent
  • Remote Agents will now auto-update when required
  • Shorter update intervals (real-time (every 15 seconds), once a minute, every 5 minutes, every 30 minutes)
  • New options for when an agent fails
  • System environment variables in remote agent rules
  • Remote Agent Condition for relevant File System triggers in event rules
  • “Run on links” option has been removed when you create remote agent rules
  • Agents can now perform client transfers to any server you designate, rather than only back to the home EFT Server

Workspaces

  • EFT Admins can now enable/disable the Reply portal
  • Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled
  • EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal
  • Request file options will now provide ability to require authentication
  • EFT Email recipients can now access the reply/reply all page from the pickup portal
  • Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha
  • Workspace invites are now restricted to whitelisted domains (if configured)
  • EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace
    • The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share
  • EFT will now restrict guests to their shared workspace
    • External users will no longer be granted by default a home folder of their own
  • Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account

WTC

  • Add Spanish language to WTC
  • Rebranding of the WTC including all portals

Remote Agent

  • Certificate creation for a RAM template is no longer required when configuring a new Remote Agent Enhancements

Workspaces

  • Increased Workspace trial license count to 100 seats
  • EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating
  • Improved the account registration and verification process
    • After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace

Security

  • Support strong KEX algorithms for Incoming SFTP
    • diffie-hellman-group16-sha512
    • diffie-hellman-group14-sha256
    • diffie-hellman-group-exchange-sha256
    • diffie-hellman-group14-sha1
    • diffie-hellman-group-exchange-sha1
    • diffie-hellman-group1-sha1

Event Rules

  • Ensure S3 regions list is up-to-date

Remote Agent

  • Changed from “Active’ to “Enrolled” in the agent status list

Logging

  • Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors

Fixes

ARM

  • Web Service – Invoke Event Rules (Detailed) report no longer returns data
  • Outlook Send Report column (Recipient) is not populating
  • PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint

EFT Auth

  • Admin console is hanging when login and also when trying to clone rules
  • Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth
  • Passwords not syncing with EFT AD site
  • Service hang - users can't connect
  • EFT Memory is growing gradually
  • Anonymous authentication bug since 7.3.3.21
  • Service crashing intermittently
  • After upgrade and applying hotfix, Permission groups no longer present
  • GUI Crashes with new ODBC site when creating new user

Event Rules

  • EFT Event Action S3 region list is incomplete
  • EFT S3 Region list is outdated
  • Browse Remote File System causes Error and GUI Crash
  • Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently
  • When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination
  • Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6
  • ER: An unencrypted user password can be written to WEL when using User Event Rules
  • Event Rule: The reason for not being able to delete a file (move) is not provided to the user
  • EFT’s copy/move does not appear to honor the “Retries” value
  • EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4
  • Source file name.ext not pre-populating in the source field after clicking OK
  • Source file name.ext not pre-populating in the source field after double clicking
  • UI does not refresh after deleting an Event Rule
  • File/Folder actions leak handle
  • Scheduled event rule not running at expected scheduled times after 12am

Connection Profiles

  • Connection Profile – Connection Details form disappears when the admin user hits the enter Key HTTP
  • HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods

Logging

  • Folder monitor override credentials being used when writing to log file

Outlook Add-in

  • EFT - Can't delete a file because Outlook is accessing it

PCI

  • PCI Invalid logins differ at the site and server level

Remote Agent

  • EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate

Settings window

  • Remote Agent Service executable has bad description
  • Agent Install URL returns 404 for HA installations
  • Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template
  • Remote Agent Template window, tab order not going left to right, top to bottom
  • Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."
  • Remote Agent Template can be selected for new administrator accounts

SFTP

  • SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled
  • SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia

Server

  • ClientFTP: CSocksSocket checks timeout wrong
  • Listing fails on remote server in EFT, but not Filezilla

SMTP

  • SMTP to Exchange fails with TLS 1.1 and 1.2

Status Viewer

  • EFT Admin: Status screen is not refreshing statistics

VFS

  • Cannot remove "All Users" group from a folder in VFS
  • Unable to configure streaming repository encryption when site root is a share
  • Show VFS home folder then setting permissions is broken again
  • VFS manipulation is slow

Workspaces

  • Refresh required when an unacceptable character is entered in Maximum message size
  • Banned file types appear to be sent from Drop-off and Send Portal
  • User isn't routed to the workspace (shared) folder upon login to WTC
  • Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending
  • Selected user background turns from 'blue' to 'gray' after the action
  • OAI body message is not visible when accessing the contents via WTC
  • Workspaces license limit email is being sent incorrectly
  • Workspaces guest template defaults to allow creation of workspaces
  • Http/1.1 404 Object Not Found error when clicking on Workspace link from email

WTC

  • Customizations.js executing before the UI is rendered, preventing customizations to the WTC
  • WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers
  • Embedded link downloads no longer working as of 7.4.x
  • WTC translation does not persist after clicking request file option
  • WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users

March 30th, 2018

7.4.6.2 Release Notes

Additions:

Advanced Workflow Engine (AWE):

  • Added support for Advanced Workflow Engine v10

Event Rules:

  • Added ability to monitor and act upon AWS S3 storage activity
  • Added ability to monitor and act upon Azure blob storage activity
  • Added Content Variable: %CLOUD.OBJ_KEY_NAME% = Exact object name, e.g. 4my$-organization, or my.great_photos-2014/jan/myvacation.jpg
  • Added Content Variable: %CLOUD.OBJ_META_DATE% = The object's date from its metadata
  • Added Content Variable: %CLOUD.OBJ_META_CONTENT_LENGTH% = The object's size in bytes
  • Added Content Variable: %CLOUD.OBJ_META_LAST_MODIFIED% = The object’s creation date or the last modified date, whichever is the latest.
  • Added Content Variable: %CLOUD.OBJ_META_CONTENT_MD5% = The base64-encoded 128-bit MD5 digest of the object.
  • Added Content Variable: %CLOUD.OBJ_META_VERSION_ID% = From x-amz-version-id, which is the object version.
  •  

AWS-specific enhancements:

  • High Availability (HA)
    • Added support for HA Unicast communication
  • Protocols – HTTP/S
    • Added support for X-Forwarded-For header
    • Added support for X-Forwarded-Port header
    • Added support for X-Forwarded-Proto header

Fixes:

Remote Agent Module

  • Corrected scenario of partial rule update if update package exceeded 65KB
7.4.6.2

Additions:

Advanced Workflow Engine (AWE):

  • Added support for Advanced Workflow Engine v10

Event Rules:

  • Added ability to monitor and act upon AWS S3 storage activity
  • Added ability to monitor and act upon Azure blob storage activity
  • Added Content Variable: %CLOUD.OBJ_KEY_NAME% = Exact object name, e.g. 4my$-organization, or my.great_photos-2014/jan/myvacation.jpg
  • Added Content Variable: %CLOUD.OBJ_META_DATE% = The object's date from its metadata
  • Added Content Variable: %CLOUD.OBJ_META_CONTENT_LENGTH% = The object's size in bytes
  • Added Content Variable: %CLOUD.OBJ_META_LAST_MODIFIED% = The object’s creation date or the last modified date, whichever is the latest.
  • Added Content Variable: %CLOUD.OBJ_META_CONTENT_MD5% = The base64-encoded 128-bit MD5 digest of the object.
  • Added Content Variable: %CLOUD.OBJ_META_VERSION_ID% = From x-amz-version-id, which is the object version.
  •  

AWS-specific enhancements:

  • High Availability (HA)
    • Added support for HA Unicast communication
  • Protocols – HTTP/S
    • Added support for X-Forwarded-For header
    • Added support for X-Forwarded-Port header
    • Added support for X-Forwarded-Proto header

Fixes:

Remote Agent Module

  • Corrected scenario of partial rule update if update package exceeded 65KB