Back

EFT Enterprise support

Online Resources
Online Resources
Upgrading from Previous Version

Upgrade to the current version and try new modules for free for 30 days. At the end of the free trial, if you decide to activate the new modules, contact the Customer Service Team for a new license.

Before upgrading, contact the Customer Service Team to obtain a new registration serial number or to determine your eligibility for an upgrade.

It is extremely important that you follow the upgrade instructions.

Version
Change Logs
Current Version
EFT Enterprise v 8.0.0.38

EFT Administration Changes

Added functionality

  • The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)
  • EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)
  • The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)
  • Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)
  • A separate control the Request File page/portal URL (TFS 371245)
  • REST endpoints have been added to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)
  • A complete manifest of commonly asked for tech support data can now be generated from the administration interface Help menu (TFS 372341)
  • A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)
  • SAML assertion map attribute to email field (TFS 369964)
  • Updated the Amazon S3 Region list (TFS 373493)

Modified functionality

  • EFT’s configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)
  • EFT now accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).
  • Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)
  • SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)
  • Each site has its own set of SSH keys
  • Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db
  • The SSH creation and management GUIs were changed accordingly
  • OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)
  • Workspaces tabs have been consolidated into the Site > Web tab
  • AD Authentication into the EFT Admin GUI is no longer dependent on the ASM (Advanced Security Module) and is now part of core EFT (TFS 361153)
  • The Advanced Workflow variable UI is now resizable (TFS 369372)
  • The SSH Key Manager UI is now resizable (TFS 369372)
  • EFT now re-uses the LDAP search timeout for LDAP auth timeout (TFS 371476)
  • AML files are no longer available as of this version (only on the sample files); however EFT provides the ability to export Advanced Workflows, either one at a time or all at once (TFS 371719)
  • The DMZ Gateway connection orientation behavior was extended to AD Sites, whereas before it was limited to LDAP (TFS 367515)
  • Updated OpenPGP library (TFS 370232)
  • Updated OpenSSL to 1.0.2t (TFS 367828)
  • Updated OpenSSH to 8.1.0.0 (TFS 365876)
  • Updated jquery to version 3.4.1 on the WTC login page (TFS 372869)
  • On new EFT install only TLS 1.2 protocol is enabled by default (TFS 373431)

Removed functionality

  • As part of the flexibility to ease the migration of an EFT, the configuration path field in the administration interface is read-only (TFS 368290)
  • User email control is no longer displayed on General page; this change is related GDPR (TFS 362046)
  • Restoring configuration from previous versions of EFT are not allowed. EFT only supports restoration from the same version of EFT, which was always the intent for the backup and restore feature. (TFS 369567)
  • EFT’s log file will no longer report default configuration override values (those can be obtained from the online help file) and instead will only report those values that have been modified from their defaults.

Updated counter names: Server-Level Counters (TFS 361733)

  • Number of Sites to Sites
  • ARM queue size ARM Queue Size
  • ConnectedAdminCount Admin Sessions
  • WorkspacesLicensesAvailable Workspaces Licenses Available
  • WorkspacesNormalLicensesUsed Workspaces Licenses Assigned
  • WorkspacesDropoffLicensesused Workspaces Drop-offs (this is now under the Site Counters)

Updated counter names Site-Level Counters (TFS 361733)

  • Number of Clients User Accounts
  • ConnectedUserCount User Sessions
  • ActiveServerUploadCount User Uploads
  • ActiveServerUploadBytesPerSecond User Upload Bytes /sec
  • ActiveServerDownloadCount User Downloads
  • ActiveServerDownloadBytesPerSecond User Download Bytes /sec
  • Number of running event rules Event Rules Triggered
  • Number of running Upload Actions Event Rules Running Upload Actions
  • Number of running Download Actions Event Rules Running Download Actions
  • Number of running Cloud Upload Actions Event Rules Running Cloud Upload Actions
  • Number of running Cloud Download Actions Event Rules Running Cloud Download Actions
  • Number of running AWE Actions Event Rule Running AWE Tasks
  • Size of AWE Actions queue Event Rules Size of AWE Actions Queue
  • ActiveClientUploadCount Event Rules Client Uploads
  • ActiveClientUploadBytesPerSecond Event Rules Client Upload Bytes /sec
  • ActiveClientDownloadCount Event Rules Client Downloads
  • ActiveClientDownloadBytesPerSecond Event Rules Client Download Bytes /sec

New Server-Level Counters (TFS 361733)

  • Sites Started – subset of defined sites that are actively listening for connections, updated infrequently.
  • Sites Enabled – number of sites currently in an enabled state
  • ARM Stalled Audit Events – number of audit events delayed for longer than ARMLogStalledThreadMinDuration, which by default is set t1 (one) second
  • Admin Accounts – number of administrator accounts defined for this server
  • Admin Accounts Locked Out - number of administrator accounts currently and temporarily locked out of the server

New Site-Level Counters

  • User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users
  • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections
  • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator
  • Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32
  • Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory
  • Templates – number of templates defined for this site. Updated infrequently
  • User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently
  • User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently
  • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator
  • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections
  • User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users
  • Workspaces Drop-offs  number of drop-off requests active and not expired
  • Workspaces File Sends – number of file send operations that are active and have not yet expired
  • Workspaces Folders Shared – number of folder shares that are active and have not yet expired

Advanced Properties

Added functionality

  • To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)
  • To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)
  • To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)
  • To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)
  • To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem  (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)
  • To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)
  • To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)
  • To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)
  • To specify the recurrence strategy for cleaning up workspaces:  0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)
  • To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)
  • To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)
  • Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)
  • Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)
  • Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)
  • Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)
  • Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)
  • Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)
  • Updated advanced property tallow setting the disk quota value t0 (zero) so that the quota is rechecked on every login (DiskQuotaBaselineCalculationFrequencyInDays) (TFS 368628)
  • To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)
  • To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)
  • To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)
  • To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey).  (TFS 370232)
  • To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)
  • To disable cache for DN Type in Active Directory sites (TFS 367876)

Added to skip auditing of

  • Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)
  • Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)
  • Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)
  • Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);
  • Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)
  • Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)
  • Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)
  • RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)
  • User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)
  • All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)
  • ‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)
  • Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete
  • Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)

Modified Functionality

  • (DiskQuotaBaselineCalculationFrequencyInDays) now has a minimum value of 0, when set EFT will recheck the quota on every login. (TFS 368628)
  • (FolderMonitorWorkerThreadCount) default value has increased from 32 t64
  • (ARMQueueSize) default value has increased from 1000 t10000. (TFS 370453)
  • (EnableLogging) is now renamed to (ClientFTPOverrideLogging). (TFS 373030)

Removed Functionality

  • (DisplayUserFullNameInJument) is no longer available as an advanced property; this has been replaced with the new WTC page on which the user’s login name is displayed. (TFS 366503)
  • (MinimalAuditingForInvalidConnections) is no longer available as this has been replaced with (AutoDenyLoginAttemptswithSpecificUsernames). (TFS 366513)
  • (EnableODBCSettingsLevelField) is no longer available, this was only applicable from EFT 5.x t7.4.13, see KB: https://kb.globalscape.com/KnowledgebaseArticle10499.aspx
  • (Path) is now removed. (TFS 373030)
  • (plain_text_client) is now removed (TFS 373030)
  • (use_JSE_HTTP_Client) is now removed (TFS 373030)
  • (Cluster) is now located in the cluster.json file. (TFS 368291)
  • (SharedFolder) is now located in the cluster.json file. (TFS 368291)
  • (ReloadAUDOnSync) this advanced property is only applicable in EFT versions 6.3 – 7.3.3.21, see KB: https://kb.globalscape.com/Knowledgebase/10660/Make-the-authentication-manager-read-from-disk-instead-of-internal-memory-for-load-balancing

Auditing and Reporting

  • Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)
  • Provided the ability to control what EFT Audits within the following tables (TFS 369778):
    • tbl_SocketConnections
    • tbl_ProtocolCommands
    • tbl_AS2Transactions
  • Improved error messages logged when failing to connect tOracle databases (TFS 369217)

ARM schema tables added

  • AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)
  • AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)
  • NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)
  • NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)
  • PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)
  • PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)
  • ScanDataAction to contain list of scanned files and scan results (TFS 365254)
  • PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)
  • Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)
  • Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)
  • Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)
  • Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)
  • Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)
  • Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)
  • Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)
  • Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)
  • Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)
  • Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)

ARM schema changes

  • Removed vw_ProtocolCommands view as we added Actor column to the ProtocolCommands table (TFS 369874-AC7)
  • Removed auditing of username and password for HTTP/S events to ProtocolCommands as it is redundant with Authentications table. (TFS 369779-AC1)
  • Removed redundant auditing of authentication records in Authentications table across all protocols except for stateless HTTP. (TFS 369779-AC2)

Modifications to current reports

  • “Activity – All Transfers”, modified so that it only shows transfers from tbl_ClientOperations (TFS 371471)
  • “Activity – All Files (as Server)”, used pc.RemoteIP instead of au.IP from remote IP address (TFS 371471)
  • “Activity – All Users (Summary)”, Converted to FACT based (TFS 371471)
  • “Activity – All Users (Detailed)”: removed inner join on tbl_Authentications; removed “AND au.ResultID=0”;changed “Order by au.Time_Stamp” to “Order by PC.Time_stamp”; removed folder column so we can fit longer filenames (TFS 371471)
  • “Event Rules – Actions (Summary)”, Remove details column (TFS 371471)
  • “Executive Summary Report”, Updated report to optionally use FACT tables if available (TFS 371471)
  • “Outlook Send Report”, Change column titles to better match their state (TFS 371471)
  • “Outlook Pick Up Report”, modifications similar to outlook send report (TFS 371471)
  • “Security – Failed Logins”, Remove hashed password column (TFS 371471)
  • “Traffic – Average Transfer Rates by Users”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Connection Summary”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Datewise-hourly Bytes Transferred”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – IPWise Connections (Summary)”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Monthwise-IPWise Bytes Transferred”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Most Active IP – Connections”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Most Active IP – Data Transferred”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Most Active Users – Connections”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Most Active Users – Data Transferred”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – Protocolwise Connections (Summary)”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Traffic – SiteWise Hourly by User”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Troubleshooting – Event Rule Failures”, updated report to optionally use FACT tables if available (TFS 371471)
  • “Troubleshooting – Operational Failures”, increased performance by doing smart select vs. union, removed ‘pass’ as filter as this is for Failed Auth report (TFS 371471)
  • “Troubleshooting – Connection Errors”, excludes authentication failures, translated result codes into string values (TFS 371471)
  • “Workspaces activity”, multiple column and field updates (TFS 371471)

ARM reports added

  • “Workspaces – Folders Unshared”
  • “Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)
  • “Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)
  • “Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)
  • “Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)
  • “Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)
  • “Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)
  • “Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)
  • “Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)
  • “Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)

ARM reports renamed

  • Activity – All File Transfers is renamed to Activity – File Transfers as Client (TFS 371471)
  • Activity – All Files (as Server) is renamed to Activity – File Transfers as Server (TFS 371471)
  • Activity – All Groups (Detailed) is renamed to Activity – by Permissions Group (TFS 371471)
  • Activity – All Users (Detailed) is renamed to Activity – by Users (Detailed) (TFS 371471)
  • Admin Actions is renamed to Admin – Audit Log (TFS 371471)
  • Admin Actions (Summary) is renamed to Admin – Authentications (TFS 371471)
  • AS2 – Transactions Detailed is renamed to Activity – AS2 Transfers (Detailed) (TFS 371471)
  • AS2 – Transactions Overview is renamed to AS2 Transfers (Summary) (TFS 371471)
  • Content Integrity Control – Actions (Detailed) is renamed to Content Integrity Control
  • Event Rules – Actions (Summary) is renamed to Event Rules – by Trigger Name (Summary) (TFS 371471)
  • Event Rules – Activity (Summary) is renamed to Event Rules – by Trigger Type (Summary)
  • Event Rules – Activity (Detailed) is renamed to Event Rules – by Trigger Type (Detailed) (TFS 371471)
  • Event Rules – Inbound-Outbound By Date is renamed to Event Rules – Just Transfers (TFS 371471)
  • Outlook Send Report is renamed to Workspaces – Files Sent (TFS 371471)
  • Outlook Pick Up Report is renamed to Workspaces – Files Picked Up
  • Security – Failed Logins is renamed to Troubleshooting – Failed Logins (TFS 371471)
  • Troubleshooting – Connection Errors is renamed to Troubleshooting – Socket Connection Errors (Inbound) (TFS 371471)
  • Workspace Activity is renamed to Workspaces – Folders Shared

ARM reports removed

  • Activity – Ad Hoc (Detailed), this is a redundant with Outlook Send/Pickup Report (TFS 371471)
  • Activity – Ad Hoc (Summary), this is a redundant with Outlook Send/Pickup Report (TFS 371471)
  • Activity – Ad Hoc By File (Detailed), this is a redundant with a filtered Outlook Send/Pickup Report (TFS 371471)
  • Activity – Ad Hoc By Recipient (Detailed), this is a redundant with a filtered Outlook Send/Pickup Report (TFS 371471)
  • Activity – Ad Hoc By Sender (Detailed), this is a redundant with a filtered Outlook Send/Pickup Report (TFS 371471)
  • Activity – By [All Reports], other reports accomplish the same data. (TFS 371471)
  • Activity – By File
  • Activity – By Group (Detailed)
  • Activity – By User (Detailed)
  • Activity – By User (Detailed) – Group by UserName-Action
  • Activity – By User (Summary)
  • EventRules – Inbound-Outbound By User, the same data is available under Event Rules Just Transfers and filter by user
  • Troubleshooting – IP Address Activity (Detailed), the same data is available under the troubleshooting reports if filtered by IP

High Availability-Specific changes

  • Sync value changes (TFS 367401)
  • Changed initial “Out of sync” timeout value from 5 seconds t10 seconds
  • Changed full timeout for sync from default 30 seconds t60 seconds
  • Updated WEL (Windows Event Log) reporting to reflect “Node out of sync, attempting to heal…” instead of “Node out of sync”
  • Time it entered into out of sync state, “Initial detection of node as out of sync, entering grace period…”
  • Time it attempted to start healing itself, “Node out of sync, attempting to heal…”
  • Time it took to heal (if healed), “Node was out of sync for [N] seconds but is now in sync”
  • Time at which point it considered itself unable to heal
  • Time at which it began to drain, “Out of sync node unable to recover after [N] seconds, entering drain mode for maximum of [M] minutes. Service [will\will not] restart when draining is complete”
  • Elapsed time for completing drain, “Finished draining node after [N.XY] minutes”
  • Specify log location and prefix with node ID (TFS 367897)

Installer Modifications

  • Update existing ProtocolCommands records with Actor (Account) value from Authentications table (TFS 370935-AC1)
  • Update existing Transactions records with Time_stamp value from other tables (TFS 370935-AC2)
  • Backup existing reports and deposit new ones for new and existing customers (TFS 370935-AC3)
  • Deposit a number of helper SQL scripts, such as row count, most prolific users, etc. (TFS 370935-AC4)
  • Deposit a number of targeted purge scripts. See comments in each script for details (TFS 370935-AC5)
  • Update to the create_5_sprocs.sql to avoid adding NULL values into the database. (TFS 370752)
  • Upgrades are only allowed from 7.4.x (TFS 368126)
  • EFT trials are now 15 days (TFS 369582)
  • Recommendation is to upgrade tour latest GA (7.4.13.15) before upgrading to this release

Privacy-Related Additions

  • GDPR will require ESM/ASM licensing (TFS 371440)
  • Set of privacy configuration settings that map GDPR requirements to EFT’s privacy features, for evaluating compliance levels (TFS 369312)
  • Built-in automatic encryption of all fields identified as personal data, including email, with a separate, managed encryption key (TFS 363303)
  • Updated Account Details dialog on the General tab (when selecting a user) with tool tip functionality (TFS 363529)
  • New Account Details template under security tab at the site level (TFS 363529)
  • Ability to define attributes that are considered personal data
  • Ability to define attributes that are visible to the user
  • Ability to define attributes that are modifiable by the user
  • Changes done will apply tall existing clients and new clients (TFS 370953)
  • Ability to define EFT admins to view/manage personal data (TFS 364360)
  • New User consent to Privacy Policy (PP) drop-down under the General tab at the user level (TFS 368730)

Ability for administrators to

  • Block or allow access to personal data, limiting administrators to need-to-know access to personal data (TFS 362490)
  • Generate a Data Privacy Impact Assessment (DPIA) report which evaluates compliance and risk levels based on settings (TFS 366251)
  • Set an EU subject status teach user account (TFS 363000)
  • Define a privacy policy for a given EFT Site (TFS 367574)
  • Specify whether explicit or implicit consent with the privacy policy is required of end users (TFS 367574/367846)
  • Define a Terms of Service (ToS) for a given EFT Site (TFS 366847/367845)
  • Determine user account details fields are considered personal data or assign attributes over each field (TFS 362406)
  • Specify whether explicit or implicit agreement with the Terms of Service is required of end users (TFS 366847)
  • Reset the privacy policy’s effective date, which re-displays the policy to connected users (TFS 367574/367846)
  • Deny access to other protocols (S/FTP/S) until the user has consented to the privacy policy (TFS 367574/367846)
  • Reset the Terms of Service’s effective date, which re-displays the policy to connected users (TFS 366847)
  • Deny access to EFT via other protocols (S/FTP/S) until the user has agreed to EFT’s Terms of Service (TFS 366847)
  • Identify or specify whether or not a user has consented to use their personal data (TFS 363087)
  • Optionally give users the ability to access (view) their personal data (TFS 363200)
  • Optionally give users the ability to rectify (modify) their personal data (TFS 363201)
  • Optionally give users the ability to delete their account including personal data (TFS 363202)
  • Optionally give users the ability to restrict use to their personal data (TFS 363211)
  • Optionally give users the ability to be notified of changes made to their personal data (TFS 363300)
  • Optionally give users the ability to export (port) their personal data (TFS 363301)
  • Optionally give users the ability to object to the use of their personal data (TFS 363302)

Ability for users to

  • See their currently assigned EU subject status (optional) (TFS 371467)
  • Modify their current EU subject status (optional) (TFS 371803)

Privacy-Related Context Variables Added

  • %USER.GDPR_RIGHT_EXCERCISED_ARTICLE_ID% for events related to exercising of privacy rights (TFS 363470)
  • %USER.GDPR_RIGHT_EXERCISED% for events related to exercising of privacy rights (TFS 363470)
  • %USER.GDPR_REASON_GIVEN% to capture the user’s rationale when exercising their privacy rights (TFS 363470)
  • %USER.PP_CONSENT_STATUS% to show the current privacy policy consent status for a given user (TFS 363470)
  • %USER.TOS_CONSENT_STATUS% to show the current Terms of Service agreement status for a given user (TFS 363470)
  • %USER.EU_DATA_SUBJECT_STATUS% to capture the EU subject status state for a given user (TFS 363470)

Privacy-Related Event Rule Additions

  • New event rule trigger “GDPR Right Exercised” that triggers whenever a user attempts to exercise one of their granted rights (TFS 363341)
  • New conditions for event rule processing related to a user’s EU subject status, privacy policy, and agreement consent status (TFS 363342)
  • Ability to trigger a rule in EFT when a user’s personal data is modified by someone other than the user (right to be notified) (TFS 363300)
  • Ability to modify user privacy fields via EFT’s event rules, such as changing field attributes, modifying EU data subject status, and more (TFS 368623)

Other Event Rule Additions

  • Create or set variable Action (TFS 358683)
  • Run PowerShell Action (TFS 367503)
  • Call (GoTo) Event Rule Subroutine Event and Action (TFS 367875)
  • Ability to scan metadata with Content Integrity Control Action (TFS 363436)
  • “Enable this Account” option added to User Account Action (TFS 368623)
  • Context variable to grab file extension, and place it into the context variable (TFS 367283)
  • Added new context variables for date and time stamps in ISO8601 format. (TFS 368860)
  • Increased the default FM worker threads from 32 t64 (TFS 370453)
  • Retry logic for Copy Action (TFS 370290)
  • Cloud object monitor usability updated (TFS 369671)
  • Workspace re-enable users on re-invite (TFS 368874)
  • Event rule exports are now in JSON format, XML is deprecated and will not be imported in this version of EFT (TFS 371721)
  • AWE task code (.aml) is now persisted in SiteConfig*.db (SQLite file). Upon upgrade, .amls are read from the legacy file location and imported into the database (TFS 371719)
  • CIC profiles are now site-level (previously were Server-level) (TFS 371722)
  • Upon upgrade legacy server level CIC profiles will be cloned into each site (TFS 371722)
  • EFT’s CIC event rule action can now scan ad-hoc message metadata, such as the message subject or body text, in addition to files (TFS 363436)

Web Transfer Client & Workspaces

  • Ground-up re-write resulting in tremendous performance gains (TFS 368791)
  • Includes a new Profile page for managing personal/privacy data, language, date format, number format
  • See (TFS 371467) and specify (TFS 371803) whether or not they qualify as an EU data subject (optional)
  • See user's account details fields marked as personal data from within the web client (right to access) (Optional) (TFS 363345)
  • Modify fields marked as personal data from within the web client (right to rectify) (Optional) (TFS 363201)
  • Rescind their consent to previously agreed to privacy policy (right to rescind) (Optional) (TFS 363119)
  • Submit a request to have their account be removed including all personal data (right to be forgotten) (TFS 363202)
  • Request that EFT restrict use of their account details marked as personal data (right to restrict) (TFS 363211)
  • Object to the use of their account details marked as personal data (right to object) (TFS 363302)
  • Download their account details marked as personal data in a semi-structured format (right to port) (TFS 363301)
  • Optionally change their password (TFS 367099)
  • Added support for batch downloads in zipped format (TFS 369255)
  • Added ability to move files between two different workspace folders (TFS 76901)
  • Change default workspace expiration-check cycle to once a minute (TFS 368683)
  • Separate control added tenable Request file portal subject to Send and Reply portals both being enable (TFS 369944)
  • Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)
  • File Expiration has been separated from Link Expiration for ad hoc delivered files, separating link security and data retention concerns (TFS 369706)

COM API

In the ICIServer interface, added

  • defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)
  • UTF8Logs property

In the ICISite interface, added:

In the ICIClientSettings interface, added:

In the ICISSHKeyInfo interface, added HasPrivate property In the ICIManualIPAccessRule interface, added Reason property Interfaces added for new Event Rule Actions:

Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):

Enums:

The ICIServer Interface methods and properties below are deprecated and nolonger work (return E_NOTIMPL error). Instead use the similar Site-level methods and properties. Methods:

  • CreatePGPKey
  • RemovePGPKey
  • ImportPGPKey
  • ExportPGPKey
  • GetPGPKeyringSettings
  • SetPGPKeyringSettings
  • ImportSSHKey
  • RemoveSSHKey
  • RenameSSHKey
  • ExportSSHKey

Properties:

  • AvailablePGPKeys
  • AvailableSSHKeys

The ICISite Interface methods and properties below are deprecated and no longer work (return E_NOTIMPL error): Methods:

  • GetSSHKeyFilePath
  • SetSSHKeyFilePath

Properties:

  • SFTPKeyFile
  • SFTPKeyFile

ISATMessage and IAdhocMessage interfaces do not apply tEFT v8 and later

Bug Fixes

EFT Admin GUI

  • Resolved an issue that caused the Start and stop site options from being grayed out under the “File” drop-down option (TFS 368804)
  • Updated the Encrypted folder wizard which had a spelling error (TFS 368880)
  • Updated IP address option to “OS Chooses” (TFS 369223)
  • Fixed an issue when presented with a failed to create user after selecting a different Site on User creation wizard error displayed “FOREIGN KEY constraint failed” (TFS 370378)
  • Provided the ability to customize the URL and port that are sent via Workspace invite email in the Send Portal (TFS 371388)
  • Fixed an issue where invalid SSH key imports would not display any error prompts (TFS 368594)
  • Fixed an issue where the status tab Ban option would not work (TFS 368622)
  • Fixed an issue where the Admin GUI could hang with high traffic (TFS 368908)
  • Fixed an issue where passwords could be shown in plain text in file and folder operation actions (TFS 369656)
  • Fixed an issue where the Admin GUI could hang when enabling ARM (TFS 370382)
  • Fixed the layout in the “AS2 – Transactions Detailed” report (TFS 371246)
  • Fixed an issue where the Admin GUI hang could limit access tWTC (TFS 367876)
  • Fixed an issue where the Admin GUI could timeout during a backup (TFS 372407)
  • Fixed an issue where the Admin GUI in EFT Express could hang upon upgrade (TFS 369339)
  • Fixed an issue where the Admin GUI could hang after making changes (TFS 369391)
  • Fixed an issue where the Admin GUI could crash when removing site while the FileAudit.db is broken (TFS 371278)
  • Fixed an issue where the Max Transfer Speed limit, when enabled, would cause folder downloads to hang (TFS 369373)
  • Fixed an issue where the Admin GUI could hang due to HTTP buffer size (TFS 370952)
  • Fixed an issue where the Admin GUI was not consistent when enabling and disabling administrator permissions (TFS 372895)
  • Fixed an issue where the Admin GUI would revert the Delete file(s) older than X value to 7 in the File Cleanup Action after browsing a folder (TFS 372677)
  • Fixed an issue where the Admin GUI would display an icon image on the IP Access Rules UI (TFS 371654)
  • Fixed an issue where the Admin GUI spinner for Prohibit reuse of previous passwords was not working correctly (TFS 370549)
  • Fixed an issue where the Admin GUI could be slow on high HTTP traffic (TFS 369938)

API

  • Fixed an issue where an API call could cause an EFT exception (TFS 372977)

Auth SAML

  • Fixed an issue where SAML requests could fail. (TFS 370586)

Auth AD

  • Fixed an issue where AD users were unable to reset passwords when AD password has expired or was set t“user must change password at next login” and group consists of users from parent/child domains (TFS 368107)
  • Fixed and issue where one-way trust no longer worked for remote forest (TFS 369294)
  • Fixed an issue were users were unable to authenticate with an AD account when using UPN login (TFS 373152)

ARM

  • Updated crate_5_sprocs.sql to incorporate improvements (TFS 370752)
  • Fixed an issue where ARM reports were not generating data with traditional Chinese SQL server (TFS 373304)
  • Auditing of HTTP GET requests to use GET rather than LIST verb (TFS 369780-AC2)
  • TransferTime wasn’t appearing for certain transactions in ProtocolCommands table (TFS 369780-AC3)
  • SFTP connections were not auditing LIST operation (TFS 369780-AC4)
  • FTP connections where auditing USER and LIST verbs multiple times (TFS 369780-AC5)
  • Inconsistency with usage of datetime and datetime2 data types for auditing of timestamps (TFS 369780-AC6)
  • AS2Transactions table to use nvarchar(max) rather than "text" datatype for MDN, PayloadHeaders, and MDNHTTPResponse (TFS 369780-AC7)
  • Naming convention in auditing of administrator and REST administrator operations in ProtocolCommands table (TFS 369780-AC10)
  • Circular reference in Actions and EventRules tables (TFS 369871)
  • Circular reference in AS2 Actions and AS2Files (TFS 369871)
  • Modified schema to merge AS2Transactions and AS2Files tables as they were redundant (TFS 369828-AC5.1)
  • Modified EFT to use an AD object per AD call and sends inserts in batches, which improves auditing performance under load (TFS 371279)
  • Modify purge and fast purge with a vastly more performant version of the same (TFS 370935-AC6)
  • Update Oracle’s stored procedures to avoid a NULL constraint error on offline record insert (TFS 370935-AC7)

AWE

  • Fixed an issue where the Long List FTP action would display an error (TFS 365263)
  • Fixed an issue where EFT variables were missing (TFS 372798)
  • Fixed an issue where the “On error” action email fails after upgrading EFT (TFS 366436)
  • Fixed an issue where the email action was lost after upgrade (TFS 368591)
  • Fixed an issue where EFT administrators were unable to import batches of AWE scripts (TFS 369543)
  • Fixed an issue where variables were initialized differently between AWE10 and AWE8 (TFS 370023)
  • Fixed an issue where the Delete File action did not respect the “Exclude Mask” (TFS 372488)
  • Fixed an issue where the “If Folder Exists” statement was not working (TFS 372490)
  • Fixed an issue where variables as delimiters in a loop were not working (TFS 372491)
  • Fixed an issue where change folder action is appending to the user’s home folder path (SFTP only) (TFS 372494)
  • Fixed an issue where the margins are ignored when converting file to PDF (TFS 373077)
  • Fixed an issue where EFT variables were missing in AWE (TFS 373337)
  • Fixed the aspect ratio of the AWE splash screen (TFS 373282)

CIC

  • Fixed an issue where CIC was not properly processing files as expected (TFS 351868)
  • Cloud Connectors
  • Fixed an issue where Amazon S3 compatible did not work when providing S3 details (TFS 370883)
  • Fixed an issue where S3/Azure uploads fail if folder exists in source location (TFS 368817)
  • Fixed an issue where cloud monitor events may cause a hang in EFT (TFS 369997)
  • Fixed an issue where post processing actions failed to complete (TFS 370600)
  • Fixed an issue where files over 4GB uploaded to Azure were malformed (TFS 372579)
  • Fixed an issue where cloud object key conditional logic did not work as expected (TFS 372831)

Connection Profiles

  • Fixed an issue where the wrong IP was sent on an outbound request when configured under the Advanced properties (TFS 370758)

Custom Commands

  • Fixed a GUI issue that reflected incorrect admin permissions (TFS 368530)

DMZ Gateway

Fixed an issue where EFT did not honor the XFF headers when the traffic is generated from the DMZ Gateway (TFS 370642)

EFT COM

  • Added the reason parameter to Object AddIP Access Rule (TFS 369934)

Event Rules

  • Fixed an issue where the context variables for a copy action did not work in the port field (TFS 372219)
  • Fixed and issue where Folder monitor rules may crash (TFS 370420)
  • Fixed an issue where weekly event rule schedule timer not using recur every <N> weeks(s) on value (TFS 369253)
  • Fixed an issue where the Ban user IP address action was not working as expected (TFS 369995)
  • Fixed an issue where mail attachments were not working in event rules (TFS 369996)
  • Fixed an issue where remote listing cache was never cleaned up (TFS 372220)
  • Fixed an issue where weekly scheduled timer event rules failed to start at the expected cycle (TFS 372876)
  • Fixed an issue where the “On Before Download” would trigger for non-existent 404 resource (TFS 368469)
  • Fixed an issue where “On upload failed” event rule with file is banned condition would not trigger via SFTP (TFS 368801)
  • Fixed an issue where a square bracket saved in the SMTP from field prevented any mail action event rules to be properly saved (TFS 368712)
  • Fixed an issue where “Invoke Web Service” rule always redirected on URL received in Location Header (TFS 369340)
  • Fixed an where upload support would fail when using DMZ server as a proxy (TFS 373297)

High Availability (HA)

  • Fixed an issue where all nodes would trigger a user password change event rule when an EFT admin changes a user’s password (TFS 368864)
  • Fixed an issue where load balanced timer event rules may crash EFT (TFS 370272)

Installer

  • Fixed an issue to provide the HA install MSMQ parameters (TFS 370310)
  • Fixed an issue where an AWE DLL was not properly registered upon install/upgrade (TFS 370584)
  • Fixed an issue where an invalid MSMQ configuration via silent installer caused a crash in EFT (TFS 370928)

Logging

  • Fixed an issue where the Folder Encryption Key is displayed in the log file (TFS 373641)
  • Fixed an issue where the EFT log would log an error when running a PCI DSS Compliance Report (TFS 373517)

Outlook Add-in

  • Fixed an issue where the pickup link was incorrect (TFS 369824)
  • Fixed an issue where duplicate requests were sent to the EFT server (TFS 369832)
  • Fixed an issue where user was not presented with a prompt when using the Secure Message without an attachment (TFS 371259)
  • Fixed an issue where EFT may hang due to high OAI users (TFS 368320)
  • Fixed an issue where Workspace pickup link would display the incorrect link when using a DMZ Gateway (TFS 368504)

REST API

  • Fixed an issue where REST API calls log password in clear text (TFS 371314)

scClient

  • Fixed an issue where scClient did not work using FAST (TFS 371277)

SFTP

  • Fixed an issue where ciphers were missing when upgrading from an older version of EFT (TFS 367978)
  • Fixed an issue where on rare situations EFT would experience a crash in the SFTP engine (TFS 370750)
  • Fixed an issue where quit commands would report “Exit status -1” instead of -0 (TFS 371165)
  • Fixed an issue where SFTP connections would not send a close packet (TFS 372816)

Web Transfer Client (WTC)

  • Fixed an issue where some of WTC pages were missing the X-Frame-Options: SAMEORIGIN Get request (TFS 368205)
  • Fixed an issue where some secure flag was missing for cookies (TFS 370264)
  • Updated cookie naming from loginsession to mfatoken and token to csrftoken (TFS 370266)
  • Fixed an issue where the EFT username is not displayed unless workspaces is enabled (TFS 366503)
  • Fixed an issue where the samlssologgedout cookie was not marked with the secure attribute (TFS 369921)
  • Fixed an issue where the LDAP user account had “user must change password” enabled did not allow the user tlogin tWTC (TFS 370383)
  • Fixed an issue where 0KB folder could not be download (TFS 368671)
  • Fixed an issue where some users were not seeing the correct display when clicking on the Filter option (TFS 367819)
  • Fixed an issue where the broken transfer warning UI did not translate to any other language other than English (TFS 367032)
  • Fixed an issue where the UI would not properly report a valid error message when quota limit was reached (TFS 367608)
  • Fixed an issue where the change password option should not be available when EFT is not configured tallow change password (TFS 368677)

Workspaces

  • Fixed an issue where the workspace owner’s full name was not displayed in the invitee workspace welcome email (TFS 372654)
  • Fixed an issue where the Reply address was not properly populated after KB 11384 was applied (TFS 368578)
  • Fixed an issue where the subject and message body details for a message marked “secure message” was not encrypted in the Workspaces.db (TFS 368575)
  • Fixed an issue where workspaces emails kept the EFT HTTPS port in the email invite instead of the DMZ listening port (TFS 368802)
  • Fixed an issue where Yahoo domain users did not receive the hyperlink for Workspaces send portal (TFS 370406)
  • Fixed an issue where the “Shared With Me” link was displayed even when workspaces was disabled (TFS 352135)
  • Fixed an issue where the toolbar did not reflect the guest permissions (TFS 369559)
  • Fixed an issue where Request File Reply could not upload a file that contained a # character (TFS 368716)
  • Fixed an issue where the Send Portal browse button was not functional in a PCI-DSS site (TFS 372933)
  • Fixed an issue where a race condition in Transactional Workspaces could cause the EFT service to crash (TFS 371428)
Change Log
Change Logs