EFT Enterprise
Login to the Customer Portal to download the latest software release.
Security
• March 14, 2019 -- Added security patch updates for potential vulnerabilities:
These updates address recently identified potential security vulnerabilities that affect system availability. They do not indicate data security risk. While there are no known exploitations of these vulnerabilities, we recommend upgrading as soon as possible to avoid potential risk.
Patches are available for the following versions here:
• 7.4.13.14 (Enterprise and Express)
• 7.4.11.34 (Enterprise and Express)
• 7.4.10.6 (Enterprise and Express)
• 7.4.9.11 (Enterprise and Express)
• 7.4.7.18 (Enterprise and Express)
• 7.4.7.15 (Enterprise and Express)
• 7.4.5.8 (Enterprise and Express)
• 7.4.5.7 (Enterprise and Express)
• 7.4.5.6 (Enterprise and Express)
Further information about these vulnerabilities is available here.
Security
- Added Encrypted Folders, an EFT-managed feature to encrypt/decrypt data at rest in a transparent, streaming fashion
Authentication
- Added support for Just-in-Time (JIT) user account provisioning for SAML initiated logins
Automation
- Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)
Changes to EFT Enterprise and EFT Express
Administration
- Optimized disk quota calculations so that they occur on user account logon rather than upon service start
- Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance
- Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked port
- Enhanced usability during initial account registration and change password requests by showing password complexity requirements
Auditing and Reporting
- Added logs to alert administrator when an IP address has been banned
Automation
- Added a User Account Action to allow administrators to effect changes to accounts in an automated fashion
Security
- Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols
- Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.
- Updated OpenSSL library to 1.0.2q
- Updated OpenSSH derived library to latest version 7.9.0.0
Workspaces/WTC
- Updated Web Transfer Client login page and localization features
- Added automatic file download to the DirectDownload.htm template
- Removed direct download links from workspace's email template
Bug Fixes
- Numerous bug fixes were released in this version of EFT.
Changes to EFT Enterprise Only
Authentication
- Added support for IdP initiated SAML SSO Logins
- Added override to relax SAML assertion on signing requirements
- Added support for Active Directory + RSA SecurID® chaining (login AD, then RSA)
- Added ability to hide forgot (reset) password for LDAP authenticated users
- Added option to disallow LDAP login for guest users originating from DMZ Gateway
- Added option to force LDAP authentication for users connecting directly to EFT
- Changed the default refresh interval for LDAP to 30 minutes
- Added ability to map a Settings template to LDAP attributes
- Added support to SAML auth for looking up not-yet sync’d users in LDAP
Automation
- Added Event Rule Download Action: Option to treat missing remote file(s) as success
- Added ability to inject passwords into exported rules xml, for event rule import
Protocols
- Updated AS2 to latest libraries including choice of ciphers
- Added custom header support for AS2 send action
- Added support GZIP payloads for MDN responses (AS2)
- Added support for asynchronous MDNs (AS2)
- Added support for specifying allowed signing algorithms (AS2)
- Added support for specifying allowed MDN MIC algorithm for inbound transactions (AS2)
Administration
- Added over a dozen Windows Performance Counters associated with EFT
Licensing
- Improved usability by instructing users on how to properly activate the acceleration module
Changes to EFT Enterprise and EFT Express
Authentication
- Added support for multiple group filtering under AD
- Added username to AuthManager login ‘failed login’ eft.log
- Added a registry option to disable basic authentication
Automation/Rules
- Added Azure shared access signatures (SAS) support to cloud connector module
- Added ability to inject passwords into exported rules xml, for event rule import
- Added support for accelerated, parallel cloud transfers to Azure (8X speed increase)
Protocols
- Updated SFTP library in line with current FIPS compliance standards
Administration
- Added the ability to capture the reason behind a manual IP ban
- Added more context variables, such as SITE.DMZ_ADDRESS or PORT
- Hid the disk quota feature by default as it remains experimental
- Added option in EFT to select whether to do DNS lookups on the local EFT Server or DMZ Server
Workspaces/WTC
- Added the ability for users to download entire folders from the WTC
- Added the ability for users to move folders in the WTC
- Decoupled Workspaces sending from sharing permissions: A user may not have permission to share but can send, and vice versa.
- Added a domain whitelist property for greater control over the send file feature
- Provided controls for treating connections differently depending on their origination
- Added an advanced property (registry override) to display full name rather than login name in WTC
- Added more granular variables to Workspaces invite messages
- Enhanced the WTC to display an error on next login if a background transfer failed
- Updated language support for French, German, Spanish and Dutch
- Added ability to provision LDAP users when a workspace is shared with them
Security
- Added an advanced property (registry override) to all configuration of HSTS max-age value
- Added an advanced property (registry override) to manage CSP Content Security Policy header
- Added an advanced property (registry override) to disallow support for Basic Auth for HTTP/S
- Improved SFTP logging to capture algorithms used
- Updated OpenSSL to 1.0.2p
Licensing
- Improved auditing of expired module licenses in EFT.log
- Removed optional recording of contact details and IP to better comply with GDPR
Installer
- Changed EFT Enterprise installer file name from eftserver-ent.exe to EFT-Enterprise.exe
- Changed EFT Enterprise without SQL Express installer file name from eftserver-nodb.exe to EFT-Enterprise-nodb.exe
- Changed EFT Express installer file name from eftserver.exe to EFT-Express.exe
- Changed EFT Express without SQL Express installer name from eftserver-nodb.exe to EFT-Express-nodb.exe
Bugs Fixed
- Numerous bug fixes
Additions to EFT Enterprise Only
Web Transfer Client
• Option to show full name vs. logon name in WTC profile
EFT Core
• AD Site: Option to authenticate users via Active Directory while managing permissions internally in EFT
• LDAP Site: Option to hide Forgot Password link for internal/external facing domains
• LDAP Site: Option to not allow LDAP logins for external facing domains
Fixes
• Various bug fixes and improvements
Additions to EFT Enterprise Only
Remote Agent Module
- Agents can now perform client transfers to any server you designate, rather than only back to the home EFT Server
- Shorter update intervals (real-time (every 15 seconds), once a minute, every 5 minutes, every 30 minutes)
- New options for when an agent fails
- System environment variables in remote agent rules
- Remote Agent Condition for relevant File System triggers in event rules
- “Run on links” option has been removed when you create remote agent rules
EFT Core
- LDAP Site: Automatically remove/disable account after X days of inactivity
- Option to specify custom LDAP attributes that are configured at the site level and map to those in the user template level
- Internal (LDAP) users must not authenticate when visiting external URL
Additions to EFT Enterprise and EFT Express
EFT Core
- Added ability to construct internal URL hyperlinks in notification emails based on recipient domain
- Added ability to specify internal domain certificate in instance where direct connection is made that bypasses DMZ Gateway
- Added ability for AD sites to automatically remove accounts after X days of inactivity
Fixes
- Various bug fixes and improvements
Additions
Admin GUI
- EFT Server (SMB) has been renamed to EFT Express
- EFT Server Enterprise has been renamed to EFT Enterprise
- High Security Module (HSM) is now Advanced Security Module (ASM) in EFT Enterprise
- High Security Module (HSM) is now Express Security Module (ESM) in EFT Express
AWE
- Update AWE to version 10
- AWE rebranding
- Migrate and convert AM8 tasks to AM10 as part of the EFT upgrade process
- Better support in AWE for EFT Insight
- New context variables available which are populated upon AWE task completion
- AWE logging changes
- New option to specify location of AWE debug logs
- AWE debug Task log name update to include AWE {Node Name}_{AML File Name}_yyyy-MM-DD-HH-mm-ss.csv
- New option to retain task debug logs by Success/Failure
- Audit the AWE execution details to ARM database
- When AWE logging is disabled, ARM will report N/A
- New AWE actions
- Amazon DynamoDB
- Amazon EC2
- Amazon RDS
- Amazon S3
- Amazon SES
- Amazon SimpleDB
- Amazon SQS
- Azure Storage
- Dynamics CRM
- Image
- OCR
- OpenDocument Spreadsheet
- VMware Guest
- VMware Host
- WMI
EFT Installer
- SQL Express 2017 is now bundled with the EFT installer (64bit support only)
- EFT 7.4 Rebranding
- Only EFT 7.4 has been rebranded to new logos and title (this includes most if not all UI related Items, including ARM Reporting but excludes the installer)
- New splash screens
- New globalscape logo
- Updated Admin GUI wizard pages
Event Rules
- Event Rule Action – Send email notification action with attachments
- New Cloud Object Monitor will allow users to monitor Amazon S3 or Azure blob storage for file triggers including ability to execute an action based on a trigger
- New AWS S3 compatible metadata support (support outside of AWS S3 or Azure blob)
- Limited support for Google Cloud and Caringo
- Allow S3 bucket URL override
- New support for AWS and Azure context variables
HA
- Allow EFT admin to specify outbound IP address in Event Rule Advanced option in HA environment
Licensing
- CCM and MTC are now part of EFT Core
- AAM and CIC are now part of Advanced Security Module (ASM)
Outlook Add-in
- OAI now provides a Secure Message Delivery Option
- Microsoft Outlook Digital Signature is now supported with EFT OAI
- Microsoft Outlook Encryption is now supported with EFT OAI
Remote Agent
- Agent/Account coexistence
- Agents can be created on same site as standard user account
- New Diffie-Hellman key exchange security between EFT and Remote Agent
- Remote Agents will now Auto-update when required
Workspaces
- EFT Admins can now enable/disable the Reply portal
- Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled
- EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal
- Request file options will now provide ability to require authentication
- EFT Email recipients can now access the reply/reply all page from the pickup portal
- Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha
- Workspace invites are now restricted to whitelisted domains (if configured)
- EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace
- The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share
- EFT will now restrict guests to their shared workspace
- External users will no longer be granted by default a home folder of their own
- Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account
WTC
- Add Spanish language to WTC
- Rebranding of the WTC including all portals
Removed
EFT Installer
- SQL Express 2008 is now removed from the EFT Installer
- Mail Express is now removed from the EFT Installer
Remote Agent
- Certificate creation for a RAM template is no longer required when configuring a new Remote Agent
AWE
- AutoMate action has now been removed from AWE
Enhancements
Workspaces
- Increased Workspace trial license count to 100 seats
- EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating
- Improved the account registration and verification process
- After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace
Security
- Support strong KEX algorithms for Incoming SFTP
- diffie-hellman-group16-sha512
- diffie-hellman-group14-sha256
- diffie-hellman-group-exchange-sha256
- diffie-hellman-group14-sha1
- diffie-hellman-group-exchange-sha1
- diffie-hellman-group1-sha1
Admin GUI
- Update to SSL security compatibility to reflect “Minimum Protocol Version”
- Update to the generic Welcome FTP banner message on new installs
- EFT Login - %Date% %Time% - Please enter valid credentials to continue
- SMTP Implicit TLS option is now exposed via the new server setup wizard under the SMTP Server settings wizard page
- Removed the personal data registration page on a new install, under the Globalscape EFT Server Registration wizard page
- EFT user’s home folder will now sync with their AD profile folder
- Ability to type a value for toggle “Auto-attach files in Outlook when they exceed:”
- More descriptive error message when workspaces license count has exceeded
- Admin will now be presented with a prompt that Request files will be disabled when Reply portal is disabled
- The EFT full version is now displayed in the title bar
DMZ Gateway
- Updated JRE to version 1.8.0.162
- Updated supported Linux distros
- RHEL 7.3 64-bit Kernel: 3.10.0-514
- SuSE Linux Enterprise Server 12.2 64-bit (SP2)
- Ubuntu Ubuntu 16.04.3 LTS
- Amazon Linux AMI 2017.03.1 64-bit
- EnableConnFloodProtection feature is now disabled by default
Event Rules
- Ensure S3 regions list is up-to-date
Remote Agent
- Changed from “Active’ to “Enrolled” in the agent status list
COM
- Expose MTC registration status via COM
- Expose CIC registration status via COM
Outlook Add-in
- Add-in readme file now explains the difference between the .exe and .msi installer
Logging
- Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors
Fixes
Admin GUI
- Fixed “CTRL+F” search function
- Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled
- Updated the security tab typo to reflect “FIPS-certified”
- EFS icon was not displaying when a VFS folder was encrypted
- EFT admin GUI crashed when a CIC profile was renamed
- Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7
- Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option
- EFT UI will not accept configuration change when renaming CIC connection profile
- Statistics box on “My Site” general tab needs to be adjusted
- Stopped site does not have the red X on the MySite under VFS tab
- Enterprise option to reset passwords for multiple users is greyed out
- Cannot enter letters in zip code field in registration wizard
- Admin UI: visual artifact in the UG tree
ARM
- Web Service – Invoke Event Rules (Detailed) report no longer returns data
- Outlook Send Report column (Recipient) is not populating
- PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint
EFT Auth
- Admin console is hanging when login and also when trying to clone rules
- Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth
- Passwords not syncing with EFT AD site
- Service hang - users can't connect
- EFT Memory is growing gradually
- Anonymous authentication bug since 7.3.3.21
- Service crashing intermittently
- After upgrade and applying hotfix, Permission groups no longer present
- GUI Crashes with new ODBC site when creating new user
Event Rules
- EFT Event Action S3 region list is incomplete
- EFT S3 Region list is outdated
- Browse Remote File System causes Error and GUI Crash
- Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently
- When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination
- Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6
- ER: An unencrypted user password can be written to WEL when using User Event Rules
- Event Rule: The reason for not being able to delete a file (move) is not provided to the user
- EFT’s copy/move does not appear to honor the “Retries” value
- EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4
- Source file name.ext not pre-populating in the source field after clicking OK
- Source file name.ext not pre-populating in the source field after double clicking
- UI does not refresh after deleting an Event Rule
- File/Folder actions leak handle
- Scheduled event rule not running at expected scheduled times after 12am
Backup and Restore
- Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files
Connection Profiles
- Connection Profile – Connection Details form disappears when the admin user hits the enter Key
Custom Commands
- Broken upgrade from pre 1M for custom command
EFT Core
- Admin console hangs on login
- EFT Server Ent 7.4.2.4 randomly crashes
- High CPU Utilization and Hangs
DMZ Gateway
- DMZ Gateway Caches IPs for host names until service is restarted
- Registered DMZ Gateway crashes when using FAST with expired DEI trial license
FAST
- FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path
HA
- HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified
HTTP
- HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods
Installer
- During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure
- EFT Upgrade progress dialog is blank
- Automatic service startup is not consistent
- Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version
- Modify install change stops EFT service from working
- Upgrade -- ERROR AuthManager - Could not create client object already persistent
- FTP.cfg is corrupted upon upgrade
- Installer hangs and stops responding when ORCL credential used have expired
- When modifying the start menu, the default value Globalscape still is the one that is used
- Administrator Account Configuration screen - Text box line disappears
- Installer allows upgrade from 7.1 directly to 7.4
- Installer.log file contains admin user and password
Logging
- Folder monitor override credentials being used when writing to log file
- IPAccess logging is broken
Outlook Add-in
- EFT - Can't delete a file because Outlook is accessing it
PCI
- PCI Invalid logins differ at the site and server level
Remote Agent
- EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate
Settings window
- Remote Agent Service executable has bad description
- Agent Install URL returns 404 for HA installations
- Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template
- Remote Agent Template window, tab order not going left to right, top to bottom
- Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."
- Remote Agent Template can be selected for new administrator accounts
SFTP
- SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled
- SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia
Server
- ClientFTP: CSocksSocket checks timeout wrong
- Listing fails on remote server in EFT, but not Filezilla
SMTP
- SMTP to Exchange fails with TLS 1.1 and 1.2
Status Viewer
- EFT Admin: Status screen is not refreshing statistics
VFS
- Cannot remove "All Users" group from a folder in VFS
- Unable to configure streaming repository encryption when site root is a share
- Show VFS home folder then setting permissions is broken again
- VFS manipulation is slow
Workspaces
- Refresh required when an unacceptable character is entered in Maximum message size
- Banned file types appear to be sent from Drop-off and Send Portal
- User isn't routed to the workspace (shared) folder upon login to WTC
- Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending
- Selected user background turns from 'blue' to 'gray' after the action
- OAI body message is not visible when accessing the contents via WTC
- Workspaces license limit email is being sent incorrectly
- Workspaces guest template defaults to allow creation of workspaces
- Http/1.1 404 Object Not Found error when clicking on Workspace link from email
WTC
- Customizations.js executing before the UI is rendered, preventing customizations to the WTC
- WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers
- Embedded link downloads no longer working as of 7.4.x
- WTC translation does not persist after clicking request file option
- WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users
Fixes:
High Availability (HA):
- Fixed scenario of Event Rule delegation to non-existent node that could result in failure to execute Folder Monitor event rules
- Fixed scenario of Event Rule delegation to non-existent node that could result in server crash
7.4.2 Release Notes
Additions:
EFT Enterprise and SMB:
- Added template for password reset confirmation email that is sent when user is unauthorized to reset password
- Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.
Auditing and Reporting Module (ARM):
- Add new option in EFT to log TED6 logs to the new table - default new option to false/off
COM Interface:
- Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server
- Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site
- New COM APIs for Drop-Off controls
High Availability (HA):
- Added support for Autoscaling in AWS
- Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast
- Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time
Logging:
- Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used
Protocols - FTP/S:
- Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.
Protocols - SFTP:
- Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.
- Added diffie-hellman-group-exchange-sha256 KEX
- Added ability to select SFTP KEX algorithms through GUI and COM
SMTP:
- Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password
Web Interfaces – General:
- Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)
Workspaces:
- Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
- Added administrative option to place newly invited Workspace participants in specific settings template
- Drop-Off:
Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile - Reply Portal:
Users can now reply to a message from Send/Drop-Off
Enhancements:
EFT Enterprise and SMB:
- PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled
- Now able to login with Admin accounts in AD Universal group in child domains
- EFT Enterprise only:
- Configuration Restore dialog has been updated. Backup must be generated from EFT 7.3.3 or higher.
Administrator Interface (AI):
- Find/Search in EFT doesn't search connection profiles
- Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled
- Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
- More clearly show the configuration state and current flag value of change password on first login
- Clarified user Password Expiration, Reminder, and Notification Options
Installation:
- On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.
Protocols - General:
- Improved responsiveness when browsing directories containing many subfolders.
Secure Ad-hoc Transfer (SAT):
- Removed SAT install files from EFT 7.4 Installer
Web Interfaces – Web Transfer Client (HTML5):
- Updated Jument webclient to version 1.4.0 build 4
- Updated French translation
- Update French translation for word "Language"
Web Interfaces – Light Text Client (LTC):
- Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces
- Updated Workspace Invitation Subject line to "You've been added to a workspace"
- On upgrade from 7.2.x, Workspace notifications should be disabled
- Where possible, Workspace owner’s full name is used for WS invites instead of their login name
- Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them
- New participant of a workspace now lands to that particular shared folder and not at the home page of WTC
- Workspace owner can now add additional participant(s) to a private workspace
Fixes:
EFT Enterprise and SMB:
- Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.
- EFT Password email reminders with AD Site did not trigger
- When changing password for user through Admin GUI, force password option was being automatically enabled
- EFT forcing users to change their password upon first log in
- Renaming folders in VFS causes a loading indicator
- EFT Standalone: User's last time connected was only being updated once per day
- Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring
- Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant
EFT Enterprise only:
- During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed
EFT SMB only:
- Event Rules were not grayed out on SMB with no add on modules activated
- Reference to Enterprise only features were available in EFT SMB reports
Administrator Interface (AI):
- Resolved EFT Admin GUI crash after using the send Email test button
- Settings Templates was no longer sorted alphabetically as of 7.3.3.21
- Admin GUI did not retain setting for Password Expiration at user level
- When changing password in admin interface, force password option was automatically checked
- When modifying password expiration "Remind" option Apply button was greyed out.
- Settings Template options did not properly display inherited options
- LDAP/AD passwords could not be changed from Admin GUI with change password registry override enabled.
AS2
- Potential for AS2 settings to be removed after to 7.3.3.21
Auditing and Reporting Module (ARM):
- Report is missing filters (Traffic - Protocolwise Connections (Summary)
- Executive Summary Report data was being truncated
- The text "hmtest" appeared in Event Rules Detailed report after the Description:
- Admin Action report Change Originator column was being truncated
Authentication - General:
- Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication
- Corrected scenario where certain user accounts were not able to authenticate if the account was renamed
Authentication - LDAP:
- Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21
- Custom password change responses were not working for LDAP sites
COM Interface:
- "IsFolderVirtual" COM method was no longer functioning in 7.3.5
- Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword
- ICISite::SetWorkspace failed with MX error 7
Custom Command:
- Custom Command default execution timeout for newly created Custom Commands should be 30 seconds
Event Rules:
- User Account Disabled Rule did not function after upgrade to 7.3.3.21
- Event Rule using FAST protocol to Download Files would fail if connection profile was used
- Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.
- Corrected scenario of being unable to import Event Rules caused by unexpected config values
High Availability (HA):
- Event rules with comma character ',' in event rule name would fail when load balanced
- When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes
Installation:
- Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"
Logging:
- Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT
- SSL/TLS logging for FTPS connections was not working
- Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE
OpenPGP:
- Addressed potential scenario of new PGP key not displaying correct expiration date
Protocols - FTP/S:
- EFT responded to a quit command with an additional 0d 0a after version 7
- Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file
SMTP:
- Trailing spaces in SMTP host address would not resolve the address
- User Credentials email had an erroneous = at end of username
- Email notification for credentials contained an erroneous trailing =
Web Interfaces – General:
- Forgot password in WTC didn’t work if 2+ users shared an email address
Web Interfaces – Web Transfer Client (HTML5):
- WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled
- WTC was not displaying password expiration reminder on login
- While uploading a large file, occasionally received errors when trying to create folders or workspaces
- Join with Smartcard button was improperly visible when connecting to CAC enabled site
- Download button did not function the Max transfer speed option was enabled at the site level
Workspaces – Web Client
- Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal
- Resolved issue of being unable to send files from the iFrame
Workspaces – Outlook Add-In
- Outlook Add-In functionality was not working in some instances
- Private workspace owner was unable to add additional users to private workspaces
7.2.10 Release Notes
EFT Enterprise and SMB:
Additions
Workspaces:
- Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.
Enhancements:
Administrator Interface (AI):
- Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.
Fixes:
EFT Enterprise Only:
- During the upgrade from SMB to Enterprise, the EFT SMB service was not being removed
EFT SMB Only:
- Reference to Enterprise only features were available in EFT SMB reports
Administrator Interface (AI):
- Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.
Auditing and Reporting Module (ARM):
- The text "hmtest" appeared in Event Rules Detailed report after the Description:
- Admin Action report Change Originator column was being truncated
Installation:
- Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"
7.3.6 Release Notes
Additions
Administrator Interface (AI):
- New globalscape splash screen logo is displayed
- F1 help has been updated to reflect new features.
Client (Outbound):
- Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.
COM Interface:
- Added ICIServer Interface Property SMTPUseImplicitTLS
- Added ICIServer Interface Function SendTestEmail
High Availability (HA):
- Added support for Amazon AWS SNS and SQS as alternative to Multicast for HA clusters
Installation:
- Added support for Windows 2016
- Removed support for Windows 2008
Logging:
- EFT.log entry for SSL version and cipher info as part of successful socket connection for FTPS and HTTPS
- EFT.log entry on startup if FIPS is successfully initialized.
- EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.
- EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.
OpenPGP:
- Added registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms
- Added registry override (PGPCompressionMethod) to specify default compression algorithm
Protocols – HTTP/S:
- Add support for OCSP Stapling in EFT Server HTTPS Listener
SMTP:
- Added SMTP over TLS/SSL
- Added support for Gmail as an SMTP Server
- Added SMTP test function
Workspaces:
- Added ability to send (email) files out from within Workspaces
- Added pick-up (download) portal for received files.
Enhancements:
EFT Server Enterprise and Standard:
- Upgrade OpenSSL to 1.0.2k
- Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747
- Now able to add "Universal" Active Directory groups to EFT Administration
- Improved WTC CAL warnings to be consistent across EFT.log, Admin GUI, and email
EFT Server Standard only:
- Trial Extension options are still available in EFT SMB after fully registered
Administrator Interface (AI):
- Now able to resize the CTRL+F search window
- Updated Server>Security page FIPS controls
Auditing and Reporting Module (ARM):
- Exporting reports no longer re-runs the report from the source
- Event Rules table EventName now allows up to 250 characters
Authentication – Active Directory:
- Improved the speed of the CNTAuthManager::GetUser method when pulling users from AD with large amount of users (>50k).
- Improved AD group listing algorithm when pulling complex subgroup structure. Time taken to sync listing with 200 subgroups decreased from 240 seconds to 5 seconds.
Client (Outbound):
- Remove legacy behavior of caching IP address of last successfully connected host.
Event Rules:
- Greatly optimized the {FS.*} condition checking mechanism of Event Rule execution. FS condition checks now performed locally when possible instead of going out to file system.
- Remote directory browser now works when using DMZ Gateway as a proxy.
- Event Rule Import now matches Connection Profiles by NAME, not by GUID
High Availability (HA):
- Account Lockout Status now propagates to other nodes
- Admin Last Login Time for HA is now only propagated to other nodes once per day
OpenPGP:
- Modify PGP Encryption behavior to default to CAST5 encryption if registry override AutoSelectPGPCiphers is Off.
- Check passphrase was taking too long. Has been optimized
SMTP:
- Update SMTP test warning prompt to exclude '+' from an invalid character
Web Interfaces – General:
- Full, unlimited access to WTC during evaluation period
- HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.
Web Interfaces – Web Transfer Client (HTML5):
- Updated Jument webclient to version 1.3.0 build 5
Workspaces:
- Tidy up default Workspace invite and verify email messages
- Redesigned view and management of Workspaces
- Support Workspaces unlimited license
- Site> Workspaces Outlook add-in (OAI) has been changed to Workspaces - Send
Fixes
EFT Server Enterprise and Standard:
- Passwords were expiring based on the "remind x days prior to expiration" value
- Used disk space counter was not adjusting properly in some instances
- Event Rule Admin couldn’t properly remove site from Assigned to this server list
- When creating an SFTP key using the wizard - Use this key pair as the default host key - was not checked by default
- AdvancedProperty IgnoreNeverLoggedInLDAPUsers was no longer working after upgrade to 7.3.4.6
- WTC Licenses with odd numbers were not converting on CAL upgrade
- Fixed being unable to configure same name for Group and Settings template
- Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
- Fixed rare scenario where configurations carried over from legacy EFT Server versions could cause the Settings template Max connections per user and Max transfer speed that were previously disabled to become enabled and set to 0 on upgrade.
EFT Server Standard only:
- Admin user was able to do Batch account management
- Help -> About showed Acceleration License option when the Module is not available in SMB
Administrator Interface (AI):
- WTC CAL registration was not accurately reported under Help>About
- Updated the Help>About text for unlimited WTC licenses
- Help -> About cuts off licensing information
- User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.
- User Account Admin interface window did not scale with the EFT Admin console
- Event Rule Admins were denied ability to import event rules.
- FIPS compliant SSH checkbox was available (but non-functional) even after EFT trial has expired
- Updated all GUI references to FIPS Certified rather than FIPS Compliant
- On occasion, when deleting event rules from EFT the EFT GUI would crash.
- Trying to browse subfolders in Browse Remote File System dialog cause VFS to freeze.
- Fixed scenario of being unable to remove SSL certificates from SSL Certificate Manager
- Fixed erroneous message stating that SSL certificate will expire in 30 days if site SSL certificate was cleared out.
- Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.
Auditing and Reporting Module (ARM):
- Scenario where EFT may crash/hang when PCI Compliance Report was being generated
Client (Outbound):
- Numerate fails when the initial file is 0KB
COM Interface:
- ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP
- ICIConnectedUser interface member TransferredSize does not return result for SFTP
- ICIConnectedUser interface member TransferredSize does not return result for SFTP
Custom Command:
- Custom command "Redirect output to clients" doesn't work properly when triggered by FTP protocol
Event Rules:
- Folder Monitor reconnection logic does not properly update FM's enabled state
- Copy/Move action may not work correctly when custom credentials are used for Local transfers
- Mitigated rare scenario where Folder Monitor may remove all worker threads
- Fixed scenario where Folder Monitor with Trigger based on folder change notifications could be overwhelmed.
Logging:
- Fixed scenario of SMTP logger failing to record data information
Protocols - General:
- Improved scenario where clients were receiving constant timeout errors when uploading files if event rule condition checks took a long time to complete.
Web Interfaces – Web Transfer Client (HTML5):
- When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.
- WTC is not disabled after EFT trial has expired
- No feedback was given when permissions are denied to a folder
- Firefox version 50 uploads would sometimes fail
- Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions
- Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name
- Filter button was not properly highlighted
- Renaming was causing error in developer console
Workspaces:
- When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed
- Workspaces licensing was showing 0 after upgrading to 7.3.4.6
- Workspaces shared folders were disappearing after upgrade from 7.3.0.3
- Renaming Workspace as owner failed to propagate to participants
- Workspace invitee was occasionally receiving 404 error upon logging in
7.2.9 Release Notes
Additions
Administrator Interface (AI):
- New globalscape splash screen logo is displayed
Client (Outbound):
- Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.
Logging:
- EFT.log entry for SSL version and cipher info as part of socket connection for FTPS and HTTPS
- EFT.log entry on startup if FIPS is successfully initialized.
- EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.
- EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.
OpenPGP:
- Add registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms
- Add registry override (AutoSelectPGPCompression) to default compression to ZIP
Enhancements
EFT Server Enterprise and Standard:
- Upgrade OpenSSL to 1.0.2k
- Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747
- Now able to add "Universal" Active Directory groups to EFT Administration
EFT Server Standard only:
- Trial Extension options are still available in EFT SMB after fully registered
Administrator Interface (AI):
- Now able to resize the CTRL+F search window
- Updated Server>Security page FIPS controls
Auditing and Reporting Module (ARM):
- Exporting reports no longer re-runs the report from the source
Event Rules:
- Remote directory browser does not work when using DMZ Gateway as a proxy.
- Event Rule Import now matches Connection Profiles by NAME, not by GUID
OpenPGP:
- Modify PGP Encryption behavior to default to CAST5 encryption if registry override
- AutoSelectPGPCiphers is Off.
- Check passphrase was taking too long. Has been optimized
SMTP:
- Update SMTP test warning prompt to exclude '+' from an invalid character
Web Interfaces – General:
- Full, unlimited access to WTC during evaluation period
- HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.
Web Interfaces – Web Transfer Client (HTML5):
- Updated Jument webclient to version 1.2.1 build 20
Fixes
EFT Server Enterprise and Standard:
- Manual Registration for Workspaces with a seat count over 1,000 did show the correct # of licenses.
- Used disk space counter was not adjusting properly in some instances
- Event Rule Admin couldn’t properly remove site from Assigned to this server list
EFT Server Standard only:
- Admin user was able to do Batch account management (SMB)
Administrator Interface (AI):
- WTC CAL registration was not accurately reported under Help>About
- Updated the Help>About text for unlimited WTC licenses
- Help -> About cuts off licensing information
- User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.
- User Account Admin interface window did not scale with the EFT Admin console
- Event Rule Admins were denied ability to import event rules.
- FIPS compliant SSH checkbox was available even after EFT trial has expired
- Updated all GUI references to FIPS Certified rather than FIPS Compliant
- On occasion, when deleting event rules from EFT the EFT GUI will crash.
Auditing and Reporting Module (ARM):
- Scenario where EFT may crash/hang when PCI Compliance Report was being generated
Client (Outbound):
- Numerate fails when the intial file is 0KB
COM Interface:
- ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP
- ICIConnectedUser interface member TransferredSize does not return result for SFTP
- ICIConnectedUser interface member FileName does not return result for SFTP
Custom Command:
- Custom command "Redirect output to clients" doesn't work properly when triggered by FTP protocol
Event Rules:
- Folder Monitor reconnection logic does not properly update FM's enabled state
Web Interfaces – Web Transfer Client (HTML5):
- When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.
- WTC is not disabled after EFT trial has expired
- No feedback was given when permissions are denied to a folder
- Firefox version 50 uploads would sometimes fail
- Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions
- Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name
- Filter button was not properly highlighted
- Renaming was causing error in developer console
Workspaces:
- When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed
- Renaming Workspace as owner failed to propagate to participants
7.2.8 Release Notes
New Features/Enhancements
- Upgraded Web Transfer Client (HTML5) to 1.2.1
- Updated SSL certificate manager to use SHA2
- Added SFTP flow control improvements by RFC 4254
Fixes
- Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)
- Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)
- Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)
- Fixed return value of inherit state of CCIClientSettings::GetForcePasswordResetOnInitialLogin
- Fixed EX logs to properly report failed uploads for SFTP
- Fixed error code in cl*.log to show correct error code when target host is unavailable
- Fixed compatibility with Symantec DLP (EFT Enterprise only)
- Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)
- Fixed issue of removing source files after compress action when using ZCompress format
- Fixed issue with properly handling WTC licenses over 9,999 users
Changes in EFT v 7.2.6
New Features/Enhancements
- Updated OpenSSL libraries to 1.0.2j
- Update Jquery version to 1.9.1 used in Web Client
- Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder
- Added HTTP Strict Transport Security (HSTS)
- Improved handling of Advance Workflow Tasks when user calls Advance Workflow via COM (Enterprise Only)
- Improved propagation of Advance Workflow Engine tasks to other HA nodes (Enterprise Only)
- Improved retry transfer logic over high latency networks
- Removed minimification and hashing from themes.css to allow for persistent customization
- Increased timeout value based on file size to allow more time for 3-pass deletions
- Replaced left navigation tree to improve performance with thousands of folders and/or subfolders
Fixes
- Fixed issue of OpenPGP Encrypt action compressing files when compression is not selected
- Fixed DMZ crash when transferring files by FXP
- Fixed EFT upgrade issue where the event rule node references were reset back to High Availability (HA) - (Enterprise Only)
- Removed extra character return when exporting OpenPGP public key
- Fixed rare deadlock when CRC calculation is requested for missing file.
- Fixed email notification issue of truncating URLs longer than 76 characters
- Fixed password expiration options that were work incorrectly via COM
- Fixed error messaging when user without upload permissions attempts to upload via the web client
- Fixed possible race condition when client is getting disabled due to invalid login attempts limit
- Fixed folder monitor crash when transitioning back to event rule load balance master
- Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition
- Fixed ClientFTP retry logic after SSL_connect error
- Fixed issue in Chrome of not being able to download filenames with ‘,’
- Fixed issue of not being able to edit comments when rules are viewed at the event rule folder level
- Fixed detection of folders where upload is forbidden
- Fixed language on modal dialog buttons
- Fixed the move to modal to show only single folders and a breadcrumb instead of the entire tree in web client
- Fixed default sort order and natural sort order to file names
- Fixed issue of exporting PGP public keys with spaces between each line of the public key blob
Changes in EFT Enterprise v 7.3.3
New Features/Enhancements
- Added EFT Outlook Add-In and browser support for exchanging files in Workspaces
- Added controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication - (EFT Enterprise only)
- Improved 508-accessibility compliance for web clients
- Added the Advanced Authentication module for EFT Enterprise
- Added HTTP Strict Transport Security (HSTS)
- Added new preconfigured reports
- Updated Jquery version to 1.9.1
- Updated OpenSSL library to 1.0.2j
- Added auditing of the originating IP for load-balanced HTTP(S) connections as an Advanced property
- Updated PGP library
- Added new COM property that exposes "force password change upon first login" flag
- Improved propagation of Advance Workflow Engine tasks to other HA nodes - (EFT Enterprise only)
- Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder
- Improved processing to reduce wait time for event rule load balanced threads -(EFT Enterprise only)
- Improved URL encoding function in ClientFTP
- Improved handling of Advance Workflow Tasks when user calls Advance Workflow via COM - (EFT Enterprise only)
- Improved performance of Admin UI when populating "Group Membership" tab
- Improved password complexity warnings to end user
- Added additional logging when debugging
- Optimized quick search feature in environments with large amount of users
- Added additional logging for CFileSystem object
- Improved retry transfer logic over high latency networks
- Updated odb version to 2.5.0 a11
Fixes
- Fixed memory leak in FIPS SSL
- Fixed error when trying to download files containing a comma
- Fixed High CPU utilization with large volume of user connections
- Fixed issue of having to re-apply permissions when changing the case of the SAMAccountName
- Fixed Event rule settings where site paths without wildcards were using physical path vs virtual path
- Fixed event timer issue of calculating the next run time at beginning of DST hour
- Fixed alphabetically sorting of event rules within folders
- Fixed issue where admins could not change event rule comments in HA deployments - (EFT Enterprise only)
- Fixed dead lock in FTPS
- Fixed issue of not reporting correct PASV port in the ex.log
- Fixed issue where Admin GUI incorrectly restores the last selection when refreshing UI
- Fixed issue of exporting event rules with stop-action set to "Stop processing this and more rules"
- Fixed issue of switching client's two-factor authentication setting on PCI sites via GUI and COM - (EFT Enterprise only)
- Fixed EFT HA backup option to only backup the site root folders and not the user data - (EFT Enterprise only)
- Fixed issue of downloading EFTClient.txt when using HTTP protocol
- Fixed dead lock in EventRuleQueue in clustered EFT - (EFT Enterprise only)
- Fixed an EFT service Crash when stopping the service in HA environment -(EFT Enterprise only)
- Fixed issue of editing comments at the Event rule folder level
- Corrected GUI to properly show the inherited value of Account Security option as "Disable"
- Fixed email notification to not truncate passwords that use " <v"
- Fixed issue with restoring EFT Workspaces when restoring a backup
- Fixed intermittent crash of Admin GUI when creating users from an EFT Admin remote GUI
- Fixed compatibility with SFTP authentication and WingFTP 4.6.2 using Public key and Password authentication
- Fixed intermittent Admin GUI crash on close
- Fixed EFT service crash when site is deleted
- Fixed EFT service crash on startup due to mixed HA status tracking -(EFT Enterprise only)
- Fixed reset password issue for external participant in LDAP site
- Fixed Deadlock in EventRuleQueue in clustered EFT on server startup
- Removed using FTP Auto mode for client transfers through DMZ gateway as SOCK5 proxy
- Fixed issue of not showing failed event rule downloads using wildcards under the status tab of Admin UI
- Fixed "Rest offset" command in FTP sessions
- Fixed issue of Advanced Workflow Engine task builder not launching - (EFT Enterprise only)
- Fixed issue of accessing Ban IP address when large amount of IP addresses are configured
- Fixed unhandled exception when backing up HA site
- Fixed Mobile Transfer Client crash when attempting to use custom branded MTC
- Fixed crash in HTTP session manager
- Fixed deadlock in GSAWE.exe process - (EFT Enterprise only)
- Fixed DMZ crash when transferring files by FXP
- Fixed folder monitor crash when transitioning back to event rule load balance master
- Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition
- Fixed EFT upgrade issue where the event rule node references were reset back to High Availability (HA) - (EFT Enterprise only)
- Fixed ClientFTP retry logic after SSL_connect error
- Fixed dead lock during load balanced event rule startup - (EFT Enterprise only)
- Fixed account lockout status to propagate to all other nodes in HA mode - (EFT Enterprise only)
- Fixed issue of removing source files after compress action when using ZCompress format
- Fixed issue of large file uploads being reported as individual chunks.
- Fixed Admin UI crash when working with virtual folder with bad alias name
- Fixed issue where changes applied by user level admins did not save after server restart
- Fixed change password issue through web client for ODBC sites
- Fixed error messaging when user without upload permissions attempts to upload via the web client
- Fixed reporting of large file uploads to display only one file entry versus individual chunks
- Fixed issue of exporting PGP public keys with spaces between each line of the public key blob
Changes in EFT SMB v 7.3.3
New Features/Enhancements
- Added EFT Outlook Add-In and browser support for exchanging files in Workspaces
- Improved 508-accessibility compliance for web clients
- Added the Advanced Authentication module for EFT Enterprise
- Added HTTP Strict Transport Security (HSTS)
- Added new preconfigured reports
- Updated Jquery version to 1.9.1
- Updated OpenSSL library to 1.0.2j
- Added auditing of the originating IP for load-balanced HTTP(S) connections as an Advanced property
- Updated PGP library
- Added new COM property that exposes "force password change upon first login" flag
- Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder
- Improved URL encoding function in ClientFTP
- Improved performance of Admin UI when populating "Group Membership" tab
- Improved password complexity warnings to end user
- Added additional logging when debugging
- Optimized quick search feature in environments with large amount of users
- Added additional logging for CFileSystem object
- Improved retry transfer logic over high latency networks
- Updated odb version to 2.5.0 a11
Fixes
- Fixed memory leak in FIPS SSL
- Fixed error when trying to download files containing a comma
- Fixed High CPU utilization with large volume of user connections
- Fixed issue of having to re-apply permissions when changing the case of the SAMAccountName
- Fixed Event rule settings where site paths without wildcards were using physical path vs virtual path
- Fixed event timer issue of calculating the next run time at beginning of DST hour
- Fixed alphabetically sorting of event rules within folders
- Fixed dead lock in FTPS
- Fixed issue of not reporting correct PASV port in the ex.log
- Fixed issue where Admin GUI incorrectly restores the last selection when refreshing UI
- Fixed issue of exporting event rules with stop-action set to "Stop processing this and more rules"
- Fixed issue of downloading EFTClient.txt when using HTTP protocol
- Fixed issue of editing comments at the Event rule folder level
- Corrected GUI to properly show the inherited value of Account Security option as "Disable"
- Fixed email notification to not truncate passwords that use " <v"
- Fixed issue with restoring EFT Workspaces when restoring a backup
- Fixed intermittent crash of Admin GUI when creating users from an EFT Admin remote GUI
- Fixed compatibility with SFTP authentication and WingFTP 4.6.2 using Public key and Password authentication
- Fixed intermittent Admin GUI crash on close
- Fixed EFT service crash when site is deleted
- Fixed reset password issue for external participant in LDAP site
- Fixed Deadlock in EventRuleQueue in clustered EFT on server startup
- Removed using FTP Auto mode for client transfers through DMZ gateway as SOCK5 proxy
- Fixed issue of not showing failed event rule downloads using wildcards under the status tab of Admin UI
- Fixed "Rest offset" command in FTP sessions
- Fixed issue of accessing Ban IP address when large amount of IP addresses are configured
- Fixed unhandled exception when backing up HA site
- Fixed Mobile Transfer Client crash when attempting to use custom branded MTC
- Fixed crash in HTTP session manager
- Fixed DMZ crash when transferring files by FXP
- Fixed folder monitor crash when transitioning back to event rule load balance master
- Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition
- Fixed ClientFTP retry logic after SSL_connect error
- Fixed issue of removing source files after compress action when using ZCompress format
- Fixed issue of large file uploads being reported as individual chunks.
- Fixed Admin UI crash when working with virtual folder with bad alias name
- Fixed issue where changes applied by user level admins did not save after server restart
- Fixed change password issue through web client for ODBC sites
- Fixed error messaging when user without upload permissions attempts to upload via the web client
- Fixed reporting of large file uploads to display only one file entry versus individual chunks
- Fixed issue of exporting PGP public keys with spaces between each line of the public key blob
Additions:
Auditing and Reporting Module (ARM):
- Audit originating IP for load-balanced HTTP(S) connections
OpenPGP:
- Added configurable AdvancedProperties (“AutoSelecPGPCiphers”, “AutoSelectPGPMAC”), default to TRUE.
Enhancements:
EFT Server Enterprise and Standard:
- Additional logging added for CServer::Serialize method
High Availability (HA):
- Dramatically reduced the amount of Event Driven Changes that must be versioned and propagated when we handle ClientLoggedIn and ClienLogged events (Date granularity rather than time).
OpenPGP:
- improves interoperability issue with BouncyCastle
Protocols - General:
- Update SSL lib to 1.0.2h
Workspaces
- External participants in LDAP site Workspace are now able to reset password
Fixes:
EFT Server Enterprise and Standard:
- PASV Port utilized being logged incorrectly in ex.log
- EFT does not properly log the last invalid login before auto ban via SFTP
- Crash when deleting a Folder Monitor rule while event rule is being executed
- Crash in the CommandAccess internals when saving command execution results to log file
- EFT.log is flooded with an error when an FM folder is not accessible
- Crash in HTTP session manager
Administrator Interface (AI):
- Admin GUI hangs when attempting to stop an event rule transfer
- Inherited value of Account Security setting is not properly displayed in the ST/user level
- Remote user admins are running into runtime errors frequently
- The EFT Admin interface keeps crashing under specific scenarios. Improved resilience.
- If display text size is set to 125% or 150%, some options such as "next" and "finish" are pushed off and no longer visible. There appears to be scaling issue with larger text size enabled.
- Cannot access the IP Ban list via remote admin, system locks out and says "Ban IP list not available"
- Failed Event Rule downloads using Wildcard do not appear in status tab
- Event rules are not alphabetically sorted in the event rule folder
Advanced Workflow Engine (AWE):
- Unable to open AWE task builder if file "EFT" exists in path of installation
- GSAWE.exe process has a deadlock
Authentication - General:
- AD/LDAP: Incorrect login names lock EFT up for a long time.
- Unable to switch client's two-factor auth setting on PCI site
Authentication – Active Directory:
- Complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process was causing a hang when done incorrectly.
Client (Outbound):
- Disallow using FTP Auto mode for client transfers through DMZ Gateway as SOCKS proxy
- SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth
- "Rename transferred file to"-function is not working when destination file size/crc is equal to the original value
- EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols.
COM Interface:
- Unable to switch client's two-factor auth setting on PCI site via COM script
Connection Profiles:
- The Test Button on the Connection Profiles does not connect when using DMZ as Proxy
Event Rules:
- Unable to export event rules with stop-action set to "Stop processing this and more rules"
- Cannot edit comments when event rules viewed through event rule folder
- Event timer calculate wrong next run time at begin DST hour
- EFT may crash when FM rule sweeps a folder and admin edits that rule.
High Availability (HA):
- Event Rule Load Balancer threads are blocking for extended periods of time.
- High CPU usage with a lot of user connections
- Deadlock occurrence during load balanced event rule startup.
- Deadlock in EventRuleQueue in clustered EFT
- When making changes to event rule comments via AI, the service hangs and the nodes get out of sync
- Crash when stopping site on 1 node and trying to log into admin GUI
- Crash on startup due to mixed HA status tracking
- Event rules are being load balanced when they shouldn’t be
- Unhandled exception while performing back up
MTC:
- MTC crashes the EFT Service when attempting to use a custom branding
OpenPGP:
- If the PGP key name is more than ~30 characters it is cut off in the OpenPGP action dialog.
- The “Enable Compression” button was non-functional and would always auto-select compression setting from the public key.
Protocols - General:
- SSL FIPS subsystem breaks down disabling users from establishing SSL connections (HTTPS and FTPS)
Protocols – HTTP/S:
- Unable to download EFTClient.txt when using HTTP protocol
SMTP:
- Specific characters are truncating EFT emails
Web Interfaces – General:
- The ChangePassword.htm file is always being served up from the web/public folder instead of the web/custom/<sitename> folder
Additions:
Enterprise only:
- Added FAST protocol to copy/move/download event rule actions for accelerating transfers over high-latency connections between EFT servers.
- Added scClient for accelerating client-to-server transfers over high-latency connections.
Enhancements:
Authentication - LDAP:
- Provided mechanism for external Workspace participants in LDAP site to reset password.
OpenPGP:
- Upgraded PGP library.
Protocols - FTP/S:
- Set default FTP "ReplaceBackslash" advanced property to true.
Fixes:
EFT Server Enterprise and Standard:
- Fixed issue where incorrect login names cause EFT to hang.
- Fixed a potential EFT Service crash.
- Corrected "Enterprise-only" Help references to Folder Monitor, Timer Event, and File Transfer Client.
Administrator Interface (AI):
- Fixed display issues for proxy settings on Windows Server 2008 R2.
- Fixed display issues for PGP key names greater than ~30 characters in the OpenPGP action dialog.
- Relaxed field validation on proxy settings that aren't in use.
Authentication - General:
- Fixed inability to switch client's two-factor auth setting on PCI site.
- Fixed inability to switch client's two-factor auth setting on PCI site via COM script.
Authentication – Active Directory:
- AD Auth, complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process is causing a hang when done incorrectly.
Event Rules:
- Fixed event rule prioritization.
- Fixed logic flow issues for File offload/download rules using Socks.
- Fixed a potential crash associated with FM rule sweeping a folder while admin is editing the same rule.
- Fixed a potential crash that occurs when deleting an FM rule while it's executing.
High Availability (HA):
- Fixed a deadlock in EventRuleQueue EFT HA.
- Corrected erroneous event rule load balancing.
- Fixed a potential HA node crash related to conflicting node statuses.
- Fixed a potential EFT service crash for HA environments.
Enhancements:
EFT Enterprise and SMB:
- Improved performance with extremely large password dictionaries
Authentication - General:
- Added support for RSA authenticated sites to also request user passwords in a two-step authentication model, enabled via registry
COM API:
- EFT COM Admin interface now supports connections from 64-bit processes
Event Rules:
- Added context variables TRANSFER.RATE_KBPS, TRANSFER.BYTES, and TRANSFER.SECONDS to event rule actions
- Enabled scrolling to view full event rule descriptions
High Availability (HA):
- Improved performance of HA mode under high volume of login operations
Protocols - General:
- Updated SSL libraries to latest stable release
Protocols - SFTP:
- Updated SSH HMACs to include SHA-256 and SHA-512
Web Interfaces – Web Transfer Client (HTML5):
- Improved performance of rendering contents of a folder that contains a large number (>500) subfolders.
- Improved performance of searching within a folder that contains a large number (>500) subfolders.
- Added per-user, per-file metadata operations to Workspaces
- Added expiration to Workspaces
Workspaces:
- Added administrative option to enable Workspace expiration
- Added ability for Workspace creators to set an expiration date on WorkspacesAdded "On Workspace Expired" event
- Added detailed auditing of file and folder operations within Workspaces
- Added per-user, per-file metadata operations to Workspaces
- Allow LDAP and AD Workspace creators to invite external guests
- Added ability through Event Rules to notify Workspace owner when a file is uploaded
- Improved auditing and reporting of Workspaces activities
- Added Workspace notification email (templated) when adding participant via Admin console
- Added context variable (and condition variable) WORKSPACE.OWNER_EMAIL to WS-related and FS-related events
Fixes:
EFT Enterprise and SMB:
- Fixed a problem where permissions for a user were lost when changing the case of the SAMAccountName and had to be re-added
- Fixed a problem where admin permissions were mistakenly removed
- Fixed broken inheritance of permission groups for first logged in clients
EFT Server Enterprise only:
- Fixed a problem where errors were generated during backup because deleted certificate files were being searched for
EFT Server Standard only:
- Connection Profiles are now greyed out in SMB version
Administrator Interface (AI):
- Fixed admin console crash occurring when refreshing the VFS tab
- Fixed a problem where the admin console crashes upon site creation when the default template home folder setting is discarded
- Fixed a problem where the home folder is incorrectly set to the previously used entry during user creation
- Fixed an issue where right-clicking user\show VFS is not functioning properly in some environments
- Added handling for an OnTimer exception which caused the admin console to disconnect from EFT Server
- Fixed a problem where a user could not be deleted from a site if the server is not located in the first server group
- Fixed an issue where, during manual module registration, the wizard becomes unresponsive
Advanced Workflow Engine (AWE):
- Fixed broken AWE task search functionality
Auditing and Reporting Module (ARM):
- Fixed a problem where the ARM connection test generated an error in the Windows Event Log
COM Interface:
- Fixed a bug where the COM method ICEventRule.SetHASchedulingParams seems to work for any event rule type and non-HA EFT installations
- Fixed a problem where the ICIAutobanIPAccessRule.BannedIPs COM property shows as empty when the admin console shows addresses on the IP ban list.
Event Rules:
- Changed the event rule folder naming convention to follow that of event rules
- Event rules are now alphabetically sorted in event rule folders
- Fixed a bug where the apply option was not enabled at the event rule folder level when event rules were either enabled or disabled
- Fixed an issue where timer rules skipped their scheduled execution time due to delays caused by the retry logic of ClientFTP
- Corrected the display of comments for imported event rules
High Availability (HA):
- HA secondary nodes now verify that the ftp.cfg file can be found during install
- Fixed a case where the backup list got an invalid value.
- Disabled option to use local system accounts when in HA mode
- No longer backing up all user data from site root for HA installations
OpenPGP:
- Scheduled PGP decrypt/encrypt event rule settings must now be supplied with the full file path instead of just the virtual path
- Fixed a problem where PGP private key passphrases were appearing in plain text in EFT.log
Protocols - General:
- Fixed a problem where a site's max concurrent socket connections policy could be broken in high concurrency situations
- Corrected an issue where SSL options were not being updated
- SSL sessions are now being reused
Protocols - FTP/S:
- Fixed the OPTS MLST feature
- Fix a problem where EFT was not returning any type of error When issuing an "ls" command on a non-existent directory
Protocols – HTTP/S:
- Made return codes for maximum Windows file path exceeded errors consistent in HTTP responses
- HTTPS offload transfers always failed when connection timeout set to 0
Protocols - SFTP:
- Now greying out HTTP proxy setting when selecting SFTP protocol in the offload configuration wizard (event rule) since SFTP is only supported through Socks 5 proxies
- Fixed a problem where generated SSL key files cannot be assigned as SFTP keys
- Unified failure messages returned on failed SFTP authentication attempts to avoid user account enumeration
- Disabled default use of diffie-hellman-group1-sha1 key exchange, now enabled only via registry
Web Interfaces – Web Transfer Client (HTML5):
- Fixed the file upload button on the tool bar
- Fixed the folder upload button when running in Chrome
- Fixed the filter button on the tool bar
- Fixed an issue with the refresh button
Workspaces:
- Workspaces REST API now properly supports 100-Continue header, per HTTP 1.1 specification.
- Resend Workspace invitation will now work as expected
EFT Server Enterprise and Standard
- Fixed potential crash upon admin connection related to empty permission list in root site folder
- Fixed logging inconsistencies between EFT 6.5 and EFT 7
- Fixed broken inheritance from Settings Template to User-level “Force users to change their first-time password…” setting
- Added Advanced Property to ignore virtual folders during quota calculation
- Fixed service crash due to internal race condition
Advanced Workflow Engine (AWE)
- Fixed enforcement of running task limit
Auditing and Reporting Module (ARM)
- Fixed key length problem in Oracle database implementation
Authentication - ODBC
- Removed capability of creating users with trailing spaces following their username
- Fixed bug in ODBC that disallowed moving users between Settings Templates
Event Rules
- Remediated potential service crash due to corrupted buffers in Folder Monitor
- Remediated potential service crash during Event Rule removal
High Availability (HA)
- Improved CPU usage
OpenPGP
- Restored reference reference to original filename in literal data packet
Protocols - FTP/S
- Corrected connectivity issue related to port used for data connection in PORT mode
- Fixed EPSV command problems over DMZ Gateway
- Restored support for commands preceded by double slash
- Fixed occasional data socket failures in PASV mode
Protocols - SFTP
- Fixed inconsistent file sizes in the EX logs when downloading files
- Restored 0 byte upload logging
- Fixed bug where local server time was being used instead of UTC
Web Interfaces – General
- Fixed potential crash during CSRF token evaluation
- Fixed server crash related to Opera and other browsers connecting
Web Interfaces – Web Transfer Client (HTML5)
- Fixed UTF8 encoding of filename in uploads from IE11
- Fixed browser sticking during upload verification on moved file
- Fixed broken page displayed when password expiration was enabled
- Improved skip / overwrite prompt
- Fixed redirect for 404 on Workspace invitations when initial password reset option is ON
Web Interfaces – Plain Text Client (PTC)
- Fixed forwarding when WTC is disabled for a particular user
EFT Server Enterprise and Standard
- Upgraded OpenSSL to mitigate vulnerability CVE-2015-1793: https://www.openssl.org/news/vulnerabilities.html#2015-1793
Enhancements
High Availability (HA)
- Improved resilience to loss of HA Mastership
- Improved recovery from scenario where no node is master
OpenPGP
- Updated OpenPGP to latest /n software libraries
Fixes
Event Rules
- Decrypting PGP files with folder monitoring created 0kb files if the PGP file was encrypted with a different key
High Availability (HA)
- Corrected potential deadlock in clustered environment.
OpenPGP
- Fixed bug where PGP encryption algorithm was set to AES128 regardless of the public key cipher used.
- Fixed a scenario where Ipswitch WS_FTP Professional 12.4.1 failed to decrypt files encrypted by EFT Server 7.0.x with compression enabled.
- Alleviated potential for PGP keyring files to become empty after upgrading to EFT 7.x from EFT 6.4.x/6.5.x
Protocols – General
- Fixed an issue where SSL Compatibility Allowed Versions would be changed during SMB to Enterprise upgrades.
Protocols – HTTP/S
- Corrected EFT service crash scenario when specific HTTP/S client connected.
Protocols - SFTP
- Eliminated memory leak scenario in SFTP.
Enhancements
EFT Server Enterprise and Standard
- Improved performance of VFS management
Administrator Interface (AI)
- Improved search function in Admin UI
Auditing and Reporting Module (ARM)
- Mitigated hang in Status Viewer when connected to ARM database
Authentication - ODBC
- Improved performance for ODBC synchronization
Event Rules
- Improved Move/Copy action error code accuracy
- High Availability (HA):
- Reduce CPU utilization with large volume of user connections on HA EFT cluster
- Improved startup synchronization for clusters under high load
Protocols - SFTP
- Added registry value for "SFTPProcessThreadStackSize" and changed default stack size to 512Kb
Workspaces
- Improved CPU utilization during CreateWorkspace request
Fixes
EFT Server Enterprise and Standard
- Fixed server hang at startup requiring service restart to connect to Admin UI
- Fixed manual registration
Auditing and Reporting Module (ARM)
- Revoked site admin permission to retrieve ARM password via COM
Authentication – Active Directory
- Fixed issues during account creation on AD sites set to use User Principal Name
Authentication - LDAP
- Automatically create home folder for new users even when LDAP hasn't been synced
Client (Outbound)
- Fixed date parsing in ClientFTP LIST command for AS/400-like servers
- Corrected ClientFTP port selection in active mode
- Addressed client connection failures
COM Interface
- Fixed CISite.IsFolderVirtual behavior after call to CISite.GetFolderList
Event Rules
- Addressed Folder Monitor double executions
High Availability (HA)
- Expand support SHA-512 hashed passwords to HA mode
High Security Module (HSM)
- Added a boolean AdvancedProperty to bypass EFS Checks when running PCI DSS report
Protocols - General
- Fixed registry override to replace a folder/file with the same name
- Stop caching IP address of last successfully connected host
Protocols - FTP/S
- Added support for SHA-512 passwords over FTP
High Security Module (HSM)
- Updated PCI report for PCI DSS by adding SSLv3 protocol checking to section 4.1 that will prompt a warning
Protocols - FTP/S
- Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities
- Set SSLv3 to off by default for new installations in response to POODLE vulnerability
Protocols – HTTP/S
- Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities
- Set SSLv3 to off by default for new installations in response to POODLE vulnerability
EFT Platform (Standard and Enterprise)
- Added HTTP CRC calculation logging
General
- Improved performance of RESTORE operation
- Improved Backup Configuration performance and stability
Web Interfaces - Web Transfer Client (WTC – HTML5 Advanced)
- Upgraded Jument to 1.0.1 build 3
- New text for login error on Web interface
Fixes
General
- Fixed a bug where EFT would send AD Password Expiration notifications when corresponding feature should be disabled by default
- Fixed a problem where EFT logged sensitive information to EFT.log in specific cases
- Fixed a memory leak related to FIPS SSL
Auditing and Reporting Module (ARM)
- Fixed a bug where ARM failed to audit the parameters of some event actions
- Addressed a scenario that caused a failure to upgrade Oracle database
Authentication
- Fixed a bug related to new user creation, where the home folder for the user was automatically assigned to be / even when "Automatically create a home folder for new users" was not selected.
- Addressed a scenario where EFT may crash in high load when ODBC authentication is used.
- COM Interface:
- Refined usability of event rule function: rule.GetHASchedulingParams()
DMZ Gateway
- Addressed EFT hang during DMZ use.
Event Rules
- Addressed issue where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message.
High Availability (HA)
- Fixed issue where testing an AS2 connection via a proxy when a DMZ server is offline would cause the GUI to timeout.
- Refined behavior of Restore from Backup button in the new site wizard to operate intuitively.
- Corrected issue where EFT incorrectly balanced FM events with long file names
- Addressed crash in HA when deleting HA timer rule
Installation
- Addressed scenarios where EFT 7.0 may fail to upgrade from 6.5 when a client had incorrect home folder
Protocols - FTP/S
- Fixed EFT service memory leak and crash while using literal site command to call custom command via FTP protocol
- Fixed EFT service crash when using literal X-CRC command
Protocols - SFTP
- Fixed bug where SFTP created incorrect folder listing which may cause problems for some SFTP clients.
Web Interfaces - General
- Fixed bug where Web Services was not accessible via web browser. 404 returned.
- Corrected HTTP redirection to built-in pages (login, change password, etc.).
- Refined per-Site customization of Web interfaces to work as expected
- Added High Availability (HA) mode of operation for active-active failover and load balancing without requiring Windows Clustering Services nor Veritas Clustering
- Added new HTML5 based Web Transfer Client to provide similar functionality to Java applet with fewer deployment problems
- Updated OpenSSL library to version 0.9.8za
- Updated OpenPGP library
- Enable Large Address Aware feature so that EFT Service process can access up to 4GB memory
- Updated password hashing mechanism to use salted, iterated PBKDF generation to improve security
- Updated PCI/DSS module to audit compliance with PCI DSS v3
- Improved skipped file handling during Event Rule Offload action
- Improved CRC checksum calculations efficiency for files on high latency links to network share
- Increased default ARM queue size to 1000
- Added self-healing ARM connections
Event Rules
- Added support for load balancing Folder Monitor and Timer event rules in HA mode
- Improved handling of asynchronous Custom Command and AWE Task execution for deterministic, reliable behavior under load
- Fixed scenario where a Folder Monitor rule set to trigger with both ‘Folder Change Notification’ and 'Folder Sweep' turned on may stop processing new files.
Auditing and Reporting
- Added end time to ARM database to record when an event action stopped in addition to its start time, which had already been recorded
- Updated GUID generation to use sequential GUIDs to reduce index page fragmentation
- Added High Availability reports to group output by cluster node performing the activity
COM Interface
- Added support for High Availability configuration
Installer
- Support HA installation mode, including enabling required Windows features to support message queuing
- Provided command line installation options for serial number (activation) entry
- Provided command line installation options for HA configuration
- Added support for Mobile Transfer Client (MTC) access
- Added support for defining MTC security policies
- Added support for using SSL certificates for outbound AS2 transfers for cert-based auth
- Enhanced send login credentials email to use templating engine for dynamically building content
Private patch 6.5.15
- Fixed bug where permission groups assigned to the last created user were also assigned to the next created user
Private patch 6.5.14
- Fixed a failure to comply with RFC 2616 - message body was being returned for HEAD requests
- Fixed a bug where AWE workflows would come up blank if the Site is stopped at server startup
Private patch 6.5.13
- Fixed memory leaks in LDAP authentication manager and SSL communications
Private patch 6.5.12
- Fixed a socket leak when using DMZ Gateway as an outbound proxy
- Fixed crash or hang that would occur on transferring 9GB+ files over AS2
- Fixed Java security warning popups that would occur when using WTC and SAT modules
Private patch 6.5.11
- Added registry key override to set default upload/download skip behavior
- Fixed crash that would occur if an “open file” call was ignored by the target file storage device
Private patch 6.5.10
- Fixed problem where some VFS folders were hidden from the administrator interface on upgrade
Private patch 6.5.9
- Fixed a Site startup failure on upgrade from EFT 6.4 if the legacy private key had a null passphrase
- Fixed upgrade from 6.4 issue where accounts were disabled in error
Private patch 6.5.8
- Fixed AS2 file size limitation bug where file size was correlated with available memory
Private patch 6.5.7
- Fixed bug that blocked admins from assigning more than one email to new user accounts
- Fixed bug that disallowed account modification after upgrading from 6.4 under certain conditions
- Fixed event rule error when %email_address% contained multiple emails
- Fixed bug where password expiration message wouldn’t work if multiple emails were specified
Private patch 6.5.6
- Fixed COM bug with RemoveUserFromPermissionGroup
- Fixed COM bug with GetPermissionGroupsOfUser()
- Fixed an issue where IE8 and earlier browsers would not allow the Plain Text Client (PTC) to download files because of the caching directives used with the cache control header.
Private patch 6.5.4
- Fixed a server crash due to improper handling of binary MDN signatures when logging AS2 transfers.
- Fixed an issue where the wrong port was used for inbound AS2 transactions when the client requested an Asynchronous MDN using a different port than that specified by the AS2 partner.
- Fixed a memory leak caused by not releasing security token handles before acquiring new handle for authenticated client local transfers.
- Fixed an issue where because of changes in Java 7u21 when loading the WTC or SAT Java displayed a "potentially unsafe components" warning dialog prompt.
Private patch 6.5.3
- Fixed an issue introduced in version 6.5 that caused the COM method GetVirtualFolderList to return an empty list.
- Fixed an issue introduced in version 6.5 where the EFT Server service could stop if the COM method GetPermPathsList was called.
- Fixed an issue introduced in version 6.5.1 where if the CISite.GetBlankPermission COM method is called with a group instead of a user an error was returned stating an invalid user was passed in.
Private patch 6.5.2
- Security: fixed an issue where the Virtual File System (VFS) group permissions were not properly applied. Depending on configuration this could result in user's being able to see folder's to which they did not have permission. Note that said user would still be prevented actual access to the folder.
- Security: fixed an issue where folder permissions were improperly applied to subfolders.
- Fixed an issue introduced in version 6.4.14 that caused uploads of files over 2GB in size using the Web Transfer Client to appear to fail with an erroneous status.
- Fixed an issue that prevented the Folder Monitor rules that used the "renamed" trigger from functioning.
Private patch 6.5.1
- Added the ability to override the default internal HTTP read buffer size to improve HTTP/S upload performance in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server.
- Added the ability to override the default reserved memory stack size for HTTP processing threads. This is an experimental feature that is intended for use in combination with increasing the HTTP read buffer size. This functionality provided greater control over memory consumption within the HTTP engine.
- Fixed a performance issue where the Web Transfer Client Java Applet was using a 4K buffer when sending over HTTPS. A 16K buffer is now used to take full advantage of the SSL protocol record size.
- Fixed a performance issue that could result in slow user provisioning via the COM interface in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server. Specifically, these changes improve the performance of the ICISite GetBlankPermission and SetPermission COM methods.
- Fixed an issue introduced in version 6.4.15 that prevented uploading of files whose file size is in excess of 4GB when using the Web Transfer Client.
- Fixed an issue in the Secure Ad hoc Transfer (SAT) Module where recipients specified in the CC and/or BCC fields would receive (1) The Password notification email when the email behavior was configured as "UsernameToRecipientAndPasswordToSender" (2) The Username and Password emails when the email behavior was configured as "UsernameAndPasswordInSeperateEmailsToSender".
- Fixed an issue where the application would incorrectly provision a new user account if a forward-slash was included in the username within the login process.
- Fixed an issue within the Event Rule functionality that prevented the Overwrite option from functioning for the "Download (pull) file from host" and "Copy/Move (push) file to host" Actions.
- Fixed an issue that prevented proper expansion of VFS folders within the Administration Interface when working with a large number of folders.
- Fixed an issue where outbound connections through a Gateway/SOCKS proxy were not using the preferred local IP setting from the Advanced settings tab.
- Fixed an issue where because of changes in Java 7u21 when loading the WTC or SAT Java displayed a prompt warning of "potentially unsafe components."
Private patch 6.4.18
- Fixed an issue introduced in version 6.4.14 that caused uploads of files over 2GB in size using the Web Transfer Client to appear to fail with an erroneous status.
Private patch 6.4.17
- Fixed an issue introduced in version 6.4.15 that prevented uploading of files whose file size is in excess of 4GB when using the Web Transfer Client.
Private patch 6.4.16
- Added the ability to override the default reserved memory stack size for HTTP processing threads. This is an experimental feature that is intended for use in combination with increasing the HTTP read buffer size. This functionality provided greater control over memory consumption within the HTTP engine.
- Fixed a performance issue that could result in slow user provisioning via the COM interface in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server. Specifically, these changes improve the performance of the ICISite GetBlankPermission and SetPermission COM methods.
Private patch 6.4.15
- Added the ability to override the default internal HTTP read buffer size to improve HTTP/S upload performance in environments where there is a significant delay in processing I/O requests between the EFT Server and the associated file store. Examples may include environments with poor disk performance or environments where high latency exists between the EFT Server machine and an SMB/CIFS server.
Private patch 6.4.14
- Fixed a performance issue where the Web Transfer Client Java Applet was using a 4K buffer when sending over HTTPS. A 16K buffer is now used to take full advantage of the SSL protocol record size.
Private patch 6.4.13
- Added support for 128 and 256 bit AES CTR mode to the SFTP protocol
Private patch 6.4.12
- Fixed DMZ Gateway to use port 20 instead of port 65300 for outgoing PORT mode FTP traffic
- Fixed Event Rule MOVE Action to delete source file on resumed transfer
Private patch 6.4.11
- Fixed UserDatabaseSynchronizationMode registry key to properly ignore user deletions during synchronization when in LoggingModeOnly
EFT Server (standard) and Enterprise
- Fixed minor formatting issue in generation of JSON, which is used internally between EFT Server and WTC
- Fixed memory and handle leak in Event Rule client SFTP
- Security: Fixed a minor security issue that allowed user accounts with force password change specified to perform some actions such as file upload without first changing their password. This issue applies only to non-browser clients connecting over HTTP/HTTPS.
AS Module
- Fixed AS2 outbound asynchronous MDN receipt URL, which did not contain the proper domain
Secure Ad Hoc Transfer (SAT) module
- Security: Fixed thread safety issue in SAT that caused incorrect home folders in EFT Server accounts
EFT Server Enterprise only
- Fixed performance issues when synchronizing users or applying changes to group permissions when operating against an LDAP source with a large (>80k) number of users
EFT Server (standard) and Enterprise
- Security: Fixed a medium-high security vulnerability that allowed users to access the Virtual File System with elevated privileges. This only applied to Active Directory authenticated users after being forced to reset their password via the Web Transfer Client or Plain Text Client. (Note that the ability for Active Directory authenticated users to reset their passwords is off by default and can only be enabled via a registry setting).
- Security: Fixed a medium level security vulnerability consisting of a memory leak caused by SSL negotiation under certain conditions (affected versions: 6.4.3 - 6.4.5(private))
- Added a "User Account Enabled" event trigger
- Added a "User Account Deleted" event trigger
- Fixed an issue where "User Account Disabled" event trigger was not firing for all cases
- Fixed issue where some user-related event conditions and event properties were not included for use with the "New User Created" event trigger
- Fixed capitalization of the names of the "User Logged In" and "User Logged Out" event triggers
- Fixed an issue where the internal IP address of the remote server was being used for outbound FTP/S PASV connections rather than the external IP address
- Changed "New User Created" event trigger label to "User Account Created" for consistency
EFT Server Enterprise only
- Added support for Common Access Card (CAC) authentication
- Fixed a slow memory leak that occurred when using LDAP authentication
Help and Documentation
- Fixed an issue where the application help incorrectly displayed additional scroll bars
- Fixed an inconsistency in the documentation concerning behavior of the "Require Active Directory domain trust relationship" Folder Monitor configuration item for upgrades
Auditing and Reporting Module (ARM)
- Fixed a misspelling in the Oracle schema scripts that caused failures when auditing PCI DSS violations
Web Interfaces
- Fixed an issue that caused misalignment of icons in the Plain Text Client and Web Transfer Client interfaces when using Mozilla Firefox version 10 or later
- Fixed an issue in the Web Transfer Client interface that prevented the browser from refreshing when clicking "OK" on the session expiration dialog
- Fixed an issue that prevented proper operation of the Web Transfer Client interface for Sites using non-standard HTTP or HTTPS ports
- Fixed an issue where the Web Transfer Client interface would display the help for an earlier version of the product
- Fixed an issue where the Web Transfer Client interface would display an invalid status for timeouts during file downloads
- Updated the user experience for Web Transfer Client interface Java Applet load failures
- Fixed an issue that prevented download of files from the Plain Text Client interface when using Google Chrome version 16.0.912.63 or later
- Fixed an issue that prevented the proper launch of the Legacy Transfer Client interface
- Fixed an issue that prevented the use of the change password feature in the Legacy Transfer Client interface
- Fixed an issue that prevented the use of the file/folder rename feature in the Legacy Transfer Client interface
- Fixed an issue where the Legacy Transfer Client interface would display the Plain Text Client interface after a file upload
- Updated the Legacy Transfer Client interface to display the login page on log out rather than offer to close the browser
EFT Server (standard) and Enterprise
- Added a registry key (ReportsConnectionString) to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting.
- Removed unused, default security credentials from default report definition XML files
- Fixed an issue that caused IP addresses in the FTP/S configuration and PASV settings for the DMZ Gateway configuration to be reversed when upgrading from releases earlier than 6.4.
- Fixed an issue that prevented the proper operation of the LS command when used with a mask over the FTP and FTPS protocols
EFT Server Enterprise only
- Fixed offload COPY of a non-existent file to default to ERROR instead of SUCCESS. Added a toggle to Offload Wizard to allow the selection of ERROR or SUCCESS.
- Fixed event rule Copy/Move to support Danish high characters: "æøå"
- Fixed event rule Copy/Move to not inherit credentials from a previous Copy/Move Action
- Fixed issue locating user in LDAP during Change Password
- Fixed event rule variables (%FS.FILE_NAME%) to contain the correct filename after a MOVE Action
- Fixed issue that could cause duplicate execution of Timer rule under certain circumstances
EFT Server (standard) and Enterprise
- Added a registry key (ReportsConnectionString) to allow specification of an alternate database connection string for use by the reporting functionality. This allows for the use of a reduced privilege account for reporting.
- Fixed crash when MLSD performed in a folder containing a VFS alias > 14 characters in length
- Fixed issue which resulted in a locked file when an SFTP upload was abruptly terminated
Web Transfer Client (WTC)
- Fixed HTTP to properly redirect to a specified folder after entering credentials on login page
COM API
- Added COM method to get/set Folder Monitor Event Rule alternate credentials
- Added COM method to get/set Site's SFTP protocol state
- Added COM method to get/set Site's default PGP key
- Added COM method to get/set Offload/Download Action's "Rename After Transfer"
- Added COM method to get/set Site->Security->Invalid logins "Count incorrect username" settings
- Fixed a memory leak in COM CServer::Close and CSite::Close
- Fixed COM Allow FXP, Allow COMB, and Allow XCRC getters and setters when using inheritance
- Fixed COM FTP "Allow ZLIB compression" toggle
- Fixed COM setting of Upload/Download proxy type
OpenPGP Module
- Added registry key to control timeout for long running PGP operations
AS Module
- Fixed inbound AS2 transfers from being redirected to login page when the HTTP User Agent appears to be a browser
Secure Ad Hoc Transfer (SAT) module
- Fixed SAT to properly populate the FROM email address in multi-domain environments
EFT Server Enterprise only
- Fixed security vulnerability related to EFT Server's LDAP authentication provider. Refer to the security bulletin emailed to all EFT Server Enterprise customers for more information
- Added post-transfer RENAME to event rule Offload for ftp/ftps
- Added multi-threaded (simultaneously transfer multiple files) transfers to event rule offloads
- Added ability to rename a downloaded file upon completion when the target destination for the file is a local/LAN folder
- Added registry value to enable event rule client to send "CWD folder" instead of "CWD /folder"
- Fixed credential handling when using Offload action to move a file to a remote folder/share
- Fixed long delay when Event Rule client was transferring files to a remote folder that contains a large number of files (>150,000)
- Fixed delays creating log files when Event Rule client was transferring a large number of files (>30,000 files)
- Fixed an inconsistency in the result code when downloading a mask of files from a subfolder that did not contain any matching files
- Fixed protocol and port values in client logs for LAN transfers
- Fixed Event Rule client so in the Advanced options extensions list will now match a file even if that file doesn't have an extension
- Fixed a crash that occurred for a specific type of LDAP query error
- Added %SOURCE.FILE_NAME% and %SOURCE.BASE_FILE_NAME% variables to the Offload Wizard to facilitate control of the destination filename
- Fixed Event Rule Offload Action alternate credentials to use a Windows logon type that does not require the remote share to be in the same Active Directory domain
- Fixed %FS.VIRTUAL_PATH% variable for On File Deleted rules to match the pathnames depth reported by On File Upload rules
- Fixed On Timer event rules so they stop when the site is stopped
- Fixed On Timer event rules so they only fire once during daylight savings transition
- Fixed On Timer event rule to properly run "today" ARM reports when using Oracle
- Fixed CL log to accurately log transfer results for local file copies
- Fixed folder monitor to properly delete source file when the resultant Offload action used alternate credentials to copy the file to a remote folder/share
EFT Server (standard) and Enterprise
- Added registry key to disable HTTP-to-HTTPS redirection
- Added support for Unix style -lrt sorted listing to NLST
- Added registry value to enable RENAME to overwrite an existing file
- Added registry value to enable Clear Command Channel to expect an encrypted response to CCC request. This provides CCC interoperability with Sterling CONNECT Enterprise
- Added 2 step save process used by ftp.cfg to AUD files to prevent corruption during save. "*.bak" and "*.corrupted" files are now created as necessary.
- Fixed installer to properly create the EFT Server administrator account during cluster installs
- Fixed Plain Text Client handling of paths that included a space during RENAME and DELETE
- Fixed WGET file transfers over HTTP
- Fixed invalid data in customer configuration files that could slow down file transfers
- Fixed upgrades from EFT Server 5.x to maintain DMZ Gateway as the outbound proxy
- Fixed uploads of small files (<100 bytes) from Rebex/Ultimate FTP libraries
- Fixed issue in SFTP that would not allow a new Active Directory user to connect until an AD database synchronization or an FTP login occurred
- Fixed NLST to once again support listings of filenames that contain special characters > 128
- Fixed Site Administrator accounts to control the "Treat Home Folder as Root" setting
- Fixed Event Rule LAN operations when paths contained multiple or incorrect slashes ("/", "\")
- Fixed upgrades to EFT 6.3 from GSFTPS FIPS
- Fixed server restore so all user home folders are restored when backup contains a large number of sites (14)
- Fixed FireFox 4 issues in the Plain Text Client
- Fixed Plain Text Client 403 and 404 errors when attempting to rename or delete a file from a subfolder if specific permissions were set
- Fixed VFS to prevent orphan VFS permissions nodes hidden in ftp.cfg
COM API
- Added CreateUserEx2() COM call that includes the user's email address so the account creation email can be sent at the time the user is created; all of the user/client details can now be set
- Added support for hashed passwords to COM CreateUserEx to facilitate user migration from another EFT
- Added 2 new COM methods to facilitate retrieval of VFS virtual folders and folder permissions
- Fixed a crash that occurred with calling GetFolderPermissions via COM
- Fixed COM DisableInheritPermissions method to set child folders to their parents' permissions instead of the root folder permissions
- Fixed COM Event Rule enums to include "Greater than" and "Greater than equal to" conditional operators
- Fixed COM new 6.3 method names that were inconsistent with the existing API
Secure Ad Hoc Transfer (SAT) module
- Fixed SAT for proper handling of non-US date formats
- Fixed SAT to not authenticate against NTLM when "no auth" is selected
- Fixed SAT Installer to identify 32 vs. 64 bit on same host installs
- Fixed SAT Installer to use PCI compliant password complexity rules for admin accounts
- Fixed SAT errors which prevent Admin page from loading
- Fixed SAT web.config errors when a non-standard HTTPS port was used
- Fixed SAT upgrade issues when SAT was not installed on C:
- Fixed SAT Installer to not de-register COM
AS Module
- Fixed AS2 to support multiple SSL public key certs in a single .crt file
- Fixed a crash that occurred when formatting an AS2 synchronous MDN message
Web Transfer Client (WTC)
- Fixed Web Transfer Client logout to not affect other open tabs in Internet Explorer (IE)
- Fixed Web Transfer Client jars to be signed with a newer cert that doesn't expire until 2015
- Fixed Web Transfer Client and Plain Text Client to initially place users in their home folder instead of the site root folder when "Treat Home Folder as Root" is turned off
- Fixed IE9 and Chrome drag-n-drop issues in Web Transfer Client
Advanced Workflow Engine (AWE)
- Fixed AWE "Stop Task" action to properly return SUCCESS or ERROR to the EFT Server Event Rule
- Fixed AWE to support semicolons as a separator in "On Error" tab variables
- Fixed AWE to properly display the "Send Email" action when editing the "On Error" tab
- Fixed AWE GetTaskName to properly return the name of the task
- Fixed AWE crash when a nesting of sub-tasks would ultimately delete the file that triggered an EFT Server folder monitor
- Fixed some broken help hooks in the AWE Help
OpenPGP Module
- Fixed "8000ffff: Catastrophic Failure" Errors when PGP encrypts multiple or single files
- Added RSA SecurID and RADIUS 2-factor authentication
- Added Status Viewer to monitor in progress and recent file transfers
- Added IP Access/IP Ban user interface that supports white listing
- Added Event Rule Calendar supports custom calendars and import/export
- Added "Write to Windows Event Log" Event Rule Action
EFT Server Enterprise only
- Added RSA SecurID and RADIUS 2-factor authentication
- Added Event Rule Calendar supports custom calendars and import/export
- Added "Write to Windows Event Log" Event Rule Action
- Added ability for multi-part transfers to be available in the Event Rule Copy/Move via a registry key
- Added Copy/Move Event Rule Action support for alternate set of credentials for remote UNC shares
- Added Copy/Move and Event Rule Action support for several overwrite and enumerate options
- Added Folder Monitor support for two modes of operation: high throughput or high number of folder monitors
- Added "Cleanup logs" action to the "Backup and Cleanup" Timer rule in new installs
- Added HTTP and SFTP keyboard interactive login support for RSA and RADIUS pin creation
- Added SIZE as a fallback for transfer verification when XCRC is not supported by remote server
- Added registry option to use LOGON_NEW_CREDENTIALS instead of LOGON_INTERACTIVE for folder monitor
- Added support for SFTP client Copy/Move and Download transfers of files greater than 4 GB
- Added ability for user-level admins to unlock user accounts, in addition to enable/disable and change password
- Added the AML task name to AWE debug logging
- Added UTF-8 filenames support in AWE tasks
- Added a warning message if a duplicate folder monitor is created for the same folder
- Added TRACE level logging of AS2 HTTP headers
EFT Server (standard) and Enterprise
- Added Status Viewer to monitor in progress and recent file transfers (requires ARM for historical transactions)
- Added IP Access/IP Ban user interface that supports white listing
- Added "IP Banned" Event Rule Condition and "Too many invalid commands" Event Reason
- Added PGP Event Rule signature verification options
- Added Event Rule "precise time stamp" context variable
- Added multi-threaded PGP architecture
- Added Denial of Service detection to all protocols
- Added UTF-8 filenames support over HTTP and SFTP
- Added EBCDIC "TYPE E" support
- Added SYST value support
- Added SFTP support for public key or password authentication
- Added support for non-FIPS version of the OpenSSL library to version 0.9.8o
- Added detailed logging of SFTP connections to connection log in Status Viewer
- Added disable of auto import of ARM text files via a registry key
- Added ability to sort objects in the AI left tree pane alphabetically
- Added trigger of the "User Disabled" event rule when Users expire
- Added ability to apply PGP Event Rule Actions to "On File Download" events
Administration Interface (AI)
- Added left pane tree support for up to 100,000 EFT Server users; multi-select enable, unlock, delete, and reset password; and visual identification of EFT Server user accounts without an email address
- Added Active Directory sites' ability to not show the domain name
- Added PGP keys management from remote AIs
- Added AI/EFT Server SSL certificates checks to validate connections
- Added DER, PFX, and P7B output formats in addition to PEM for SSL cert export
- Added AI upgrades and command line silent install support
- Added summary list of folders to be deleted when a user is deleted
- Added support to protect key folders (/usr) from deletion when a user is deleted
Advanced Workflow Engine (AWE)
- Added sample tasks for demonstrating Expectations, IP black lists, etc.
- Added Sharepoint Action
- Added Compression Action: Added 7zip compress/uncompress
- Added FTP Actions: FXP; synchronize method; FIPS 140 mode; FTPS clear command channel (CCC) mode
- Added FTP advanced action file exist; folder exist; get crc; FTP tuning options (UseLargeBuffers)
- Added FTP ability to get long list dataset shows file attributes
- Added SFTP validation of server host key; SFTP provide protoversion prior to connection
- Added Get File Info Action: Added ability to retrieve folder information
- Added Send/Get email and Exchange Actions: Support for Exchange 2010 and ability to send custom headers
- Added Send/Get email and Exchange Actions: Improved filter engine based on query for Imap and Webdav
- Added Service Management: Added remote service install, start, stop, pause, resume
- Added Web Service Action: Added support for SOAP 1.2 protocol
- Added Full Unicode support across all Actions
- Added Start Task and Stop Task Actions
Auditing and Reporting Module (ARM)
- Replaced the integrated SQL Server Express 2005 installer with SQL Server Express 2008 R2
- Added logging to the installer during creation or modification of the SQL schema
DMZ Gateway
- Added synchronization of messages with EFT Server to implement enhanced IP Access/IP Ban capabilities
Secure Ad Hoc Transfer (SAT) module
- Added new architecture that uses Java applet to transfer file directly to EFT Server bypassing IIS
- Added new web-based administration and configuration
- Added ability to transfer files larger than 2 GB
- Added ability to transfer folders
- Added installer support of upgrades; does not require uninstall
- Added default SAT Event Rules in EFT Server to automatically send upload notifications, delete expired temporary users, and notify senders of upload(s) received from temporary users.
Web Transfer Client (WTC)
- Added form-based login that supports branding and true login/logout sessions, and password reset
- Added selection of WTC (Java) or Plain Text Client (PTC) from the login page
- Added new "look" with improved buttons and use of CSS to support branding
- Added Single Sign On (SSO) support in NTLM environments
- Added branding process that doesn't require registry overrides
- Added branding that can be EFT Server site specific
- Added capabilities and status provided in the WTC transfer queue pane
- Added requeue counter to the Settings panel for error-prone connections/servers
- Added option to select Java JSE HTTP client for NTLM v2 proxy authentication
COM API
Added numerous methods and properties to mirror the capabilities available in the AI:
- Administrators and administrator privileges
- LDAP, AD, and ODBC site creation and options
- Event Rule Offload/Download Advanced tab
- Write To Windows Event Log
- Backup and Restore
- IP Ban
- AS2
- FTP options: FXP, Noop, COMB, XCRC
- AWE custom variables
- Multiple SSH client keys and key export
Fixes
- Fixed Email notification file size for Copy/Move events
- Fixed Web Services WSDL page accessibility
- Fixed "User must change password on first login" with LDAP
- Fixed ARM SQL connection details in GUI notifications to lesser privileged admins
- Fixed LDAP "change password" implementation via LDAP calls instead of Active Directory
- Fixed "Uploads per session" and "Downloads per session" limits for HTTP
- Fixed Offload/Download wizard handling of forward and backward slashes
- Fixed PGP passwords masking in DEBUG logging
- Fixed "Stop Processing" and "If failed Action" listing in the Event Rule preview pane even when inactive
- Fixed rejected SSL client cert trigger of the Event Rule "Connect Failed" Condition
- Fixed "On User Created" Event Rule is trigger for first login of an AD or LDAP user
- Fixed Event Rule client downloads of file with a % in the filename
- Fixed Event Rule client traversal of directories with a # or % in the folder name
- Fixed Administrator warning regarding outbound PORT mode support through DMZ Gateway
- Fixed inconsistency of file paths in CREATE and DELETE lines of ARM reports
- Fixed resuming of interrupted WTC transfers
- Fixed ARM auditing of SFTP file offset to properly report transferred bytes
- Fixed renaming of a group so that all members of the group are not removed from the group
- Fixed crashes reported in Microsoft WinQual
- Fixed parsing of multi-line HTTP headers
- Fixed PGP temporary files creation
- Fixed ability to "kick" and delete connected users
- Fixed auditing of failed HTTP logins in ARM
- Fixed (removed) "EFT Server" identifiable strings where possible to address security audit recommendation
- Fixed WTC local pane display of system or hidden files or folders
- Fixed 2048 bit SSL signed certs in AS2
- Fixed HTTP login support of usernames with embedded spaces (Active Directory Display Name accounts)
- Fixed error in ARM report templates that allowed non-admin user account to edit the template
- Fixed error in WTC file rename in Safari browser
- Fixed/eliminated long delay when uploading files via SFTP to a remote folder containing 100,000+ files
- Added toggle for HTTP 100-CONTINUE message for interoperability with older AS2 systems that do not support HTTP 1.1
- Added Quick Search (Control+F) feature to locate Users, Event Rules, Groups, etc. in the tree
- Enhanced the Administrator user interface to support Trial Extension requests without requiring an administrator to login
- Added optional directory listing method for customers with large numbers of files in a NAS folder (40,000). This method does not request the associated folder/file permissions during the directory listing. HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\LegacyDirListBehavior DWORD: any non-zero value activates the legacy (no permissions) directory listings
- Added several VFS and Administrator methods to COM interface
- Added more logging to SFTP and AS2 to provide greater visibility into transfer problems (enable in logging.cfg)
- Corrected issue in quota calculation that was sometimes inconsistent for folders on a UNC share
- Corrected crash in the administrator interface caused by copying an "if action FAILED" Event Rule statement
- Corrected timing related crash if data socket was closed while trying to compute transfer speed
- Corrected issue in AWE that caused AWE task that called a subtask to sometimes not complete
- Corrected memory leak in LDAP user synchronization
- Corrected issue that caused SFTP uploads to time out if a sizable number of On File Upload rules were enabled with email notifications
- Corrected issue that caused filter options to be unavailable in Timer Event Rule Report Actions
- Corrected issue where some user folders were not being restored from a backup
- Corrected issue where the SFTP client’s automatic resume was not working properly
- Corrected ASCII conversion issues that would occur during the RESUME once the network error was resolved
- Corrected issue where the Cleanup Action was not deleting BAK files. Also added deletion of READONLY and HIDDEN files. The file path no longer has to end in a backslash \
- Corrected issue where the EFT Server service/admin interface would hang during the changing of the priority of Event Rules
- Corrected issue with memory leaks when adding a user to a permission group and other user-management tasks
- Corrected issue where SFTP client keys would not work when upgrading from Secure FTP Server to EFT Server 6.x
- Corrected issue where EFT Server created the default permission groups "Administrative" and "Guest" that are not appropriate for an ODBC Site
- Corrected issue where the "Allow FXP" (site-to-site transfers) toggle was not being honored
- Corrected issue where the Event Rule offload client retry setting was not being honored
- Corrected issue that would halt future transfers of files by the Event Rule client for specific types of transfer errors
- Corrected crash in the administrator interface that resulted from monitoring a user from other than the first Site
- Corrected crash in the administrator interface that resulted from a speed calculation error
- Corrected issue caused by improper processing of FTP MKDIR command
- Corrected issue when connecting over SFTP using Transmit 3.5.4 client
- Corrected issue in FTP directory listing - date sorting was sometimes out of order
- Corrected delay that could occur to an FTP authentication while EFT admin was loading folders in the VFS tab
- Corrected SFTP and HTTP login issue in Active Directory environments with multiple domains
- Corrected issue where AS2 no longer requires the AS2-Version HTTP header for interoperability with older AS2 implementations
- Corrected problem related to cleanup of OpenPGP temporary files
- Corrected problem where OpenPGP would lockup if destination file already exists
- Corrected issue where AWE module would hang related to the improper termination of AWE tasks
- Corrected interoperability issue with WS_FTP Server related to large file transfers - other vendors have had to do the same
- Corrected MDTM to always return values in GMT, even if EFT Server listings are configured for local time
- Corrected parent folder permissions to no longer require SHOW and LIST
- Corrected interoperability issue with OpenSSH
- Corrected an issue where Event Rule comments were being lost
- Corrected XCOPY custom commands errors
- Corrected an issue where Event Rule Timer events would trigger 1 second early
- Corrected issue with unnecessary SSH_DISCONNECT timeout messages
Web Transfer Client
- Added an option to the Web Transfer Client to select local time or GMT for the modified time for files in the local pane
- Enhanced Web Transfer Client text to use "Current Password" instead of "Old Password" to reduce user confusion
- Enhanced Web Transfer Client (WTC) to allow selection of GMT or local time for file timestamps in the remote pane
- Corrected a CRC error that prevented Web Transfer Client from being able to successfully resume a download
- Corrected issue where resume did not work on filenames > 35 characters when transferring files with the WTC
Secure Ad Hoc Transfer module
- Corrected issue in SAT that could cause the temporary accounts to not be created on EFT Server
- Corrected issue in SAT that caused the previous value of the FROM email address to be used instead of the one supplied by the user
- Added new registry override for FTP SYST response. Default is "UNIX Type: L8"; common request is for "Windows_NT"
- Corrected issue where home folders were being lost for AD users after an upgrade
- Corrected crash that would occur under rare condition when corrupted configuration file was present
- Corrected problem where EFT Server failed to notify user if site root physical folder was missing
- Corrected problem where network errors would cause e-mail notifications to fail
- Corrected problem where LDAP authentication would fail when a user was moved to a different OU or CN
- Corrected memory leak resulting from COM API operations involving quota checker and folder monitor
- Corrected crash that occurred upon manually refreshing user database for LDAP auth types
- Corrected issue where user would not appear in EFT Server’s user list if the user connected prior to an AD synchronization event
- Enhanced SFTP connection mechanism to work with non-RFC compliant SFTP servers
- Multiple administrators can now add objects of the same type (users, event rules, custom commands, and AWE tasks) at the same time
- Fixed issue when editing an event rule email action when another administrator had modified the user list in a separate AI GUI
- Removed EFT software version number from HTTP headers to address security concern
- Modified buffer size on HTTP downloads to achieve comparable file transfer speeds with uploads
- Updated SAT tables in ARM to provide better performance and robustness
- Fixed SAT to log the proper filename, instead of the temporary filename, in ARM when SAT is installed on a server remote from EFT
- Corrected issue in SQL files that could inhibit the creation of the ARM indices on MSDE
DMZ Gateway
- Fixed a problem where EFT Server Denial of Service updates could block legitimate client connection attempts.
- Fixed a resource leak that appears under some environments leading to resource exhaustion.
EFT Server and EFT Server Enterprise
- Corrected issue where (on new installations) PGP keys could not be created without a service restart
- Changed default behavior for PGP signature verification to OFF by default (registry enabled). Search help for "signature verification" for instructions.
DMZ Gateway
- Corrected a problem with how DMZ Gateway handled certain error conditions that could affect the peer communication channel
- Improved network error handling and added retry logic to the Web Transfer Client (WTC)
- Improved ability to distinguish between SQL connection and non-connection related errors
- Improved Installer to ensure SQL stored procedures are upgraded
- Improvements to WTC’s proxy authentication capabilities
- Improved EFT Server compatibility with WebDrive
- Improved CreateUserEx COM method performance
- Improved folder deletion performance
- Improved configuration file read/write performance
- Enhanced WTC so that its help contents are linked to version specific online help pages
- Enhanced Auditing and Reporting Module (ARM) reconnection logic by using additional SQL timeout error codes
- Corrected issue where EFT Server would attempt to send ARM status updates to Admin connections that was disconnecting
- Corrected issue where WTC upload speeds wasn’t on par with download speeds
- Corrected issue where Multi-site DMZ Gateway used the wrong interface when attempting to connect using PASV mode.
- Corrected issue where Multisite DMZ used the wrong interface when performing outbound transfers
- Corrected issue where WTC sessions would not retain and honor the user's Active Directory credentials
- Corrected server crash in error handling in EFT Server’s authentication sub-system
- Corrected issue triggered when ftp command socket was closed as data socket connected
- Corrected issue on FTP connection when using NLST
- Corrected issue where disabling an event in the "Event Rules" pane would cause the server to crash
- Corrected cross site scripting vulnerability reported by QUALSGuard scanner when HTTP to HTTPS redirection was enabled
- Corrected intermittent issue when deleting physical or virtual folders
- Corrected discrepancy between the timezone used for the FS.FILE_CREATE and FS.FILE_CREATE_TIME event rule variables
- Corrected COM script memory leak triggered by the processing of deleted or invalid folders
- Corrected issue with %FILE.*% related Event Rule variables
- Corrected issues interoperating with servers using SFTP protocol version 4 or greater
- Corrected issue where internal SQL commands had inconsistent casing
- Corrected issue where some login clients account dates were showing up as Dec 31, 1969
- Corrected issue where upgrades could cause system service instability in rare instances
- Corrected issue that prevented OpenPGP encryption from signing ASCII armored files
- Corrected issue that made user names case sensitive when using Oracle as an authentication source
- Corrected issue where UPN style logins didn't find their AD Profile home directory
- Corrected issue where Event ACTIONS and GROUPS would trigger errors on SQL text file import
- Corrected issue where virtual folders not pointing to the C:\ drive were not visible
- Corrected issue during client authentication in SSL
- Corrected issue where folder names did not display a '&' properly
- Corrected minor GUI layout issue related to Advanced Workflow Engine (AWE) "Create Date" label
- New – Active Directory accounts for EFT Server administration
- Updated – Advanced Workflow module updated with many new actions
- Updated – SSL certificate support for outbound transfers
- Enhanced – Secure Ad Hoc module faster performance and new configuration options
- Fixed – Consolidation of all bug fixes done in 6.1.x patches
EFT Server and EFT Server Enterprise
- Added Windows Authentication (Active Directory and local Windows accounts) to EFT Server’s administration authentication sub-system. Requires the High Security Module (HSM).
- Added ability for EFT Server administrators to login via a desktop shortcut and Windows authentication without supplying credentials
- Added ability to query the LDAP server to obtain a listing of all base DNs on the domain specified or the default domain.
- Added ability to right-click a user account on the Server tab to open the user's VFS home folder on the VFS tab. You can also launch Windows Explorer from the VFS tree on the VFS tab.
- Added ability to see virtual folders when using the FTP MLSD command.
- Added Microsoft Encrypting File System (EFS) to EFT Server basic edition. Requires the High Security Module (HSM).
- Added requirement for EFT Server administrator credentials when attempting to delete a Site or Server object in the administration interface.
- Added SSL certificate options for EFT Server's client offload/download FTPS and HTTPS event rule actions.
- Added support for the PFX format in the EFT Server SSL Certification Manager
- Updated to version 0.9.8l the non-FIPS SSL libraries used by EFT Server for inbound and outbound SSL-based protocols.
- Improved SSH key tool; when you rename an SSH key, EFT Server verifies that the name is unique and prompts you to change it if it is not unique.
- Improved the remote administration interface installation process; the SFTPCOMInterface.dll and SSL.dll are automatically installed and registered.
- Added Windows Event Log entries if long running custom commands or AWE tasks are terminated due to a timeout
- Added signature verification to event rule OpenPGP decryption
- Improved the folder monitor and event rule timers; EFT Server will "reset" only the affected (modified) folder monitor/timer when serializing to the configuration file, rather than all folder monitors and timers.
- Improved text file auditing of Folder Monitor actions to aid Customer Support when assisting customers with Folder Monitors.
- Added ODBC Authentication Manager SQL scripts for MS SQL and Oracle
- Added a default logging.cfg file to EFT Server.
- Plain HTML format can now be selected by appending ?html to the URL
DMZ Gateway
- Added ability to install DMZ Gateway on Unix, Linux, and Solaris operating systems (in addition to Windows). Available on both 32-bit and 64-bit operating systems.
- Added more functionality to DMZ Gateway's interface to accommodate multiple profiles and extended communication information.
- Centralized DMZ licensing to EFT Server to simplify DMZ installation and licensing.
- Added ability to connect up to 15 EFT Server Sites simultaneously.
- Added automatic propagation of IP address access policy changes to DMZ Gateway when the policy is modified in EFT Server, whether in the interface or by the auto-ban logic.
- DMZ and EFT Server have been hardened to withstand attack from several Denial of Service (DoS) attack tools
- Improved and expanded DMZ Gateway logging.
Auditing and Reporting Module (ARM)
- Upgraded the SQL Server Express 2005 installer to SQL Server Express Edition, service pack 3.
- Added three new intervals to the Generate Report Action: Today, Yesterday, and Last 24 hours.
Advanced Workflow Engine (AWE)
- Added new EFT Server variables SERVER_PUBLIC_KEYRING_PATH and SERVER_PRIVATE_KEYRING_PATH to pass the location of the public and private key ring to the AWE module.
- Added ability to send user-defined (custom) variables from EFT Server to the AWE module.
- Added several new AWE actions in these categories: Internet, File, Network, Variable and Cryptography
COM API
The following methods, properties, parameters, and enumerators were added or modified:
- Server Interface (ICIServer) methods: ConnectEx, RemoveServerAdminAccount
- Single-Site Interface (ICISite) properties: AllowChangePassword, ForcePasswordResetOnInitialLogin
- Client Settings Interface (ICIClientSettings) methods: GetForcePasswordResetOnInitialLogin, SetForcePasswordResetOnInitialLogin
- Enumerators and Constants: LoginType, ServerModule, PredefinedReportPeriod, AdminAccountType enumeration, AdminLoginType enumeration
- Added more unique error descriptions
Secure Ad Hoc Transfer module
- Added ability to configure ad hoc permissions in the web.config file.
- Added ability to define the default permissions used for the temporary user's home folder in the web.config file.
- Added ability for SAT users to create subfolders in their home folder.
- Added a variable in the web.config file to add a specified time delay before sending the password email.
- Improved the speed of SAT upload transactions and when SAT is configured for File Copy to EFT Server.
Web Transfer Client
- Added ability for WTC users to control whether preemptive proxy BASIC authentication credentials are sent.
Fixes
- Fixed Oracle ODBC Authentication Manager character case problems: user login checks are no longer case sensitive and SQL commands are case consistent.
- Updated tab sequences in various dialogs for Section 508 compliance.
- Event Rule "if using WTC" condition now works properly in all scenarios.
- Event Rule "On Server Startup" actions are now performed.
- Email notifications are now sent for On Scheduled Timer events.
- Access to the Web Services WSDL has been restored.
- Fixed layout errors in some PCI Reports.
- Fixed the SSH version number displayed in the Admin User Interface to reflect the update to SSH protocol version 4.
- Fixed WTC to ensure user's AD credentials are used to access files and folders and not the EFT Server service credentials.
- Fixed WTC so uploads are now as fast as downloads
- Fixed a vulnerability to tampering in the messaging between the Admin GUI and the EFT Server
- Fixed several instances where standard file deletion was being used instead of file sanitization
- Fixed a timeout issue that would lead to a blank page being displayed by the plain text HTTP client during extremely large file uploads
- Restored the ability to turn on detailed outbound client logging (controlled by registry key)
- Fixed SFTP protocol command validation
- Fixed WTC FireFox issue that was introduced when new signing cert was used for jars
- Merged 6.0/6.1 LDAP fix for base DN's that contain spaces
- Added registry entry that will allow wildcard transfers of local files to fail if no files. Are found (legacy behavior is all wildcard operations succeed even if no files are found)
- Update to authentication manager to correctly pull domain name in certain instances where it previously failed.
- Fixed problem with random session expiration/timeouts over HTTP.
- Automatic re-queue of file transfers when they fail.
- Bug fixes to Web Transfer Client.
- Fixed crash upon login caused by use of a special registry key.
- Improved AD support for retrieving a user's domain.
- Improved BlueCoat proxy support.
- Fixed issue with Web Transfer Client only reporting 10 licenses even if more were registered.
- Fixed SFTP protocol command validation
- Fixed DMZ issue that occurred when two EFT Servers used same IP/port
- Fixed WTC to notify user if local folder creation failed due to invalid characters
- Improved several prompts and messages in the WTC
- Updated the Help files and the copyright date to 2009
- Improved various error messages.
- Added the ability to transfer folders containing subfolders.
- Set status to "INTEGRITY CHECK FAILURE" only for CRC failures. CRC check failure caused by reasons other than CRC value difference are assigned the "UNABLE TO VALIDATE INTEGRITY" state.
- Fixed the occasional missing icon problem.
- Changed client SFTP key generation to use ssh.com style keys by default.
- Removed spaces from LDAP query strings so comparisons match properly.
- Enhanced WTC to provide a <%=client_ip%> token replacement in htm files.
- Corrected a problem with binary to ASCII conversion over SFTP.
- Fixed a crashing issue that could occur when user list was not in sync with authentication provider.
- Made permissions checks when switching into a UNC directory consistent with that of switching into a local directory.
- Fixed a crashing that occured when a PCI DSS report was generated on an LDAP site.
- Fixed issue where files uploaded over HTTP using the PUT method were visibile while being transferred.
- Fixed issue where webservices invocation failed because of random data being appended to parameters.
- Fixed issue where server inactivity led to ADO errors being recorded to the system application log.
- Fixed issue where AS2 would fail MDN verification.
- Fixed issue where AS2 hot folder would fire early and send a 0 byte file.
- Fixed hang that could occur when deleting a user while system quotas were enabled.
- Fixed a crash that could happen when the system bans a user for disconnects.
- Increased allowed length of administrator passwords.
- Fixed issue that could lead to crash when using COM.
- HTTP 401 page now redirects you to previous page in browser history.
- Fixed hang that could occur when deleting a user while system quotas were enabled.
- Fixed a crash that could happen when the system auto-bans a user.
- Increased allowed length of administrator passwords.
- Fixed issue that could lead to crash when using COM.
- HTTP 401 page now redirects you to previous page in browser history.
- COM ClientSettings Get/Set HTTPS/FTPS methods now work.
- 0KB files uploaded via SFTP now trigger events and are reported in logs.
- LIST permission is no longer required for a WTC upload.
- Plain text web transfers now correctly handle sending files with an octothorpe (#) in the file name.
- Opening a Microsoft Office document via the HTML Listing and Upload form in Internet Explorer no longer triggers a reauthentication prompt.
- AD accounts in WTC can no longer rename and delete virtual folders.
- WTC now allows signing certificate to be accepted.
- Enhanced ARM performance under load
- Enhanced the layout of the User Templates, Groups, and Custom Command dialogs to support longer names
- Corrected SQL connection timeout handling to ensure ARM auditing of all transactions
- Corrected SQL error handling to eliminate repeated email notifications
- Corrected issue that occurred if APPEND was disabled and a WTC user attempted to resume a transfer
- Corrected database error triggered by AS2 configuration Test button
- Updated SAT installer to grant permission to EFT /adhoc folder for Vista and Win2K8
- Updated SAT installer to properly list/select the IIS web sites
- Fixed Java errors on the change password page
- Fixed crash that occurred when there was a high number of user-to-group assignments
- HTTPS clients without Java installed are now prompted to install it
- Improved EFT Server stability by identifying and removing thread unsafe code
- Fixed crash that occurred when logging in via SFTP and connection limit is already reached.
- Fixed memory leak when uploading files via HTTP
- Resolved issue wherein certain COM scripts would never time out
- Resolved issue where custom command parameters would not appear in cmdout.log
- Resolved issue where plain text client would not reload when a non-standard port was used
- Fixed memory leak in the authentication managers
- Fixed EFT Server hang issue caused by administrative users timing out
- Fixed memory leak caused under certain circusmtances by NLST command
- Enhanced WTC proxy support for JREs after 1.6.7
- Enhanced EFT Server Enterprise installer to provide both the Single Site and Multi-Site DMZ Gateway sub-installers
- Enhanced the logic used to complete the removal of a previous version of EFT Server or Secure FTP Server
- Enhanced the SAT-related ARM reports to display multiple files if more than one file was sent per transaction
- Enhanced the Administrator GUI to support User Setting Templates and Permission Groups with names greater than 20 characters (max of 255)
- Enhanced EFT Server (core) with support for operation on 64 bit
- Corrected issue with WTC Active Directory change password
- Corrected issue in plain-text HTTP that required DELETE permission to download files
- Corrected issue caused when uploading a file to a folder with a path exceeding 255 characters
- Corrected issue with WTC not showing download prompt with Firefox
- Corrected issue caused when Web Services interface was disabled but Event Rule invocation was attempted
- Corrected logos and formatting issues in SAT and AS2 ARM reports
- Corrected issue related to generation of output in Custom Command log files
- Corrected EFT Server crash that occurred for Copy/Move Event Rule Actions that did not have a leading “\\”
- Replaced HTTP Java update link with HTTPS link to eliminate warnings about "insecure content
- Added - compatibility with x64 Windows including Server 2008
- Added - Oracle database support added for Auditing & Reporting
- Added - Backup and restore wizard for disaster recovery and migration between servers
- Added - New Server Administrator role: "Create User" - has ability to create users within designated templates
- Added - Optional Advanced Workflow Engine module - extends EFT Server event rules by over 200 additional actions, including send to mainframe, send SNMP traps, query SQL database, parse an XML or Excel file, and hundreds more
- Added - New wizards for the Download (Pull) and Copy/Move (Push) Event Rules
- Added - DMZ Gateway Enterprise - allows multiple EFT Servers to connect to the gateway.
- Added - FIPS certified SSL and SSH libraries as part of High Security Module (HSM).
- Added - Comprehensive auditing and reporting of all administrator changes made to the server (requires HSM)
- Added - Ability to modify the default messages sent upon account creation and password expiration reminders
- Added - Ability to switch between UTC/GMT and server local time for timestamps returned in directory listings
- Enhanced - Setup (installation program) can configure EFT Server’s auditing database on an existing SQL or Oracle server
- Enhanced - complete revamp of EFT Server’s Administrator Interface including dozens of small usability fixes
- Enhanced - Support for designating EFT Server's configuration file path
- Enhanced - New User setup wizard can now designate a home folder including variable names
- Enhanced - Replaced MSDE with SQL Server Express for the bundled database
- Enhanced - Updated PCI compliance to match the latest PCI DSS 1.2 specification (requires High Security Module)
- Enhanced - Ability to create Custom Commands "on the fly" from within Event Rules
- Enhanced - Various visual and usability improvements to the Event Rule builder
- Enhanced - Send E-mail Event Rule action now allows multiple "To:" values
- Enhanced - Send E-mail Event Rule action now includes an Address Browser to search and insert addresses with ease
- Enhanced - Replaced OpenPGP library - provides many more options, including signing options, cipher/hash options, self-decryption archive creation, compression levels, and debug logging
- Enhanced - Updated SFTP library - provides import/creation of OpenSSH keys and public key select/export
- Enhanced - Ban IP address on invalid account now counts invalid login attempts when a non-existing username is provided.
- Enhanced - Plain HTTP interface has been updated and exposed so that it can be completely customized
- Enhanced - Web Transfer Client (WTC) interface updated and various minor bugs fixed
- Enhanced - Dozens of minor usability and bug fixes in AS2
- Added - Complete backwards compatibility with Secure FTP Server 3 and EFT Server 5
- Enhanced - Password reset and complexity are now part of the core feature set
- Fixed - Various defects of varying level of severity
- Corrected an issue with WTC logout on Firefox.
- Added registry setting that allows OS-selected IP address assignment for outbound client connections (pre-5.2.11 behavior).
- Internet Explorer Enhanced Security Window no longer interferes with the Administrator interface.
- Added expiring session cookie for WTC on Chrome browser for logout (fixes the repeated logon issue in Chrome).
- The Event Rule MailAction::FROM parameter is now exposed so that it can be overridden with an event rule specific value. If the FROM email address is not overridden in the rule, the Server level default value is used for the FROM address.
- Now deploying PCI report files to PCI subfolder rather than Reports subfolder.
- Provided option (via registry key) to redirect cl*.log output to the Windows Event Log.
- OpenPGP keyrings can now be in a location other than the EFT Server installation folder.
- OpenPGP updated to support selection of hashing algorithm.
- EFT Server outbound client now uses site IP address instead of defaulting to OS-selected IP address.
- (SAT) Fixed problem with send upload notification not functioning due to URL format supplied in user description field.
- (SAT) Increased logging in send upload notification script.
- (SAT) Fixed problem with uploading popup opacity and animated gif not moving in IE7.
- (SAT) Fixed problem with “From” cookie storing more than one email address.
- (SAT) Updated COM for compatibility with EFT 5.2.12.
- Corrected EFT Server service crash caused by NMAP scan of HTTP and HTTPS listener ports.
- Corrected Web Transfer Client issue with Google Chrome beta. (Google Chrome requires Java SE 6 Update 10 RC or later.)
- Added option to log protocol events to the Windows Event Log (activated via registry setting).
- Added option to pass client IP address to LDAP server during user authentication (activated via registry setting).
- (SAT) Added "one-click authentication"; a hyperlink can be included in the notification e-mail to automatically log the recipient in to the Web Transfer Client.
- (SAT) Added configurable notification e-mail options: send one email with one-click authentication, send separate e-mails with username and password to recipient or sender, send username and password in the same e-mail as the link, or send username to recipient and password to sender.
- (SAT) Upload notification process now sends one e-mail per transaction instead of one e-mail per file.
- (SAT) Added "Smart Email" functionality to pull e-mail address from EFT Server. SAT completes the e-mail address based on first and last name if the user's full name and email fields are populated in EFT Server.
- (SAT) Redesigned the sendmail form with a new layout, more interactivity, and more configurable options.
- (SAT) Added the ability to show or hide the CC and BCC fields.
- (SAT) Added the ability to remove the e-mail logo.
- (SAT) Added the ability to add as many files as needed in one send.
- (SAT) Added the ability to black list and white list destination domains in the To/Cc/Bcc fields.
- (SAT) Added the ability to configure accounts to not expire.
- (SAT) Added Virtual Folder support in EFT Server for user settings.
- (SAT) Added the ability to use EFT Server's Local File Copy protocol when the User Settings Level is in a remote share.
- (SAT) Added the ability to check for and warn on common configuration errors when the application is started.
- (SAT) Fixed the problem pre-populating the From e-mail address. Subsequent e-mail messages contain the previous From e-mail address. The From address is stored in a cookie for one day after a successful e-mail has been sent.
- (SAT) Fixed the problem where concurrent users generates errors.
- (SAT) Fixed the problem where spaces in e-mail address list causes error
- Resolved issue where transfer status was not properly displayed in Web Transfer Client.
- Updated Web Transfer Client to be compatible with Firefox 3.0 for Windows and Safari 3.1.1 for OS X.
- Fixed PGP private key issue with whitespace in passphrases.
- Improved HTTP POST memory and CPU efficiency and speed.
- Fixed COM method GetUserSettings to be case insensitive.
- Added GetPhysicalPath (string VirtualPath) function to COM interface.
- Resolved ARM connection handling error to MSSQL2005.
- Updated Site Setup Wizard to correctly require SSL certificate passphrase.
- Added SSL close_notifiy message to ensure support for FileZilla client.
- Added ability to change Active Directory password in Web Transfer Client.
- Added ability to change expired Active Directory passwords in Web Transfer Client.
- Added email notifications for Active Directory and LDAP passwords that are about to expire.
- Improved Web Transfer Client proxy connection handling.
- Improved Web Transfer Client logout.
- Enhanced Web Transfer Client date format options.
- Enhanced Web Transfer Client to remember EFT login to reduce login popups when connecting through proxy.
- Added support for NTLM authentication for browser/SAT module connections.
- Corrected auditlogger SQL formatting issue when writing to disk file while disconnected from DB (MS SQL or Oracle).
- Corrected idle admin port timeout issue.
- Corrected Site Creation wizard error when specifying ports for additional network adaptors.
- Corrected issue when failed LDAP query would disassociate users from groups.
- Updated Oracle version of default ARM reports to match SQL.
- Improved refresh rate for AS2 Test GUI.
- Improved AS2 configuration usability.
- Added Drummond-Certified AS2 support in compliance with RFC4130
- Enhanced AS2 to include Multiple Attachment support
- Enhanced AS2 to comply with the AS2 Reliability specification
- Added support for Web Services invocation of Event Rules
- Enhanced PGP architecture by upgrading the core PGP libraries
- Enhanced the PGP encrypt Event Rule action to automatically ignore files with *.pgp or *.gpg extensions for encrypt operations
- Enhanced the PGP decrypt Event Rule action to process files with *.pgp or *.gpg extensions exclusively
- Corrected issue where loss of LDAP connectivity would disassociate users from groups.
- (SAT) Made compatible with EFT Server 5.2
- Added support for certificate based SSL authentication for Offload and Copy/Move event rule actions – requires registry entries to enable
- Added new replacement variables for the FTP login banner (%DATE% and %TIME%)
- Corrected a crash that occurred when specifying a non-existent group
- Corrected the Send Report event rule action so that only the report output chosen is generated
- Added a new context variable (%FS.REPORT_FILENAME%) for report generation, which is just the filename of the report, not the full path, for convenience in copy/move event rule actions
- Added field to database to capture login name of users connected to the server's administrator port
- Added optional registry setting that improves the internal save process for the server's configuration data - only affects very large configuration files (such as those with hundreds of event rules)
- Added support of auditing to an Oracle database – requires a registry entry to enable
- Corrected a crash that occurred when calling the AddIPAccessRule() method via COM
- Corrected problem in which legacy configuration files were designated incorrectly as corrupted
- Corrected a problem with Web Transfer Client filter results linking to other folders
- Corrected FTP result codes for non-wildcard list command per RFC959 specifications
- Corrected multiple GUI and service runtime crash conditions
- Corrected an issue in which no error was being reported when the connection was lost while writing to a network resource
- Corrected a crash that occurred occasionally at service shut down
- Corrected problem with inheritance and resulting folder permissions
- Corrected various memory and handle leaks
- Performed various stability related improvements to the monitor folder event rule
- Expanded LDAP connection string to support up to 512 characters
- Increased the default timeout values for COM
- Reduced timeout values for administrator login
- (SAT) Corrected a problem with accented or special characters not being processed properly in SAT generated e-mails.
- (SAT) Corrected a problem where concurrent use may cause SAT to become unresponsive.
- (SAT) Corrected a problem with SAT not timing out properly once it has completed a send transaction.
- (SAT) Removed an error message that would display when a port value was not supplied even though no protocol was defined.
- Added SOCKS outbound proxy support (available in Copy/Move Action dialog)
- Added registry value that can be used to override default AD Auth Manager behavior of creating home folders that are virtual paths to the AD users home folder value
- Added support for "X-ORIGINAL-PROTOCOL" header over HTTP/S to facilitate terminating SSL connections in front of the EFT Server or DMZ Gateway
- Enhanced Copy/Move Event Rule to allow the use of context variables as a first entry in the destination path
- Corrected two memory leaks (folder monitor health check, and when offloading files)
- Corrected problem where rules can't be deleted when no actions are defined
- Corrected Administrator Interface crash when applying changes to rules under certain conditions
- Corrected problem where offload event using SFTP protocol sometimes fails
- Corrected rare crash that may occur when multiple administrators are configuring the server simultaneously
- Corrected problem where an LDAP site with thousands of groups would hang upon opening the site
- Corrected problem where the Timer/Scheduler would not fire under rare conditions
- Corrected problem with terminating a rule prematurely if changes are made to that rule while the rule is executing
- Allowed system to disable users after multiple invalid login attempts even when PCI DSS HS Module is expired
- Corrected problem with apostrophe in filenames not working properly in Web Transfer Client
- Corrected problem with Filter button/command not working in Web Transfer Client on rare occasions
- Corrected problem with sibling files and folders being transferred (not just selected folder) in Web Transfer Client
- (SAT) Moved to ASP.NET technology to overcome file size limits when uploading
very large attachments. Now the web page supports file uploads up to
2GB in size. - (SAT) Corrected "Input string was not in a correct format" error.
- (SAT) Corrected problem with creating extra folders on the EFT Server file system.
- (SAT) Corrected administrator password encoder/decoder problem that resulted in failed connections between SAT and EFT Server.
- (SAT) Corrected IIS copy vs. local copy problem where extra '/' would cause an error when trying to copy files between SAT and EFT Server.
- (SAT) Corrected a problem where an EFT Server site name in URL format would cause connection problems between SAT and EFT Server.
- Added the ability to create PCI DSS Sites for all supported authentication types
- Added new wizard page to optionally enable Data Sanitization when creating a new site
- Added a compliance check for data sanitization per PCI DSS 9.10.2
- Added a compliance check for NOOP command and site-to-site transfers per PCI DSS 2.2.3
- Added a compliance check for SSL clear command and data channels per PCI DSS 4.1
- Added a compliance check for more than one admin with full control over EFT Server per PCI DSS 7.1
- Added a compliance check for any expired certificates or keys per PCI DSS 3.6.4.9
- Added support for AES-256 cipher (SFTP)
- Added SSL certificate chaining to mitigate the problem of expired intermediate keys
- Added new COM methods for client account lockout and IP access controls (see help file for details)
- Added a new Web Transfer Client "signing" security mechanism to mitigate risk of rouge servers deploying malicious web transfer clients
- Added a progress bar and animated graphic to communicate transfer progress in the Web Transfer Client
- Added true "logout" for Web Transfer Client (previously you had to close the browser to kill the session)
- Added ability to hide files marked with a "hidden" attribute on the local file system (Web Transfer Client)
- Added new client (user) context variables including last login time, password expiration date/time, reset password at first login, account expiration date, and whether account is active or not. See help file for details
- Added functionality to check for improper PGP passphrases when a new encrypt/decrypt rule is created
- Added an error message to the Windows application event log when SSL fails to initialize
- Enhanced the sorting algorithms used for users, groups, commands, event rules, etc.
- Enhanced EFT Server GUI icons with high-color and XP-color definition
- Enhanced usability by setting default values and by improving text throughout the UI
- Enhanced PCI DSS reporting to create HTML format reports if a PDF reader not available
- Enhanced checksum calculations (incremental CRC32 for improved throughput on transfer verification) for Web Transfer Client
- Enhanced Auditing and Reporting module (ARM) database connectivity logic (connection pooling) to provide superior performance when under heavy loads
- Increased character limit for the AD user description field from 100 to a limit of 1024 characters
- Corrected instability issues that caused crashes or hangs under rare situations, due to deadlocks and/or race conditions
- Corrected directory listing problems on Mac OS (Web Transfer Client)
- Corrected drag and drop within remote pane intermittently failing (Web Transfer Client)
- Corrected various instability issues that could cause crashes in the Web Transfer Client
- Corrected a potential security vulnerability where a user could change into a directory that they had no permissions to (affects SFTP only)
- Corrected issue with Apply button not being disabled once an Event Rule is deleted
- Corrected inconsistency with how accounts were shown as enabled/disabled when using AD authentication
- Corrected LDAP user authentication issue where an extra comma was being supplied in the bind string
- Corrected incompatibility issue with Windows 2000 where EFT would fail to start (EFT 5.1 and above)
- Corrected error when calling COM method AddUserToPermissionGroup() under LDAP sites
- Corrected problem where new SSH keys were not displaying in the SFTP public key select window
- Corrected problem where SFTP login failed Event Rule would trigger twice (or multiple times) rather than just once upon login failure
- Corrected problem where newly created SSH keys were not appearing in the SFTP key manager key selection list
- Corrected problem where Timer Event Rule triggers where sometimes skipped
- Corrected problem where renaming a folder in the VFS or by a connected client no longer causes permissions on all subfolders to reset their permissions to "inherit"
- Corrected problem where users would disappear from a group if they were moved to a different User Settings Level template
- Corrected problem where users disappeared from a group after being moved from a different group upon site restart (using LDAP authentication)
- Corrected problem where the file copy/move Event Rule action would trigger a failure even when the file was moved successfully
- Corrected problem where EFT would generate temporary files in the install directory for no apparent reason (.041 extension)
- Corrected problem where downloads using wildcards were failing to use the DMZ Gateway as a proxy server (when set to do so)
- Corrected problem where allowed/denied IPs weren’t applied until site restart
- Corrected problem where an incompletely defined download rule could be saved, possibly corrupting EFT’s configuration file
- Corrected problem where reconnecting to the auditing database would result in a near-instant disconnection
- Corrected problem where DMZ gateway did not retain its "Client IP" settings on restart (requires update to DMZ Gateway server)
- Corrected problem with files re-uploading when Refresh is selected (Web Transfer Client)
- Corrected problem with not being able to rename files in Safari over HTTP protocol (Web Transfer Client)
- Corrected problem with resume download not working (sometimes resume button not appearing at all, other times it would appear but resume would fail)
- Corrected problem with transfer resume under SFTP protocol with some SFTP clients
- Corrected problem with large (2 GB+) files over SFTP to certain servers, such as ProAtria SFTP Plus
- Corrected problem with not being able to add a user/group to virtual folders or subfolders until Refresh button was clicked
- Corrected problem with user account impersonation: files could be renamed over some protocols but not others even when rename permission was provided
- Corrected problem with admin console session being lost when testing event rules
- Corrected problem with wild cards in a download action not downloading files that matched the mask
- Corrected problem with not being able to change the Site Root folder (it would revert back to the previous root folder upon restart)
- Corrected problem with the Event Rule Offload action not using the DMZ Gateway Server as an outbound proxy (when set to do so)
- Corrected problem with server response code returning 250 instead of expected 230 for successful logins
- Corrected problem with %Event Reason% parameter tag always showing "Action Completed Successfully" rather than the appropriate failure reason
- Corrected problem with auditing of large (over 2 gig) transfer sizes to the Auditing and Reporting database (SFTP transfers only were affected)
- Corrected problem with zero or negative values being stored in identity field in the ARM database after auditing entered failure state.
- Corrected problem with the ARM Component One Report Editor help file not displaying
- Corrected problem with COM method CreateComplexPassword() not handling VBScript reference parameters
- Corrected problem with EFT’s COM functionality not working in 5.1 when called from VB apps. Error received was MX Error 52 (00000034)
- (SAT) Corrected SFTPComInterface.dll for EFT 5.1 compatibility.
- (SAT) Updated temporary user account creation to use complex passwords according
to EFT Server's password security settings.
- Added optional high security module to monitor and alert Payment Card Industry Data Security Standard (PCI DSS) violations
- Default password, banner message, or port values in use (PCI DSS 2.1)
- Unsecure protocols in use (PCI DSS 2.2.2)
- Password length, expiration and complexity violations (PCI DSS 8.5.10,11)
- Disk quota not set (PCI DSS 3.1)
- Administrator IP address filter not set (PCI DSS 1.3.1, 1.4.1)
- Secure remote administration not set (PCI DSS 2.3)
- DMZ Gateway not set (PCI DSS 1.3.4)
- DoS and flood settings too low (PCI DSS 6.5.9)
- Encrypting File System (EFS) in use (PCI DSS 3.4.1)
- Check if passwords are being reused for any account (PCI DSS 8.5.12)
- Added daily automatic or manually generated report on current PCI DSS compliance status, including all violations, justifications, and compensating controls (PCI DSS 10.6)
- Added optional high security module to enforce compliance with Payment Card Industry Data Security Standard (PCI DSS)
- Disabling of anonymous account types (PCI DSS 8.5.8)
- Disabling of weak SSL versions and ciphers (PCI DSS 4.1)
- Disabling of weak keys (PCI DSS 3.6.1)
- Disabling ability to reuse prior passwords (PCI DSS 8.5.12)
- Added new high security features as part of PCI DSS HS module
- Data wiping (sanitization) (PCI DSS 9.10.2)
- Removal of old data automatically (PCI DSS 3.1)
- Removal of or disabling of inactive accounts (PCI DSS 8.5.5)
- Redirecting HTTP to HTTPS port; previously could only be configured in the registry, is now available in EFT Administrator (PCI DSS 2.2)
- Forced expiration of user account passwords (PCI DSS 8.5.9)
- Forced password reset on initial login (PCI DSS 8.5.3)
- Temporarily lockout users if incorrect login attempts limit is exceeded over a specified time (PCI DSS 8.15.13,14 )
- Automatically disconnect users after a specified time of inactivity. (PCI DSS 8.5.15)
- Audit server configuration changes to database (PCI DSS 10.2.2)
- Audit initialization of auditing & reporting system (PCI DSS 10.2.6)
- Added SSL certificate-based authentication (in addition to certificate + password)
- Added IP filter masking feature at account (user) level
- Added support for importing and authentication of multiple SFTP keys stored in a single key file, association of one or more keys to a user account, and assignment of the same key (or keys) to more than one user account
- Enhanced the Server, Site, New User, and New Connection wizards
- Enhanced one-way encryption applied to all passwords stored in EFT Server’s configuration
- Added SHA256 based password hashing to stored passwords
- Added "%SERVER.NODE_NAME%" to Server Context Variables and Condition builder
- Added Event Rule Builder tree line thickening and colorization
- Added missing keyboard accelerator under Security tab
- Added prompt when password-only administrators queue up multiple actions before applying changes
- Added ability to sort by users in Password Management admin GUI
- Enhanced Admin connection SSL failure handling
- Enhanced Local file system copy/move actions are now logged to the CL log file
- Corrected issue where auto-assigned home folders failed when specifying an AD group
- Corrected issue with renaming a group name
- Corrected issue where site administrators could not manage PGP keys
- Corrected issue with offloading files through SFTP protocol
- Corrected issue where users received GlobalSCAPE EFT Server Administrator crash report after reboot
- Corrected issue where users were not able to offload to TitanFTP using SFTP protocol
- Corrected issue where Connect to TE button was not available after clicking disconnect from TE
- Corrected issue with bandwidth throttle causing FTP upload problems
- Corrected problem with the configuration file being read when NT/AD domains were unavailable
- Corrected Web nag Issue with DMZ Gateway
- Corrected issue where Timer events would execute more often than expected
- Corrected duplicate keyboard accelerator for New User Account Setup wizard
- Corrected issue where retry logic for SFTP offload reported incorrectly after success
- Corrected issue where the server incorrectly returned "Delete selected admin account" prompt
- Corrected issue where NTLM/AD full permissions were required to delete or rename
- Corrected issue where VFS tab displayed two EFT local servers incorrectly
- Corrected issue where "If protocol does equal FTP over TLS" condition could fail
- Corrected problem with "Download file from host" condition incorrectly displaying "Source" and "Destination" fields
- Corrected issue under Server-Administration tab where focus incorrectly switched after GUI refresh
- Corrected issue where Server administrators could delete themselves if logged in with a name that differs from original only in case
- Corrected issue where Settings Level admin could remove/rename inaccessible folders in VFS
- Corrected issue where Server level sub-administrators could alter their own delegations
- Corrected issue where sub administrators could not rename themselves properly
- Corrected problem with Admin management confirmation dialog
- Corrected issue where validation was not handled properly while deleting super-admin account in EFT
- Corrected issue where Site Rename option did not function properly
- Corrected issue where "Apply your changes or refresh settings" dialog box appeared twice
- Corrected issue where User Login Failed event rule did not run when using SFTP with an invalid account
- Corrected issue with ARM losing connection to the SQL database
- Corrected issue where EFT did not detect changes to the users home folder in AD
- (SAT) Corrected problem where registered module may report that it has run out of
transactions. - (SAT) Updated help file instructions for setting up automated maintenance in EFT 5
- Added complex event rule creation supporting multiple actions, simple or compound conditions, else statements and nested logic
- Added ability to clone an existing Event Rule
- Improved Event Rule sorting, displaying, comments, selecting, and tooltips
- Added multiple settings to the offload/download Event Rule action (connection limit, use proxy, retry, - see help file for complete list)
- Added ability to conduct EFT Server offload/download initiated events through the DMZ Gateway
- Added auto-heal, polling, and failure notification feature to the Folder Monitor Event Rule trigger
- Added a new Folder Clean-up Action to remove old files
- Added many more date/time options to the Timer/Scheduler Event Rule trigger
- Added new file events, event types, and conditions to the Event Rule system (see help file for details)
- Added User customizable SFTP Banner Message
- Added SSL cipher selection list and manual specify cipher option
- Added HTTP to HTTPS redirection (enabled from registry – see help file)
- Added option to choose from one or more SSL versions
- Added Password Complexity feature with granular options including min. length, must contain N number of digits, chars, special chars, not in a dictionary forward or backwards, contains username, or has N repeating characters.
- Added multiple levels of Delegated Administration including server admin, site admin, settings level admin, and help desk (change password) admin options. Concurrent administration also supported
- Improved Web Transfer Client functionality – folder transfers, logout, change password, and UTF-8 encoding support
- Added alpha sort to Administrative GUI interface
- Added type-ahead functionality to Administrative GUI interface
- Added custom user fields to Administrative GUI and COM
- Added new LDAP advanced settings – page size, referral chasing, LDAP version choice, timeout, search scope, use server page control, and select attributes
- Added LDAP and Active Directory Test Query function for authentication troubleshooting
- Expanded COM API to include more methods and properties (see help file for complete list)
- Corrected issue IBM z/OS 1.7 using SSL explicit connections
- Corrected issue with setup wizard “create home folder” checkbox not taking precedence over default settings
- Corrected issue with OnTimer events not triggering as scheduled
- Corrected issue where EFT field character limits were shorter than Active Directory limits
- Added 8bitmime support to SMTP
- Corrected issue where DMZ required a manual restart on IP Access table changes
- Corrected issue where DMZ internal communications were not always over EFT Servers Home IP
- Corrected issue with certain SFTP clients where file resume did not always work
- Removed prompt from VFS when deleting last selected item under Server tab
- Corrected timeout issue with specific On Service Start/Stop event rules
- Corrected issue where site administrators received operation errors under specific configurations
- Corrected problem with ampersand character flagging an email address as invalid
- Corrected issue with Timer Rule events improperly handling files with no extension
- Corrected issue where the server engine was not properly handling daylight savings time
- Corrected problem with Active Directory authentication when pulling from Universal Groups that contain empty global groups
- Corrected DMZ issue with irregular PORT reply in multiple IP environments
- Corrected hanging issue in SMTP code
- Corrected issue where specific changes to the ACL returned a 530 error to the user
- Corrected issue where login failure email notifications did not occur under specific conditions
- Corrected improper quota handling under HTTP/S protocols
- Corrected File Integrity Check issue with Web Transfer Client and large files over HTTPS
- (SAT) Initial Release
- (SAT) Added e-mail send failure handling: When an e-mail fails to send, the e-mail
will be saved to a temp folder (in the SAT install folder) so that the admin
can deal with it later. - (SAT) Improved e-mail address validation in sendmail.asp by ignoring whitespace.
- (SAT) Modified debug logging levels (set in global.asa):
0 = off, 1 = basic logging, 2 = verbose - (SAT) Corrected problem with installing on an IIS 6.x server with non-sequential
web site numbers. - (SAT) Corrected problem of upload notifications including an extra "/" in the URL.
- (SAT) Improved file receive message and file download message templates.
(e-mail text)
- Corrected Daylight Savings Time (DST) problem in recurring Timer Events where the server overcompensated for DST changes
- Corrected issue with Event Rule's "Download" action causing files to be downloaded as folders when the file lacked an extension
- Corrected problem with the EFT Web Transfer Client (WTC) hosted under the latest version of the Java (1.6) Runtime Environment
- Corrected a minor security vulnerability (denial of service) when negotiating the data channel for PASSIVE mode transfers in the FTP protocol through the GlobalSCAPE DMZ Gateway product
- Corrected problem with user level permissions using Active Directory authentication
- Corrected issue with home folder quota calculation over HTTPS connections
- Corrected issue with On Timer event logic and daylight savings time
- Added permissions checking logic to basic HTML interface for Active Directory authentication
- Corrected issue where HTTP engine reported incorrect port to logging
- Fixed response parsing for SSH_FX_STAT command
- Added error handling for Event Rule SFTP downloads using Public Key Authentication
- Fixed refresh issue with the SSL Certificate Manager interface
- Modified MLST command for RFC compliance
- Added AES-128 option for SFTP connections
- Corrected issue with ARM registration messages
- Corrected problem with DMZ Gateway alternating between connected and disconnected states
- Corrected problem with reports not generating when clicking on another report while generating an existing one
- Fixed crash caused by logging in with wrong administrative password
- Fixed crash caused by internal integrity checks when external software modifies the server executable
- Corrected problem with event rule "stop processing" action not being respected
- Added auditing module fail-over logic and notification handling
- Added support for Active Directory Universal Groups
- Added double-click report launching
- Added mechanism to cancel in-progress reports from loading
- Added logic to distinguish between a user-disabled vs. system disabled folder monitor due to a severed UNC resource connection
- Added ability for LDAP accounts to authenticate against the LDAP server on demand
- Added checks to gracefully decline encryption and decryption of files larger than 2GB
- Corrected issue where renaming reports could cause the reports to stop working
- Removed internal overhead from Operational Failures report
- Corrected issue where HTTP/S passwords were not being audited
- Installation will no longer proceed without creation of ARM database password
- MSDE installation size is reported correctly during installation
- Corrected problem where trial serial numbers were not remembered under certain conditions
- Corrected truncation problem with renaming files on OpenSSH servers
- Corrected problem with performing MLST/MSLD listings on files larger than 2GB
- Corrected problem with Web Transfer Client CRC checking of large files transmitted over HTTP/S
- Corrected problem where the server returned errors over SFTP when resuming transfer
- Added Auditing and Reporting Module (ARM)
- Added support for wildcards "*" and "?" for physical FTP directory listings
- Added ability to define proxy settings through the registry for Copy/Move (outbound) and download (inbound) Event Rule actions
- Added the ability to delete the source file after a successful download operation as part of the event rule download action
- Optimized EFT’s handling of configuration data to support many thousands of event rules
- Optimized IP Access list so that IPs are shown in sequential order
- Optimized HTML listing to support RFC 1738 guidelines for “special” characters (sec. 2.2)
- Optimized quota checker to automatically refresh used disk space value
- Corrected problem with e-mail notification action message formatting
- Corrected problem with stability when transferring huge amounts of data over SFTP protocol from the DMZ Gateway to EFT Server
- Corrected problem where LDAP authentication failed if base DN was not pointing to an OU just below the O
- Corrected %FS.VIRTUAL_PATH% context variable for SFTP transactions to be consistent with values shown when other protocols are used
- Corrected problem where offload return codes showed as “failed” even if the transfer was successful
- Corrected problem where offloading a large file would lockup inbound connections to the server
- Corrected problem with OpenPGP key importing that would cause the keyring to become corrupted
- Corrected problem with folder monitor event where if a change was made to the event it would not process the change until the server was restarted
- Corrected problem with timer event rule sometimes failing to execute
- Corrected problem with folder monitor event rule sometimes failing to trigger when files were added to the folder using FTP
- Corrected problem with configuration file message size limits that would prevent the addition of event rules once a large amount of rules were present.
- Corrected problem with the email action editor dialog to avoid improper CR/LF handling and incorrect display.
- Enhanced the Monitor Folder rule sub-system so that multiple folder monitor rules could execute actions concurrently.
- Enhanced COM Admin Interface by adding methods for GetAppletEnabled and SetAppletEnabled under ICIClientSettings Interface.
- Enhanced the "Append" permission in the VFS to apply to all protocols, not just the "APPE" command in FTP.
- Enhanced the product's Event Rule command error logging to output failed command parameters to CMDOUT.LOG.
- Enhanced logging to hide passwords for failed logins, rather than show incorrect passwords in plain text.
- Enhanced Web Transfer Client performance through various internal optimizations.
- Enhanced FTP Protocol to support a new command "XNOP" to avoid command channel timeouts during long transfers. XNOP is returned as part of the FEAT response so that clients can that support XNOP can take advantage of this command.
- Corrected SMTP engine to be compliant with RFC 2821 (Simple Mail Transfer Protocol) for end-of-line character sequences.
- Corrected issue where adding a slash "/" to the path value in the copy/move action would prevent copy/move from offloading data.
- Corrected loss of NT/AD user settings after service restart where the network was unavailable
- Corrected a problem where the port conflict message would appear inappropriately
- Corrected Web Transfer Client performance issue when attempting to open a folder containing thousands of files.
- Corrected problem where addition of new event rules would fail when the size of the event rule configuration grew beyond 32KB.
- Corrected fault when the event rules list was altered while multiple uploads were occurring that caused event rules to fire.
- Corrected problem with the "Require certificates from connected clients" feature incorrectly applying to more than one site.
- Corrected authentication problem with users connecting via SFTP using AD with password-based authentication.
- Corrected problem with File Upload Failed notification action not being triggered.
- Corrected problem with Event Rule parameter %FS.FILE_NAME% not being populated when a file was removed from monitored folder.
- Corrected listing issue with NLST (ls) being unable to produce a directory listing when connecting via PORT mode over the DMZ Gateway.
- Corrected problem with Event Rules triggering a command that failed causing other Event Rules to stop working.
- Corrected issue with Event Rules "If Failed" action being executed even when it was unchecked after having been previously checked.
- Corrected problem with "Monitor Folder" Event Rule that caused EFT Server to stop processing more rules after a period of time.
- Corrected issue with resumed uploads of 0 bytes causing an "On Upload" even to fire.
- Corrected problem with VFS when usernames with an underscore caused groups with similar names not to appear in the VFS user list.
- Corrected internal thread synchronization problem that sporadically caused EFT’s service to stop and EASServer.exe to go into a non-responding mode.
- Corrected problem where NT Auth users were not able to login using logon name i.e (Domain\Username) over sftp protocol on the first attempt.
- Corrected crash when EFT Server was behind an Alteon switch.
- Corrected problem where, under certain upgrade paths, all OpenPGP keys created in the prior build displayed a key size of 1024 (affected only the display of this value).
- Corrected issue with users being duplicated after successful connection with different login credentials such as('Domain\Username') for the same user.
- Corrected HTTP such that the realm value shown to connecting HTTP clients when authenticating does not show the internal address.
- Corrected EFT Server service crash when connecting to AD/NTLM site with an invalid username.
- Corrected a problem where the home folder setting at the user's settings level was not always being used to set the home folder for a new user.
- Corrected problem with SFTP Public Key Authentication (PKA) for the Download action of Event Rules that prevented connection to remote SFTP servers.
- Corrected a display issue in the DMZ Gateway where it was showing a negative number of active connections.
- Corrected problem where users were unable to connect to EFT Server using .NET 2.0 Framework FTP object.
- Enhanced the Monitor Folder rule sub-system so that multiple folder monitor rules could execute actions concurrently.
- Enhanced COM Admin Interface by adding methods for GetAppletEnabled and SetAppletEnabled under ICIClientSettings Interface.
- Enhanced the "Append" permission in the VFS to apply to all protocols, not just the "APPE" command in FTP.
- Enhanced the product's Event Rule command error logging to output failed command parameters to CMDOUT.LOG.
- Enhanced logging to hide passwords for failed logins, rather than show incorrect passwords in plain text.
- Enhanced Web Transfer Client performance through various internal optimizations.
- Enhanced FTP Protocol to support a new command "XNOP" to avoid command channel timeouts during long transfers. XNOP is returned as part of the FEAT response so that clients can that support XNOP can take advantage of this command.
- Corrected SMTP engine to be compliant with RFC 2821 (Simple Mail Transfer Protocol) for end-of-line character sequences.
- Corrected issue where adding a slash "/" to the path value in the copy/move action would prevent copy/move from offloading data.
- Corrected loss of NT/AD user settings after service restart where the network was unavailable
- Corrected a problem where the port conflict message would appear inappropriately
- Corrected Web Transfer Client performance issue when attempting to open a folder containing thousands of files.
- Corrected problem where addition of new event rules would fail when the size of the event rule configuration grew beyond 32KB.
- Corrected fault when the event rules list was altered while multiple uploads were occurring that caused event rules to fire.
- Corrected problem with the "Require certificates from connected clients" feature incorrectly applying to more than one site.
- Corrected authentication problem with users connecting via SFTP using AD with password-based authentication.
- Corrected problem with File Upload Failed notification action not being triggered.
- Corrected problem with Event Rule parameter %FS.FILE_NAME% not being populated when a file was removed from monitored folder.
- Corrected listing issue with NLST (ls) being unable to produce a directory listing when connecting via PORT mode over the DMZ Gateway.
- Corrected problem with Event Rules triggering a command that failed causing other Event Rules to stop working.
- Corrected issue with Event Rules "If Failed" action being executed even when it was unchecked after having been previously checked.
- Corrected problem with "Monitor Folder" Event Rule that caused EFT Server to stop processing more rules after a period of time.
- Corrected issue with resumed uploads of 0 bytes causing an "On Upload" even to fire.
- Corrected problem with VFS when usernames with an underscore caused groups with similar names not to appear in the VFS user list.
- Corrected internal thread synchronization problem that sporadically caused EFT’s service to stop and EASServer.exe to go into a non-responding mode.
- Corrected problem where NT Auth users were not able to login using logon name i.e (Domain\Username) over sftp protocol on the first attempt.
- Corrected crash when EFT Server was behind an Alteon switch.
- Corrected problem where, under certain upgrade paths, all OpenPGP keys created in the prior build displayed a key size of 1024 (affected only the display of this value).
- Corrected issue with users being duplicated after successful connection with different login credentials such as('Domain\Username') for the same user.
- Corrected HTTP such that the realm value shown to connecting HTTP clients when authenticating does not show the internal address.
- Corrected EFT Server service crash when connecting to AD/NTLM site with an invalid username.
- Corrected a problem where the home folder setting at the user's settings level was not always being used to set the home folder for a new user.
- Corrected problem with SFTP Public Key Authentication (PKA) for the Download action of Event Rules that prevented connection to remote SFTP servers.
- Corrected a display issue in the DMZ Gateway where it was showing a negative number of active connections.
- Corrected problem where users were unable to connect to EFT Server using .NET 2.0 Framework FTP object.
- Corrected limitation to the amount of event rules that could be created
- Added capability to authenticate using e-mail aliases in Active Directory (requires registry tweak - contact support for instructions if you desire to use this auth method.)
- Corrected a problem where decrypting a file from a Monitor Folder operation could result in a deleted file
- Disabled a keyboard shortcut resulting in GUI Administrator close when Enter pressed
- Corrected registration information displayed in the Help About box after activation
- Corrected a problem where the Create Certificate command not functioning when a certain combination of options enabled.
- Corrected OpenPGP key expiration logic
- Corrected presentation of certain menus so they would only appear in the right context
- Corrected PGPv9 and GnuPGP migration issues
- Corrected VFS rename issue that resulted in undesired creation of new folder
- Corrected wrong context variable for "local port," "Home IP," and other variables for certain event rule actions
- Corrected event rule trigger for https protocol operations when the User Quota Exceeded is used
- Corrected "Use Mode Z Compression" toggle under settings so that it can be unchecked
- Corrected a minor AD authentication issue with DOMAIN/username sequence
- Corrected fringe crash when deleting groups created under certain conditions
- Corrected fringe crash when going through a particular menu selection sequence
- Corrected an upgrade incompatibility when upgrading from EFT 4.0.5 to 4.0.11
- Corrected security problem where blank usernames could be utilized for admin login IDs
- Corrected file removal issue under certain fringe conditions
- Corrected problem with multiple e-mail notifications being sent under certain event rule triggers
- Corrected minor toolbar icon, typos, incorrect prompts, and other small UI issues
- Corrected Web Transfer Client folder naming issue when escape codes or brackets were used as part of the folder name
- Corrected DMZ Gateway port management for Active Mode FTP connections
- Corrected COM interface marshaling problem in Monitor Folder event that caused OpenPGP operations to fail
- Improved Custom On Timer event to allow hour ranges greater than 24 hours
- Improved Folder Monitor event rule so that file system context variables are updated to new filenames after OpenPGP operations
- Improved wildcard operations (OpenPGP, Move/Copy) so that they do not operate on FOLDERS, only FILES
- Added context variable placeholders to the OpenPGP Action dialog for Monitor Folder event
- Corrected issue with encryption of folders when *.or is used
- Improved thread synchronization of OpenPGP library operations
- Added mechanism to API interface to optionally remove folder inheritance
- Added mechanism to API interface for LDAP site creation
- Corrected error that could cause service crash when passing parameters to custom commands
- Corrected Web Transfer Client registration status information
- Corrected DMZ Gateway to properly close ports when connection is closed
- Corrected LDAP Authentication provider to disallow blank passwords on account verification
- Improvements to Web Transfer Client visualization
- Improvements to Web Transfer Client operation on non-Internet Explorer browsers
- Improvements to performance on OS X 10.4+. The EFT Web Client requires OS X 10.4 or better.
- Encryption of large files over applet uploads now functions as expected.
- Updated OpenPGP Libraries to support AES cipher
- Improved cookie handling for Web Transfer Client to avoid inactive timeout failures
- Added manual resume transfer operation for Web Transfer Client
- Added memory mechanism for last remote folder location for Web Transfer Client
- Fixed CRC validation issues in Web Transfer Client, including proper impersonation of user account for NT/AD site
- Fixed issue with SFTP file operations when user home folder is set as root folder
- Fixed issue where stop & start service caused user SSH keys to be forgotten
- Fixed issue with ON TIMER event that caused the timer to stop operating when action failed
- Updated Web Transfer Client interface for improved Transfer Queue layout
- Added "Passive Mode IP Address" feature to DMZ Gateway Server to better handle use behind NAT
- Added "pong" response to EFT Server "ping" message sent to DMZ Gateway Server to keep Peer Notification Channel alive
- Fixed issue where DMZ Gateway server incorrectly fragmented FTP responses to client
- Fixed wildcard support for OpenPGP and MOVE/COPY file actions in event rules
- Fixed issue when EFT "Block site to site transfers" restriction failed to account for PASV commands coming through the DMZ Gateway
- Fixed instability issue from setting up IP Access on EFT while using DMZ
- Users without list permission now receive the HTTP/S default page instead of a 403 error
- Added captions to web transfer client buttons
- Added disable CRC check option to Web transfer client
- Added MOVE and COPY feature to the web transfer client
- Added auto-resume functionality in the web transfer client
- Improved logic for automatically adding quotes to parameters used in Custom Commands via Event Rules
- Event rule processing modified to process download, move, and decrypt actions together for On Timer event rules.
- Corrected event rule processing so a successful Copy/Move action does not trigger "If action FAILED then" notification email.
- Improved display of Trial registration “Evaluation days left” immediately after registration message is received.
- Corrected version EFT 3.5.1 upgrade issue where On File Download event rule gets renamed to File Rename
- Corrected error when modifying user VFS permissions then selecting Refresh.
- Corrected "Enable time out" option to properly disconnect SFTP sessions.
- Improved resuming SFTP uploads when user's home folder is treated as default root
- Improved reporting of Event Rule variables currently being displayed as N/A
- Corrected manual registration emails addresses
- Improved Web Transfer Client functionality by eliminating double login
- Improved Event Rule logic so Download Fail events are not processed when loading the Web Transfer Client
- Implemented "keep alive" message between EFT Server and DMZ Gateway to avoid network devices closing inactive peer notification channels
- Signed EFT Web Transfer Client files so the certificate is shown as trusted
- Added loading indicator to web transfer client
- Improved security during first install of web transfer client Java applet (changed Java HTTP link to HTTPS when connected via HTTPS)
- Added workaround prompt for attempts to use the web transfer client when Java has not been installed and when authenticating through a proxy
- Improved use of the event rule timer control
- Improved reporting of 404 errors when performing data integrity checks through the web transfer client
- Corrected an error when restarting the EFT Server service using remote administration
- Removed "or subnet" text from IP restriction dialog to clarify use
- Corrected error with cmdout.log not being created or written to file
- Added more branding options to for the deployable web transfer client
- Enhanced communication between EFT and Gateway
- Corrected problem with OpenPGP encryption/decryption speed
- Added support for DMZ Gateway product for secure transactions across firewall boundaries with no inbound holes in firewall required
- Improved Event Rules functionality though addition of "on failed" events, event reordering
- Added ability to monitor a folder for change and execute an event action upon change
- Add a timer based download action for retrieving files from remote inboxes
- Added streaming repository encryption
- Added MODE Z support with ZLIB compression engine
- Added support to choose SSL versions allowed for secure session (over FTPS and HTTP/S)
- Added support for capturing and displaying connection-activity in real-time
- Improved logging information and provided option for "Standard" and "Verbose" logging
- Added support to limit the number of total concurrent user logins
- Improved Web Transfer Client load times
- Added LDAP authentication support (LDAP Auth Manager)
- Added data integrity support (CRC32) for EFT Web Transfer Client
- Corrected event rule locked-file errors for HTTP/S form-based file uploads
- Corrected browser refresh (F5) issue with expired Web Transfer Client sessions.
- Added wildcard support for OpenPGP and MOVE/COPY actions in event rules
- Added OpenPGP encrypt/decrypt/sign to OnLogout Event for improved "batch processing"
- Modified "Default Settings Level" to have "max connections per user" and "max connections from same IP" to be UNLIMITED, not 10
- Corrected Web Transfer Client license count validation on server startup
- Corrected issue causing HTTP/S to improperly return "503 Service Unavailable" messages to clients under certain conditions
- Corrected issue with COM Admin improperly set site values, causing unpredictable behavior
- Added EFT Web Transfer Client
- Corrected parent path issue in HTTP/S
- Corrected NTLM/AD impersonation issues in HTTP/S
- Corrected file locking problems that caused some files to not appear after uploads when a user home folder was specified to be the root folder.
- Improved COM interface error reporting by implementing ISupportErrorInfo interface
- Updated registration mechanism such that successful registration automatically restarts the service to bring new registration values into effect
- Added FORM-based file upload feature
- Corrected issue so bandwidth limits are now honored by SFTP, HTTP/S
- Corrected issue so disk quotas now honored by SFTP, HTTP/S
- Corrected issue so transfer quotas now honored by SFTP, HTTP/S
- Corrected issue so SSH transfers record file sizes
- Corrected issue so all IP addresses are recognized on multi-homed Win2K3 box
- Corrected issue so logging records the server port number
- Corrected issue for PUT method failing for some uploads: returns "400 Bad Request"
- Corrected issue with right-click editing multiple docs
- Corrected issue in some instances where On File Upload events not triggered when using SFTP
- Corrected issue where some Event Rules did not release handles correctly
- Corrected issue with COM Interface communicating with Service
- Updated internal account management logic to support large (30,000+) number of users in authentication store
- Corrected HTTP(S) authentication against domain controller so that domain name is not required as part of username (DOMAIN\username)
- Corrected issue with COM Interface communicating with Service
- Updated internal account management logic to support large (30,000+) number of users in authentication store
- Corrected HTTP(S) authentication against domain controller so that domain name is not required as part of username (DOMAIN\username)