SFTPPlus

SFTPPlus Release 3.43.0

We are announcing the latest release of SFTPPlus version 3.43.0.

New Features

  • When defining a new password for an account, it is now possible to define a minimum level of complexity and strength. [#4700]
  • You can now set an email as part of the user's account details. [#5125 …

general release

Wed 19 December 2018
SFTPPlus

Pro:Atria and SFTPPlus sponsor DVLA Code Challenge 2018 for School Children

Pro:Atria is delighted to be a sponsor of the DVLA Code Challenge 2018 for School Children.

DVLA runs the competition to provide Schools, Code Clubs and Community groups in Wales with IT equipment and promote STEM (Science, Technology, Engineering and Mathematics) subjects aimed at children aged 7-14.

DVLA work …

article general

Tue 18 December 2018
SFTPPlus

Secure your FTPS server with Let's Encrypt

Introduction

Let's Encrypt for FTPS Server

What is Let's Encrypt?

Let's Encrypt (sometimes shortened as LetsEncrypt) is a certificate authority that provides SSL/X.509 certificates at no charge. You can read more on the subject in the Wikipedia article on Let's Encrypt.

A Let's Encrypt certificate is valid for …

article

Thu 29 November 2018
SFTPPlus

SFTPPlus Release 3.42.0

We are announcing the latest release of SFTPPlus version 3.42.0.

New Features

  • You can now define a custom CSS file for HTTP/HTTPS file transfer services. [server-side][http][https] [#5101]
  • You can now automatically get SSL/X.509 certificates signed by Let's Encrypt's certificate authority. [ftps][https] [#5117 …

general release

Tue 27 November 2018
SFTPPlus

SFTPPlus Release 3.41.1

We are announcing the release of SFTPPlus version 3.41.1 which is a bugfix release to always transfer the marker file as the last file in marker based batch transfer.

By transferring the marker file as the last file, a failed transfer can be resumed.

No other changes were …

general release

Wed 21 November 2018
SFTPPlus

SFTPPlus Release 3.41.0

We are announcing the release of SFTPPlus version 3.41.0 which adds support for running HTTP/HTTPS services behind a Layer 7 HTTP Application load balancer.

New Features

  • It is now possible to define a list of HTTP Host header origins accepted by the HTTP file transfer services and …

general release

Thu 15 November 2018
SFTPPlus

SFTPPlus Release 3.40.1

We are announcing the release of SFTPPlus version 3.40.1 which is a bugfix release. Starting with this version, the option to hide the SFTPPlus authentication session from the www-authenticate headers is visible in the Local Manager.

No other changes were done on this release on top of 3 …

general release

Wed 14 November 2018
SFTPPlus

SFTPPlus Release 3.40.0

We are announcing the latest release of SFTPPlus version 3.40.0.

New Features

  • SuSE Enterprise Linux without the Security Module and OS X are now distributed with OpenSSL 1.1.0h, making it possible to use TLS 1.2 and SHA2. [#5030]
  • It is now possible to use variable …

general release

Tue 13 November 2018
SFTPPlus

Security Advisory for SFTPPlus 3.39.0

A security advisory was created for SFTPPlus version 3.39.0 affecting the SCP protocol for which existing files were not always fully overwritten upon a new file upload request.

security compliance

Sat 06 October 2018
SFTPPlus

SFTPPlus Release 3.39.0

We are announcing the latest release of SFTPPlus version 3.39.0.

Customers using the SCP protocol are urged to upgrade to this version. Any previous version contains a security issue when overwriting files over SCP.

New Features

  • In the event handler configuration, it is now possible to filter the …

release security

Fri 05 October 2018
SFTPPlus

SFTPPlus Release 3.38.0

We are pleased to announce the latest release of SFTPPlus version 3.38.0.

New Features

  • When the remote FTP/FTPS server supports the MLST command, SFTPPlus will use it to determine the existence of remote paths. [client-side][ftp][ftps] [#3885]
  • For a transfer, it is now possible to execute …

general release

Fri 21 September 2018
SFTPPlus

Security Advisory for SFTPPlus 3.37.1

A security advisory was created for SFTPPlus version 3.37.1 affecting authentication of accounts using the HTTP API.

security compliance

Thu 13 September 2018
SFTPPlus

SFTPPlus Release 3.37.1

We are pleased to announce the latest release of SFTPPlus version 3.37.1.

Defect Fixes

  • The HTTP API authentication for an account now fails when the account is accepted by the remote HTTP API but the associated group is disabled. [server-side][security] [#5058]
  • A defect was fixed in Local …

security release

Thu 13 September 2018
SFTPPlus

SFTPPlus Release 3.37.0

We are pleased to announce the latest release of SFTPPlus version 3.37.0.

New Features

  • The HTTP and HTTPS file transfer API now support session based authentication. The Basic Auth login is still supported. [server-side][http][https] [#5009-1]
  • The HTTP and HTTPS file transfer services now have a session …

general release

Thu 06 September 2018
SFTPPlus

SFTPPlus Release 3.36.0

We are pleased to announce the latest release of SFTPPlus version 3.36.0.

New Features

  • The Azure File Service of the Azure Storage Account is now available as a location for client-side transfers. [client-side][http] [#4988]
  • It is now possible to define a client-side file transfer that will wait …

general release

Thu 02 August 2018
SFTPPlus

Secure File Transfer and Business Continuity Planning

Introduction

What is business continuity planning (BCP)?

According to Wikipedia, business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to a company.

Business Continuity Planning also includes these five components as defined by the SANS Institute. These components are:

  • Business Resumption …

article

Fri 06 July 2018
SFTPPlus

SFTPPlus Release 3.35.0

We are pleased to announce the latest release of SFTPPlus version 3.35.0.

New Features

  • The OpenSSL library used by SFTPPlus on Windows was updated to OpenSSL 1.1.0h. [#4579]
  • It is now possible to define virtual folders that are available to all accounts from a group. These …

security release

Tue 03 July 2018
SFTPPlus

Setting up security scanners for your SFTPPlus MFT Server

Introduction

OWASP Logo

The following is a short guide on how you can set up a security scanner for your SFTPPlus MFT Server installation. For this guide, we have chosen a free and open source scanner, OWASP Zed Attack Proxy or zaproxy, as an example.

Of course, there are a number of …

article security

Wed 20 June 2018
SFTPPlus

Security Advisory for SFTPPlus 3.41.1

A security advisory was created for SFTPPlus version 3.41.1 affecting caching of HTTP files and injection of external content into HTTML error messages.

security compliance

Mon 18 June 2018
SFTPPlus

SFTPPlus Release 3.34.1

We have recently deployed the latest release of SFTPPlus version 3.34.1 which fixes the following defects:

  • The files downloaded using the HTTP file transfer service now have explicit headers to disable caching. [security][http][https] [#4953]
  • The HTTP service no longer returns user input as part of the …

security release

Fri 08 June 2018
SFTPPlus

IPv6 support for HTTP/S, FTP/S, SFTP and SCP File Transfer Services

Why get ready for IPv6?

According to the Akamai Q1 2017 State of the Internet Connectivity Report, "approximately 5 million IPv4 addresses were depleted from available pools at the Regional Internet Registries in the first quarter, leaving approximately 39 million addresses remaining."

In response to the steady depletion of IPv4 …

article infrastructure

Mon 04 June 2018
SFTPPlus

SFTPPlus Release 3.34.0

We are pleased to announce the latest release of SFTPPlus version 3.34.0.

A number of changes have been made in regards to how permissions are set in SFTPPlus.

If you are planning to upgrade your existing installation and you have custom permissions for SFTPPlus accounts and / or groups …

security release

Mon 28 May 2018
SFTPPlus

Secure cipher suites for the ssl_cipher_list configuration

Default SSL cipher suites

With the release of SFTPPlus 3.32.0, we have changed the default set of SSL cipher suites for the Local Manager and the HTTPS service. As with any product that runs in many environments, SFTPPlus uses a default set of SSL-related parameters that are a …

security

Thu 03 May 2018
SFTPPlus

Security Advisory for SFTPPlus 3.33.0

A security advisory was created for SFTPPlus version 3.33.0 affecting Cross-Site Scripting Attacks for HTTP and HTTPS pages accessed via a web browser.

security compliance

Thu 26 April 2018
SFTPPlus

Security Advisory on CSRF and XSS attacks affecting HTTP/HTTPS services

Customers using HTTP/HTTPS services should upgrade to 3.33.0

SFTPPlus update against CSRF and XSS

The SFTPPlus version 3.33.0 release is a major security update for the HTTP/HTTPS file transfer service and the SFTPPlus Local Manager service.

This update addresses the vulnerabilities concerning Cross-Site Request Forgery Attacks and Cross-Site Scripting Attacks …

security

Tue 24 April 2018
SFTPPlus

SFTPPlus Release 3.33.0 now supports IPv6 server-side functionalities

We are pleased to announce the latest release of SFTPPlus version 3.33.0.

This is a significant release in that it supports the Internet's next generation protocol, IPv6, for all server-side functionalities.

As we begin to hit the upper limit of IPv4 addresses, the current standard, what matters to …

security release

Mon 23 April 2018
SFTPPlus

Data Loss Prevention - Systems, Software and Strategies

What is Data Loss Prevention (DLP)?

Data Loss Prevention (or DLP for short) is the application of technology and policies in order to detect and prevent potential data breaches and data ex-filtration. Data that is of particular interest include sensitive emails, documents and other information leaving the organizational boundary. Data …

article infrastructure

Thu 19 April 2018
SFTPPlus

SFTPPlus and its relevance with the OIAC Privacy Act and ASD ISM

In this post, we outline two main compliance obligations relevant to Australia - the OIAC Privacy Act and the ASD ISM. For those familiar with other international compliance obligations, such as the GPG13 (Good Practice Guide) provided by the UK or HIPAA (Health Insurance Portability and Accountability Act) provided by the …

australia compliance privacy

Mon 16 April 2018
SFTPPlus

SFTPPlus Release 3.32.0

We are pleased to announce the latest release of SFTPPlus version 3.32.0.

New Features

  • SFTP and SCP file transfer services can now listen on IPv6 addresses and accept connections from IPv6 clients. [server-side][sftp][scp] [#1924]
  • The HTTP and HTTPS service now accepts creating new folders with the …

security release

Thu 05 April 2018
SFTPPlus

Understanding the exchange between SFTP Client and SFTP Server

Why read this?

As part of meeting the Accounting component of the AAA (Authorization, Authentication and Accounting) framework, each event and action on the server and/or the client-side are recorded by SFTPPlus. These events have an associated Event ID which is also publicly searchable both on our website and …

article

Thu 08 March 2018
SFTPPlus

Protecting your SFTPPlus configuration against SWEET32

Details of attacks on DES (Data Encryption Standard) and Triple DES, Birthday attacks on 64-bit block ciphers were released with the CVE ID of CVE-2016-2183. Read more about the CVE details here).

DES and Triple DES ciphers, used in TLS and SSH protocols and in subsequent relation also used in …

security

Fri 02 March 2018
SFTPPlus

SFTPPlus is not affected by the Meltdown and Spectre Vulnerabilities

SFTPPlus is not affected by Meltdown and Spectre. SFTPPlus secure file transfers does not allow any arbitrary application code execution.

security compliance

Wed 21 February 2018
SFTPPlus

SFTPPlus Release 3.31.0

We are pleased to announce the latest release of SFTPPlus version 3.31.0.

New Features

  • The option to enforce unique names for uploaded files is now available for the HTTP and HTTPS file transfer services. [server-side] [#4465]
  • A SOCKS version 5 (SOCKS5) proxy without authentication can now be used …

security release

Tue 20 February 2018
SFTPPlus

Tips to managing your file transfer requirements

Designing a file transfer system can be a difficult task. Which file transfer protocols should I use? Do I need server-side or client-side software or both? How do I authenticate my file transfer users securely?

Your first step in this journey is to understand your requirements. In this post, we …

article

Fri 16 February 2018
SFTPPlus

SFTPPlus Client Release 1.5.65

We have released SFTPPlus Client version 1.5.65 which fixes a defect for recursive uploads over SFTP from a Windows client to a Linux server.

general release client

Wed 14 February 2018
SFTPPlus

Announcing the SFTPPlus and Docker repository

Docker containers have been a constant presence in the worlds of DevOps and cloud computing. We have recognized this only through a passing mention in our product page that SFTPPlus can run in a Docker container.

However, we have not gone beyond that, until now.

Now announcing SFTPPlus and Docker

We are pleased to announce …

blog

Wed 31 January 2018
SFTPPlus

SFTPPlus Release 3.30.0

We are pleased to announce the latest release of SFTPPlus version 3.30.0.

New Features

  • It is now possible to dynamically dispatch files to different destinations based on the name of the file which was dispatched. [#4555]
  • The HTTP authentication method can now send requests which are authenticated using …

general release

Thu 25 January 2018
SFTPPlus

Introducing SFTPPlus to high availability and resiliency

Where does SFTPPlus sit in your IT infrastructure

The SFTPPlus software stands at the OSI Layer 7 or the TCP Layer 4. In order to have a fully fault tolerant system, you need to implement resilience at all the other layers including the OS. SFTPPlus can be integrated with external …

article infrastructure

Tue 23 January 2018
SFTPPlus

Choosing the best protocols for securing data and file transfers

Why read this guide

In order to implement a secure managed file transfer system, you will need a good understanding of the supported services and protocols involved.

This article provides an overview of the supported protocols, including the advantages and disadvantages of these protocols as well as situations for the …

article security

Mon 22 January 2018
SFTPPlus

Securing data and file transfers between SFTPPlus and third parties

Why read this article

In order to have a fully established file transfer and sharing system, you need to implement integration at all the other layers including the OS. SFTPPlus can be integrated with external tools and third parties in order to help establish these integration requirements.

This article is …

article security

Sun 21 January 2018
SFTPPlus

SFTPPlus Release 3.29.0

We are pleased to announce the latest release of SFTPPlus version 3.29.0.

New Features

  • An event with ID 30079 is now emitted when an SFTP location sends a banner message during authentication. [#4293]
  • The HTTP file transfer service now supports the HEAD method for folders which return OK …

general release

Thu 11 January 2018
SFTPPlus

SFTPPlus MFT Trial Releases Now Available

It is now easier for all enterprises - large and small - to evaluate SFTPPlus MFT with the release of a trial version which includes full functionality of the software suite.

Customers seeking a trial have the choice of either the MFT Server, MFT Client or both for major operating systems on …

general release

Thu 11 January 2018