EFT Arcus

Globalscape EFT Arcus (MFTaaS) is a cloud-managed file transfer solution for organizations that want to reduce the complexity of your file transfer infrastructure, increase operational efficiency, and protect your most important data. With EFT Arcus you have the core features of EFT Enterprise (secure access protocols, data visibility, governance, and automation) with the reliability, scalability, and accessibility of the cloud, minus the uncertainty of managing cloud infrastructure or installing software on-premises.

Learn more about Globalscape EFT Arcus by visiting https://www.globalscape.com/eft-arcus-cloud-services.

May 2021

Version 8.0.3.22

May 22, 2021

Updates
  • Updated the jQuery library to the current version.

Fixes
  • Fixed a deadlock that caused the administration console to became inaccessible.

  • Fixed an issue where EFT was returning a 401 when RAM agents were checking in.

  • Fixed deadlock in EFT occurring when processing an invalid HTTP login.

  • Fixed an issue where false positives were reported in the PCI compliance report due to RAM agent settings.

  • Fixed intermittent hangs of the administration console due to deadlocks in the folder monitor subsystem.

  • Fixed a problem where EFT administrators were getting an error when specifying SSH keys for event rules.

  • Fixed an issue where terms of service and forced password reset caused WTC access to be denied.

May 2020

Version 8.0.3.9

May 10, 2020

New Features
  • Basic Tier clients can now create one Remote Agent (additional fee applies)

  • BulkUserExport: Upload a JSON file named "ExportUsersSettings.json" into the BulkUserExport folder to dump the user list for a specific site (or all sites if the value is empty).

  • PGP keys, SSH keys, and SSL certificates can be imported into EFT Arcus through the Arcus Management Template

  • Added ability to use the SAML assertion map attribute Email field in JIT or LDAP after an IDP- or SP-initiated login to create an account in EFT

  • OpenPGP key pairs are defined and managed on a Site instead of the Server

  • Added privacy and other GDPR-related features:

    • User agreements and consent options on the General Tab of a User Node

    • Privacy options on the User Account Action in Event Rules

    • Privacy options for EFT on the Site > Web tab and in the WTC

    • Terms of Service agreement options for EFT web portal on the Site > Web tab

    • User Account Details Template on Site > Security tab to apply GDPR-related privacy settings to all user accounts on a Site

    • Optional permission on Server > Administration tab to give administrator accounts permission to manage personal data for users

    • GDPR-related event, context variables, and user conditions

    • Personally identifiable information (PII) / personal data is encrypted by default (beyond normal Arcus disk encryption)

    • Removed email address from User > General tab

  • ARM reports:

    • Privacy-related, pre-defined ARM reports

    • More performant ARM reporting functions

  • New Event Rule features:

    • Create or set variable Action

    • Call (GoTo) Event Rule Subroutine Action

    • Ability to scan metadata with Content Integrity Control Action

    • "Enable this account" option in the User Account Action. (Refer to Workspaces Invitations for an example of using the User Account Action to enable an expired Guest account.)

    • Context variable to take anything after the last dot (before the extension) and place it into this context variable

    • New context variables for date and time stamps in ISO8601 format

    • Event Rules are now saved in JSON (instead of XML) for import/export

  • Workspaces changes:

    • Site > Web tab to configure web portals and their features. (Replaces Workspaces tabs.)

    • Now support moving files between Workspaces

    • Ability to retain Workspaces files on disk after link has expired

    • Password-protected pickup - Allow or require senders to require recipients to provide a, out-of-band passcode before accessing files

    • Securely send an email without an attachment (applies to browser-based sends and the Outlook Add-In)

Updates
  • Updated PGP library to IP*Works! OpenPGP 2016

  • Updated to Advanced Workflow Engine version that includes several bug fixes

October 2019

Version 7.4.15

Oct 18, 2019

New Features
  • Added a new User Settings Template for administrators to use the “Arcus Management Site” to allow self-service of some server-level functions, accessed via the WTC folders:

  • AdminUsers - Upload a JSON file into this folder to immediately disable a specific admin account

  • ARMDB-Dumps - Create a CSV or HTML file with specific data dumped from the ARM DB

  • Backups - Upload Backup and restore JSON file to control backups and restores to their data on EFT

  • Certs - Upload certs here and then reference them directly from the administration interface

  • Custom - Upload customized email templates to this folder

  • Downloads – Contains the RAM agent and other files for download

  • Logs - Access your EFT logs here

  • Site-Root - Direct access to your site root

  • Added a self-service portal for administrators to reset their password and configure 2FA for administrator accounts

Enhancements
  • Enhanced the ARM reporting function with the addition of nightly database fact table builds that are used to pre-process data for some reports, greatly increasing their speed

  • Improved the purge capability of the ARM database and eliminated old data that is made redundant by the fact tables

  • Improved performance for the drop-off portal

April 2019

Version 7.4.14.0

Apr 30, 2019

New Features
  • Added support for Just-in-Time (JIT) provisioning for SAML-initiated logins (EFT Enterprise only)

  • Added a User Account Action to allow administrators to automate changes to user accounts (e.g., disable, delete, etc.)

  • Added ability for user to log in with existing EFT account instead of creating a new account after receiving invitation to pick up a file

  • Added ability in Event Rules (in EFT Enterprise) to specify Created Date/Time and/or Modified Date/Time for the Cleanup in folder Action (previously available only via registry setting)

  • Added ability to enable HSTS when HTTPS is enabled, independent of the Redirecting HTTP to HTTPS feature

  • Automatically encrypt/decrypt data at rest using EFT-managed AES-256 symmetric encryption

    • EncryptedFolders=TRACE added to logging.cfg

    • Allow override of the default key passcode via advanced properties

Enhancements
  • Enhanced usability during initial account registration and change password requests by showing password complexity requirements

  • Updated EFT to latest OpenSSL and OpenSSH versions

  • Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols

  • Updated Web Transfer Client login page and localization features

January 2019

Version 7.4.12

Jan 27, 2019

New Features
  • Added ability to send emails to 20 addresses at once from Workspaces (previously was 10 emails)

  • Added ability to download entire folder structures (as a ZIP)

  • Added ability to move folders in WTC

  • Added a broken transfers warning in WTC

  • Added ability to display full name rather than login name in WTC.

  • Added ability for user lookup in LDAP directory service for SAML and Workspaces logins

  • Added ability to map LDAP users to a Settings Template

  • Added ability to ignore or enforce the SAML Assertion Signature or SAML Message Signature

  • Added support for IdP-initiated SAML SSO login

  • Added the ability to enable/disable RSA SecurID and RADIUS two-factor authentication for Active Directory (internal) users. The account configured in EFT must match the user account on the RSA server. Whatever the user provides to log in to EFT is sent to the RSA server. (Refer to the article at https://kb.globalscape.com/KnowledgebaseArticle11267.aspx for details of changing the challenge text in the dialog box that appears.)

  • Allow multi-part sequential transfers from the cloud

  • Added ability to capture the reason for a manual IP ban for remote administration access

  • Added ability to add context variables and values to web services XML response

  • Added ability to calculate disk quota for "never logged in" users and/or for disabled users

  • Added ability to specify a whitelist of additional domains and IPs to accept in host header

  • Added ability to specify Content Security Policy to pass security web scans

  • Added ability to disallow (Shut Off) Basic Authentication for HTTPS

  • Added ability to specify HSTS max age

  • In the Download Action, added option to treat as successful when downloading (FTP, SFTP, and HTTPS) from a remote server and one or more files are missing

  • Added ability to import/export XML files of Event Rules with password used in the Event Rules

  • Added "if action FAILED then" logic to Send notification email Action so that the administrator can specify what should happen if the Send notification email Action fails (e.g., stop processing the rule)

  • Added custom header support in AS2 Send File dialog box and AS2 Outbound Parameters.

  • Added ability to allow asynchronous MDN notifications to process properly in any node in HA cluster

  • Added support for GZIP payloads for MDN responses

  • Added support for specifying MDN signing algorithm (MIC) for inbound transactions

  • Added ability to specify custom headers for outbound transfers

  • Added ability to specify which signature algorithms to allow for inbound transfers

  • Added ability to specify which encryption algorithms to allow for inbound transfers

  • Added ability to specify which signature algorithms to allow for outbound transfers

  • Added ability to specify which encryption algorithms to allow for outbound transfers

Enhancements
  • Updated AS2 library to the EDI integrator 2016 component

  • Updated AS2 Signature and Encryption Algorithms for inbound transactions
  • Updated signature and MDN algorithms; EFT will use sha-256 for new AS2 connections going forward and use sha1 for existing AS2 connections that have already been defined

  • Removed/hid user disk quota from administration interface

  • Updated SSL library to OpenSSL v1.0.2p

  • Updated SFTP FIPS library to meet current FIPS compliance standards

  • Improved SFTP logging to capture algorithms used

May 2018

Version 7.4.6.2

Mar 30, 2018

New Features
  • Added support for Advanced Workflow Engine v10

  • Added ability to monitor and act upon AWS S3 storage activity

  • Added ability to monitor and act upon Azure blob storage activity

  • Added Content Variable: %CLOUD.OBJ_KEY_NAME% = Exact object name, e.g. 4my$-organization, or my.great_photos-2014/jan/myvacation.jpg

  • Added Content Variable: %CLOUD.OBJ_META_DATE% = The object's date from its metadata

  • Added Content Variable: %CLOUD.OBJ_META_CONTENT_LENGTH% = The object's size in bytes

  • Added Content Variable: %CLOUD.OBJ_META_LAST_MODIFIED% = The object’s creation date or the last modified date, whichever is the latest.

  • Added Content Variable: %CLOUD.OBJ_META_CONTENT_MD5% = The base64-encoded 128-bit MD5 digest of the object.

  • Added Content Variable: %CLOUD.OBJ_META_VERSION_ID% = From x-amz-version-id, which is the object version.

  • Added support for HA Unicast communication

  • Added support for X-Forwarded-For header

  • Added support for X-Forwarded-Port header

  • Added support for X-Forwarded-Proto header

Enhancements
  • Remote Agent Module: Corrected scenario of partial rule update if update package exceeded 65KB

July 2018

Version 7.4.8

Jul 16, 2018

New Features

Admin GUI

  • High Security Module (HSM) is now Advanced Security Module (ASM) in EFT Enterprise Outlook Add-in

  • OAI now provides a Secure Message Delivery Option

  • Microsoft Outlook Digital Signature is now supported with EFT OAI

  • Microsoft Outlook Encryption is now supported with EFT OAI

Remote Agent

  • Agent/Account coexistence

  • Agents can be created on same site as standard user account

  • New Diffie-Hellman key exchange security between EFT and Remote Agent

  • Remote Agents will now auto-update when required

  • Shorter update intervals (real-time (every 15 seconds), once a minute, every 5 minutes, every 30 minutes)

  • New options for when an agent fails

  • System environment variables in remote agent rules

  • Remote Agent Condition for relevant File System triggers in event rules

  • “Run on links” option has been removed when you create remote agent rules

  • Agents can now perform client transfers to any server you designate, rather than only back to the home EFT

WTC/Workspaces

  • EFT Admins can now enable/disable the Reply portal

  • Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled

  • EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal

  • Request file options will now provide ability to require authentication

  • EFT Email recipients can now access the reply/reply all page from the pickup portal

  • Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha

  • Workspace invites are now restricted to whitelisted domains (if configured)

  • EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace

  • The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share

  • EFT will now restrict guests to their shared workspace

  • External users will no longer be granted by default a home folder of their own

  • Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account

  • Added Spanish language to WTC

  • Rebranding of the WTC including all portals

  • Increased Workspace trial license count to 100 seats

  • EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating

  • Improved the account registration and verification process

  • After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace

Remote Agent

  • Certificate creation for a RAM template is no longer required when configuring a new Remote Agent

Security

  • Support strong KEX algorithms for Incoming SFTP

Event Rules

  • Ensure S3 regions list is up-to-date

Remote Agent

  • Changed from “Active’ to “Enrolled” in the agent status list

Logging

  • Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors

Fixes
  • Web Service – Invoke Event Rules (Detailed) report no longer returns data

  • Outlook Send Report column (Recipient) is not populating

  • PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint

  • Admin console is hanging when login and also when trying to clone rules

  • Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth

  • Passwords not syncing with EFT AD site

  • Service hang - users can't connect

  • EFT Memory is growing gradually

  • Anonymous authentication bug since 7.3.3.21

  • Service crashing intermittently

  • After upgrade and applying hotfix, Permission groups no longer present

  • GUI Crashes with new ODBC site when creating new user

  • EFT Event Action S3 region list is incomplete

  • EFT S3 Region list is outdated

  • Browse Remote File System causes Error and GUI Crash

  • Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently

  • When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination

  • Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6

  • ER: An unencrypted user password can be written to WEL when using User Event Rules

  • Event Rule: The reason for not being able to delete a file (move) is not provided to the user

  • EFT’s copy/move does not appear to honor the “Retries” value

  • EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4

  • Source file name.ext not pre-populating in the source field after clicking OK

  • Source file name.ext not pre-populating in the source field after double clicking

  • UI does not refresh after deleting an Event Rule

  • File/Folder actions leak handle

  • Scheduled event rule not running at expected scheduled times after 12am

  • Connection Profile – Connection Details form disappears when the admin user hits the enter Key HTTP

  • HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods

  • Folder monitor override credentials being used when writing to log file

  • EFT - Can't delete a file because Outlook is accessing it

  • PCI Invalid logins differ at the site and server level

Remote Agent

  • EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate

  • Remote Agent Service executable has bad description

  • Agent Install URL returns 404 for HA installations

  • Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template

  • Remote Agent Template window, tab order not going left to right, top to bottom

  • Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."

  • Remote Agent Template can be selected for new administrator accounts

SFTP

  • SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled

  • SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia Server

  • ClientFTP: CSocksSocket checks timeout wrong

  • Listing fails on remote server in EFT, but not Filezilla

SMTP

  • SMTP to Exchange fails with TLS 1.1 and 1.2

Status Viewer

  • EFT Admin: Status screen is not refreshing statistics

VFS

  • Cannot remove "All Users" group from a folder in VFS

  • Unable to configure streaming repository encryption when site root is a share

  • Show VFS home folder then setting permissions is broken again

  • VFS manipulation is slow

WTC/Workspaces

  • Refresh required when an unacceptable character is entered in Maximum message size

  • Banned file types appear to be sent from Drop-off and Send Portal

  • User isn't routed to the workspace (shared) folder upon login to WTC

  • Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending

  • Selected user background turns from 'blue' to 'gray' after the action

  • OAI body message is not visible when accessing the contents via WTC

  • Workspaces license limit email is being sent incorrectly

  • Workspaces guest template defaults to allow creation of workspaces

  • Http/1.1 404 Object Not Found error when clicking on Workspace link from email

  • Customizations.js executing before the UI is rendered, preventing customizations to the WTC

  • WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers

  • Embedded link downloads no longer working as of 7.4.x

  • WTC translation does not persist after clicking request file option

  • WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users

August 2017

Version 7.4.2

Aug 28, 2017

New Features
  • Added template for password reset confirmation email that is sent when user is unauthorized to reset password

  • Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.

  • Auditing and Reporting Module (ARM): Add new option in EFT to log TED6 logs to the new table - default new option to false/off

  • COM Interface:

    • Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

    • Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

    • New COM APIs for Drop-Off controls

  • High Availability (HA):

    • Added support for Autoscaling in AWS

    • Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast

    • Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time

  • Logging: Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

  • Protocols - FTP/S: Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

  • Protocols - SFTP:

    • Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

    • Added diffie-hellman-group-exchange-sha256 KEX

    • Added ability to select SFTP KEX algorithms through GUI and COM

  • SMTP: Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

  • Web Interfaces – Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)

  • Workspaces:

    • Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

    • Added administrative option to place newly invited Workspace participants in specific settings template

  • Drop-Off: Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile

  • Reply Portal: Users can now reply to a message from Send/Drop-Off

Enhancements
  • PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

  • Now able to login with Admin accounts in AD Universal group in child domains

  • Administrator Interface (AI):

    • Find/Search in EFT doesn't search connection profiles

    • Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

    • Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

    • More clearly show the configuration state and current flag value of change password on first login

    • Clarified user Password Expiration, Reminder, and Notification Options

  • Installation: On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.

  • Protocols - General: Improved responsiveness when browsing directories containing many subfolders.

  • Secure Ad Hoc Transfer (SAT): Removed SAT install files from EFT 7.4 Installer

  • Web Interfaces – Web Transfer Client (HTML5):

    • Updated webclient to version 1.4.0 build 4

    • Updated French translation

    • Update French translation for word "Language"

  • Web Interfaces – Light Text Client (LTC):

    • Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces

    • Updated Workspace Invitation Subject line to "You've been added to a workspace"

    • On upgrade from 7.2.x, Workspace notifications should be disabled

    • Where possible, Workspace owner’s full name is used for WS invites instead of their login name

    • Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them

    • New participant of a workspace now lands to that particular shared folder and not at the home page of WTC

    • Workspace owner can now add additional participant(s) to a private workspace

Fixes
  • Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

  • EFT password email reminders with AD Site did not trigger

  • When changing password for user through Admin GUI, force password option was being automatically enabled

  • EFT forcing users to change their password upon first log in

  • Renaming folders in VFS causes a loading indicator

  • EFT Standalone: User's last time connected was only being updated once per day

  • Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

  • Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant

  • Event Rules were not grayed out with no add on modules activated

  • Reference to Enterprise only features were available in reports

  • Resolved EFT Admin GUI crash after using the send Email test button

  • Settings Templates was no longer sorted alphabetically as of 7.3.3.21

  • Admin GUI did not retain setting for Password Expiration at user level

  • When changing password in admin interface, force password option was automatically checked

  • When modifying password expiration "Remind" option Apply button was greyed out.

  • Settings Template options did not properly display inherited options

  • Auditing and Reporting Module (ARM):

    • Report is missing filters (Traffic - Protocolwise Connections (Summary)

    • Executive Summary Report data was being truncated

    • The text "hmtest" appeared in Event Rules Detailed report after the Description

    • Admin Action report Change Originator column was being truncated

  • Authentication - General:

    • Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

    • Corrected scenario where certain user accounts were not able to authenticate if the account was renamed

  • COM Interface:

    • "IsFolderVirtual" COM method was no longer functioning in 7.3.5

    • Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

    • ICISite::SetWorkspace failed with MX error 7

  • Custom Command default execution timeout for newly created Custom Commands should be 30 seconds

  • Event Rules:

    • User Account Disabled Rule did not function after upgrade to 7.3.3.21

    • Event Rule using FAST protocol to Download Files would fail if connection profile was used

    • Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

  • High Availability (HA):

    • Event rules with comma character ',' in event rule name would fail when load balanced

    • When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

  • Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"

  • Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

  • SSL/TLS logging for FTPS connections was not working

  • Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE

  • OpenPGP: Addressed potential scenario of new PGP key not displaying correct expiration date

  • Protocols - FTP/S:

    • EFT responded to a quit command with an additional 0d 0a after version 7

    • Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file

  • SMTP:

    • Trailing spaces in SMTP host address would not resolve the address

    • User Credentials email had an erroneous = at end of username

    • Email notification for credentials contained an erroneous trailing =

  • WTC/Workspaces:

    • Forgot password in WTC didn’t work if 2+ users shared an email address

    • WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled

    • WTC was not displaying password expiration reminder on login

    • While uploading a large file, occasionally received errors when trying to create folders or workspaces

    • Join with Smartcard button was improperly visible when connecting to CAC enabled site

    • Download button did not function the Max transfer speed option was enabled at the site level

    • Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal

    • Resolved issue of being unable to send files from the iFrame

    • Outlook Add-In functionality was not working in some instances

    • Private workspace owner was unable to add additional users to private workspaces

Back to Globalscape Products