EFT Express

Learn more about Globalscape EFT Express by visiting https://www.globalscape.com/managed-file-transfer.

June 2021

Version 8.0.5.12

June 06, 2021

  • Fixed an issue where certain event rule configurations would fail to upgrade to EFT 8.0.5

April 2021

Version 8.0.5.7

Apr 30, 2021

New Features

EFT Administration

  • Added support for Proxy Protocol (TFS 376808)

  • Added a warning when exceeding EFT's specified limits (TFS 376816)

  • Added a "Last password change" field under the user's General tab (TFS 379671)

  • Added a Secrets Module backup storage location (TFS 376215)

  • Added the ability to define SSL and SFTP security settings (ciphers, mac's, etc.) at the Site Level (TFS 370369)

  • Added support for Twilio custom verification code (TFS 378823)

  • Added a warning for Folder Monitor Rules when monitoring a user's home folder path (TFS 376494)

  • Added ability to promote an EFT Server to a new cluster (TFS 377176)

  • Added two new Performance Counters: Event Rules Running Async Events, Event Rules Size of Async Events Queue (TFS 341305)

Advanced Properties

  • Added ability to ignore sending password reminder emails for expired or disabled user accounts (SendPasswordReminderEmailForDisabledClient). Default set to True (TFS 378128, Case 83175)

  • Added ability to set expiration limits on password reset links (PasswordResetLinkExpirationPeriodMinutes). Default set to 30 minutes (TFS 376459, Case 79626)

  • Added ability to set AKV Recovery Access Key (AKVRecoveryAccess) (TFS 376215)

  • Added ability to set AKV Recovery Host (AKVRecoveryHost) (TFS 376215)

  • Added ability to set AKV Recovery Password (AKVRecoveryPassword) (TFS 376215)

  • Added ability to set AKV Recovery SiteID (AKVRecoverySiteID) (TFS 376215)

  • Added ability to set legacy asynchronously reply (success reply is sent to client after the event rule kicked off), (WaitOnFileUploadEventCompletionBeforeSendingResult). Default set to False (TFS 341305)

  • Added ability to control the running rule size thread pool for asynchronous events (RunningAsyncEventsLimit). Default set to 20 (TFS 341305)

  • Added ability to control the maximum queued up thread pool for asynchronous events (QueuedAsyncEventsLimit). Default set to unlimited (TFS 341305)

  • Added ability to set the max limit in bytes for file action (MaxFileActionReadSize). Default set to 65534 bytes (TFS 376411)

  • Added ability to set write limit in bytes for file action (MaxFileActionWriteSize). Default set to 65534 bytes (TFS 376411)

  • Added ability to set timeout when receiving Proxy Protocol header after client disconnects (ProxyProtocolHeaderTimeoutInMS). Default set to 6000 ms (TFS 376808)

  • Added ability to prioritize SFTP Ciphers (SftpClientCiphers) (TFS 376085)

  • Added ability to prioritize SFTP KEX algorithms (SftpClientKexAlgorithms) (TFS 376085)

  • Added ability to prioritize SFTP MACs (SftpClientMACs) (TFS 376085)

ARM

  • Added support for SQL 2016 (TFS 70411)

COM API interfaces

  • ICIFileActionsChecksumParams

  • ICIFileActionConcatenateParams

  • ICIFileActionDeleteParams

  • ICIFileActionFilter

  • ICIFileActionReadParams

  • ICIFileActionRenameParams

  • ICIFileActionWriteParams

  • ICISynchronizeActionParams

  • ICIRESTInvocationAuthParams

  • ICIRESTInvocationVerifyParams

  • ICIRESTInvocationEventRuleParams

COM API Properties

  • ICIFileActionParams: added GetParams and SetParams, and changed type to Type

  • SFTP algorthm-related properties in ICIServer Interface

  • ICISite Interface:

  • AllowClearCommandChannel

  • AllowUnprotectedDataChannel

  • Enable the Proxy Protocol

  • EncryptionKey

  • IsSSLSettingsInherited

  • IsSFTPSettingsInherited

  • Secrets Module settings

  • SSLVersionMask

  • SSLCipherList

  • WorkspacesOAISecureMessageBodyPolicy

  • ICIAWTaskActionParams interface, added WaitUntilCompletes

  • ICICommandActionParams Interface, added WaitUntilCompletes

  • ICIMailActionParams interface, added WaitUntilCompletes

  • ICICallSubroutineActionParams, added WaitUntilCompletes

  • ICIContentIntegrityControlProfile Interface, added several new properties

  • ICIGDPRSettings Interface, added EncryptionPDKey property

  • ICICloudAWSS3DownloadParams interface, added TreatMissingSourceAsSuccess

  • ICICloudAzureBlobDownloadParams interface, added TreatMissingSourceAsSuccess

COM API enums

  • ChecksumAlgorithm (CRC32, MD5, SHA1, SHA256, SHA384, SAH512)

  • FileOperationType, added FileChecksum, FileConcatenate, FileDelete, FileRead, FileRename, FileWrite

  • IcapErrorsPolicy

  • MatchingFileOption (append, skip, overwrite, numerate, fail)

  • RESTInvocation, added to EventType

  • RESTInvocationAuthType

  • RESTInvocationVerifyType

  • SyncDirectionType

  • SyncOverwriteType

  • SynchronizeAction, added to EventAction Type

Event Rules

  • Added REST Invoke trigger (TFS 367340)

  • Added Run Now option on any event rule (TFS 376558)

  • Added event rule synchronize action that provides sync using EFT's built-in client or Remote Agent (TFS 378435)

  • Added File Action operations (Read, Concatenate, Checksum) (TFS 376411)

  • Added an option to Event Rules to reply asynchronously (TFS 341305)

  • Added checkbox for running event rule actions asynchronously (TFS 375790)

  • Added "Treat missing as success" option for Upload Cloud action (TFS 379608)

ICAP (CIC module)

  • Added support for reqmod client requests (TFS 377914)

  • Added support for respmod ICAP server responses (TFS 377915)

  • Added support for OPTIONS method (TFS 377916)

  • Added support to allow override of the REQMOD/RESPMOD X-headers sent by EFT (TFS 377974, Case 78915)

  • Additional support for Response Handling (TFS 377983)

  • Added support to block/allow on HTTP error (TFS 378265)

EFT Outlook Add-In

  • Added support to handle duplicate recipients more gracefully (TFS 367839, Case 79773)

  • Added authentication failure logic to prevent accidental DoS (TFS 375400, Case 77391)

  • Added additional debug logging (TFS 379285)

Web Transfer Client (WTC) & Workspaces

  • Added support to give EFT administrators control over Send Secure (mandated, allowed or sender's choice) (TFS 376825)

  • Added default settings for all WTC's settings via the Admin-configuration.json (TFS 377004)

  • Added WTC language support for: Italian, Japanese, Chinese simplified and Chinese traditional (TFS 377300)

  • Added support to display a count for total files/folders or a count of selected files in the current directory (TFS 377689)

  • Added the ability to send to self via the Send Portal (TFS 370060)

  • Added support for character input validation (TFS 375466, Case 78321)

  • Added support for the web client to remember the last state (open/closed) of the Activity and/or History panel (TFS 377875)

  • Added easy access to re-brand commonly branded elements in our WTC (Web Transfer Client) (TFS 376830)

Enhancements

EFT Admin UI

  • Modified UI/UX for Event Rules (TFS 370698)

  • Modified the Default Template Path for new users (TFS 372234)

  • Modified EFT's DNS routing process (TFS 375531, 73644)

  • Updated cluster web files path to the cluster share path (TFS 376137)

Advanced Properties

  • Increased Auto-ban Limit default from 10000 to 50000. Additionally, increased the maximum value to 4294967295 from 60000 (TFS 378197)

  • Extended filter for all protocols in AuditUnimportantCommands (TFS 378041, Case 82475)

  • Extended AuditUnimportantCommands to control logging to the EX logs (TFS 379460, Case 82475)

  • Set Max limit for ICAPConnectionTimeoutInMS from 4294967295 to 2147483647 (TFS 378290, Case 83356)

  • Removed (FMRunActionsAsynchronously) due to new asynchronous functionality (TFS 375790)

  • Removed (applet_only) as this is no longer valid (TFS 375039)

Event Rules

  • Context variables are available to action fields (TFS 370855, Case 80765)

  • Various Event Rules UI changes (TFS 376444)

  • Removed Text in ICAP response headers and body text fields in the EFT UI (TFS 377983)

  • Optimization for EFT configurations that contain a large number of Folder Monitors (TFS 376791, 376409, Case 79954)

COM API

  • ICIFileActionParams​ properties: Contents, Encoding, ExclusionMasks, IncludeSubdirsFlag, NewNameMask, Operation, Path, OverwriteOption, UseExclusionMasksFlag (functionality moved to new File Action interfaces, listed below)

Web Transfer Client (WTC) & Workspaces

  • Removed obsolete web clients (TFS 375039, Case 76747)

  • Removed MKCOL call on folder creation (TFS 370399, Case 65468)

  • Improvements to the WTC Activity Panel to better identify ongoing transfers (TFS 377501)

  • Improvements to Timezone adjustments for file listings (TFS 377502)

  • Removal of jQuery in EFT (TFS 378206)

ARM

  • Updated a stored procedure for fact table generation to improve performance (TFS 378964)

Other Fixes

EFT Administration

  • Fixed an issue where the UI did not reference HTTPs 2FA as a dependent module (TFS 378250)

  • Fixed an issue where commas in multi-string upload forms reported an error when saved (TFS 379606)

  • Fixed an issue where the EFT Admin GUI could hang due to listings in the TED transfers (TFS 379004, TFS 378831, Case 84862)

  • Fixed an issue where EFT could experience a memory leak when the Admin UI was refreshed multiple times (TFS 378233, Case 84432)

Advanced Properties

  • Fixed an issue where (UserAgentHeaderSkipOTP) did not allow multiple user agents (TFS 378135)

ARM

  • Fixed an issue where the EFT report "Most Active Users - Connections" would display an entry for a user 'blank' (TFS 379465)

  • Fixed an issue where on SQL schema upgrade, sbo assignment on a stored procedure could be skipped (TFS 379454, Case 86556)

  • Fixed an issue where a connection string value would be automatically added to an ARM report using the report editor (TFS 376876, Case 79602)

DMZ Gateway

  • Fixed an issue where a deadlock between singlegateway and pncsocket could exists (no new DMZ required) (TFS 377892, Case 81076)

  • Fixed an issue where DMZ would not listen to FTPS Explicit only (no new DMZ required) (TFS 377458, Case 82367)

COM API

  • Fixed an issue where COM GetUserSettings was returning random values for users who had not connected to the server (TFS 378436, Case 84395)

Event Rules

  • Fixed an issue where sweep operations or Time event rules would not log Cloud download actions in AWS (TFS 379690)

  • Fixed an issue where an extra slash was added to the URL for Azure blob storage (TFS 378023, Case 82692)

  • Fixed an issue where a deadlock could exist on server startup (TFS 378114, Case 83274)

  • Fixed an issue where an event rule import that contained a large body would fail to import (TFS 377444, Case 82215)

  • Fixed an issue where an ORA-01858 error was reported with an Event Rule that contained a generate report action (TFS 378818, Case 84953)

  • Fixed an issue where EFT administrators were unable to create Event Rules when using a non-default server group (TFS 378832, Case 84877)

  • Fixed an issue where Export/Import of Event Rules that contained AWE actions in EFT 8.0.4 would fail (TFS 379117, Case 85706)

  • Fixed an issue where out of memory issues could be experienced when uploading large files to the cloud (TFS 379080, Case 88213)

  • Fixed an issue where Azure blob connection profile fails to connect to Storagev2 configurations (TFS 378913)

  • Fixed an issue where a Test connection in the Connection Profiles to AWS could cause the Admin UI to timeout (TFS 378821, Case 84987)

  • Fixed an issue where S3 cloud monitor could not get a proper listing with 1000+ files (TFS 377324, Case 81642)

  • Fixed an issue where EFT could run low on memory when performing multipart uploads via Cloud Upload actions (TFS 378144, Case 82545)

  • Fixed an issue where masked variables in Event Rules were not masked in the EFT log (TFS 378239, Case 81686)

HA (High Availability)

  • Fixed an issue where the EFT service could crash due to corruption in the MSMQ (TFS 378331, Case 84775)

ICAP (CIC)

  • Fixed an issue where EFT could crash when ICAPConnectionTimeoutInMS was set above 2147483647 (TFS 378290, Case 83356)

  • Fixed an issue where EFT could crash during certain ICAP operations (TFS 379116, Case 85743)

Logging

  • Fixed an issue where the Administrator Permissions logger was not logging (TFS 379052, Case 85623)

  • Fixed an issue where improper logger configuration could cause the EFT service to crash (TFS 376134, Case 79299)

EFT Outlook Add-in

  • Fixed an issue where the OAI would fail to validate proper EFT polices (TFS 380051)

  • Fixed an issue where a connection to OAI would prevent the deletion of the user in the EFT Admin UI (TFS 376624, Case 80389)

  • Fixed an issue where OAI emails would conflict with encrypted emails (TFS 379325, Case 86222)

OpenPGP module

  • Fixed an issue where PGP encryption action would fail on NetApp network folders (TFS 378119, Case 82925)

Remote Agent (RAM)

  • Fixed an issue where dataset functionality would be available under Remote Agent rules (TFS 378252)

  • Fixed an issue where EFT admins would be unable to edit the Remote Agent IP access list (TFS 378249, Case 84506)

SSH/SFTP

  • Fixed an issue where 0KB files were downloaded from Linux servers with 640 permissions (TFS 378518, Case 84208)

VFS

  • Fixed an issue where modifying the VFS permissions could crash the EFT service (TFS 377497, Case 82487)

Web Transfer Client (WTC) & Workspaces

  • Fixed an issue where Received Items folder was hidden (TFS 378508)

  • Fixed an issue where existing users were unable to access shared workspaces when Terms of Service or Privacy Policy were enabled but not previously accepted (TFS 378896)

  • Fixed an issue where password resets would generate two email notifications (TFS 379095)

  • Fixed an issue where a 508 Violation was identified in the landing page (TFS 378066)

  • Fixed an issue where a 508 Violation was identified in the WTC Send portal (TFS 378068)

  • Fixed an issue where Collaborative workspace participants could not access the workspaces via SFTP (TFS 379270, Case 86495)

  • Fixed an issue where AD users needed permissions to the shared config when sending a Transactional Workspace (TFS 377988, Case 82589)

  • Fixed an issue where AD account search was too slow when sharing a workspace (TFS 378212, Case 83122)

  • Fixed an issue where workspace daily digest notifications were not being sent (TFS 378922, Case 83759)

  • Fixed an issue where the WTC page would send the default PasswordRestConfirm.html template even when customized (TFS 379053, Case 85655)

  • Fixed an issue where WTC users were not able to overwrite existing files (TFS 378220, Case 84333)

  • Fixed an issue where WTC users were not able to Share a file larger than 5GB via the Send Portal (TFS 378517, Case 83932)

  • Fixed an issue where Base64 encoded WTC credentials failed to login to WTC (TFS 378147)

  • Fixed an issue where WTC users were not able to login after changing their password if it contained a + (TFS 377265, Case 80991)

  • Fixed an issue where a sender's or recipients email was displayed in the invitation link URL (TFS 376994)

February 2021

Version 8.0.4.32

Feb 02, 2021

New Features
  • Added support for Twilio custom verification code (TFS 378823)

Enhancements
  • Updated PGP library (TFS 378983, Case 85355)

Fixes
  • Various Bug fixes

November 2020

Version 8.0.4.27

Nov 01, 2020

New Features

Administration

  • Enhanced the password dictionary validation feature so that dictionary words surrounded by non-alphabet characters are detected and blocked (TFS 374099, Case 75599)

  • Added support for runtime templating, a means of setting reusable variables for paths and similar resources to facilitate DR and migrations (TFS 373679)

  • Added support for Datasets, which are easier to use and more powerful than arrays, a variable type that can hold tabular data (TFS 373163)

  • Added a new Event Rule action that will download a remote file listing and store the results in a Dataset (TFS 373167)

  • Added a new Event Rule action to loop through each element in a Dataset (TFS 373169)

  • Added support for break from loop for datasets in Event Rules (TFS 373170)

  • Added a new Event Rule action to read the contents of a Dataset and output those to a .CSV file (TFS 374260)

  • Added a new Event Rule action to store the contents of a .CSV file into a Dataset (TFS 374261)

  • Added an option to output PowerShell debug logging to a separate file, independent of EFT's primary log file (TFS 374313)

  • Added two additional AWS regions (EU (Milan) and Africa (Cape Town)) to EFT's AWS cloud actions (TFS 375029)

  • Added a customizable upload forms feature for collecting metadata from users prior to uploading files, which can be utilized by Event Rules (TFS 374804)

  • Added a prompt to the EFT Admin GUI that will warn administrators when enabling cipher suites that may be vulnerable to Raccoon (TFS 377846)

Advanced Properties

  • Added ability to default HTTP socket timeout (HTTPSocketDefaultTimeout) (TFS 375327, Case 77746)

  • Added ability to set sub-folder Remote listings in Datasets to parse recursively. The default value is 10 (GetListingActionMaxRecursion) (TFS 373167)

  • Added ability to set the number of records to display in the WTC Sent items view (outbox) and Received items view (inbox). The default value is 50. (BigCollectionsPageSize) (TFS 370374, 370375)

  • Added ability to restore legacy Dictionary password complexity functionality. The default value is False (DictionaryLegacyCheckIncludeSpecialDigits) (TFS 374099)

  • Added ability to enable/disable cipher aes128-gcm@openssh.com. The default value is Enabled (SFTP2_AES128_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher aes192. The default value is Enabled (SFTP2_AES192) (TFS 372451)

  • Added ability to enable/disable cipher aes192-ctr. The default value is Enabled (SFTP2_AES192CTR ) (TFS 372451)

  • Added ability to enable/disable cipher aes256-gcm@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher chacha20-poly1305@openssh.com. The default value is Enabled (SFTP2_AES256_GCM_AT_OPENSSH_COM) (TFS 372451)

  • Added ability to enable/disable cipher rijndael-cbc@lysator.liu.se. The default value is Enabled (SFTP2_RIJNDAEL_CBC_AT_LYSATOR_LIU_SE) (TFS 372451)

  • Added ability to enable/disable MAC hmac-sha1-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA1_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC hmac-sha2-256-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_256_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC hmac-sha2-512-etm@openssh.com. The default value is Enabled (SFTP2_HMAC_SHA2_512_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC umac-64@openssh.com. The default value is Enabled (SFTP2_UMAC_64_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to enable/disable MAC umac-64-etm@openssh.com. The default value is Enabled (SFTP2_UMAC_64_ETM_AT_OPENSSH_COM) (TFS 375033)

  • Added ability to allow user-agent to skip 2FA/MFA (UserAgentHeaderSkipOTP) (TFS 374817)

  • Added a new advanced property that would allow admins to export AWE tasks from EFT's database to their legacy file paths (AutoExportAllAWTasksToFiles) (TFS 374755)

AS2

  • Added functionality

  • Added the ability to allow values that exceed 600 seconds for the response and message send timeout setting (TFS 374078, Case 69531)

COM API

  • Added the following ICISite methods:

    • AddUploadForm

    • DeleteUploadForm

    • EnableUsers

    • GetUploadForm

    • UpdateUploadForm

  • Added the following ICISite properties:

    • EnableMfa

    • MfaType

    • SmsProviderProfile

    • UploadFormsList

    • WebSSORedirectToSsoServiceBypassingLoginPage

    • WorkspacesMfaType

    • WorkspacesOAIMfaType

  • ICIClientSettingInterface, added the following functions:

    • GetRequireMfa

    • SetRequireMfa

  • ICIEventRule, added the AddLoopDatasetStatement method

  • ICIActionStatements, added the following methods:

    • AddActionStatement

    • AddIfStatement

    • AddLoopDatasetStatement

  • Added the ICILoopDatasetStatement interface, with the following methods:

    • AddActionStatement

    • AddIfStatement

    • AddLoopDatasetStatement

    • DeleteStatement

    • GetParams and SetParams

    • StatementsCount

    • Statement

  • Added ICICsvExportActionParams and ICICsvImportActionParams

  • Added ICIGetListingActionParams Interface

  • Added ICILoopDatasetStatement Interface

  • Added ICILoopDatasetStatementParams Interface

  • Added ICIUploadForm interface

  • Added ICIUploadFormElement interface

  • Added ICITwilioSmsProviderProfile interface

  • In the ICISimpleCondition interface, added the UseRegex property.

  • Enums added:

    • MFA type to specify whether to use email, SMS or either for second authentication

    • LoopDatasetStatement to EventRuleStatementType enum

    • LoopOrderType, used in the ICILoopDatasetStatementParams LoopOrder property

    • GetListingAction, LoopBreakAction, CsvImportAction, and CsvExportAction to EventActionType

    • FileDateFormat

    • UploadFormComType

    • UploadFormElementComType

REST API

  • Added functionality

  • Added underlying support for RESTful APIs in accordance with JSON:API principles (TFS 374144)

  • Added the ability to assign REST permissions to EFT administrator accounts (TFS 375336)

  • Added RESTful API endpoints for user account and VFS management configuration (TFS 374152)

  • Added the ability to create granular permissions for RESTful access to end points, down to the individual element (TFS 375337)

  • Added support for REST which allows EFT admins to create users and read all their settings but not delete them [users] or update them [users](TFS 375337)

  • Added support for REST which allows EFT admins to create users except for a user name matching "Administrator"(TFS 375337)

  • Added support for REST which allows EFT admins to read all the configuration for all users for a given site named (TFS 375337)

  • Added support for REST which allows EFT admins to read the AllowSecureFolderSharing value for users in the Guest template, but cannot read any other values or do anything else (TFS 375337)

  • Added support for REST which allows EFT admins to read the configuration to find out everything about all users in Site under template "Guest Users" but not make any changes to those users (TFS 375337)

  • Added support for REST which allows EFT admins to update everything about any user (TFS 375337)

  • Added support for REST which allows EFT admins to update everything about any user except for changing their SFTP key (TFS 375337)

  • Added support for REST which allows EFT admins to update all users except for a user matching a specific name (TFS 375337)

  • Added support for REST which allows EFT admins to update users but not create them or delete them (TFS 375337)

  • Added support for REST which allows EFT admins to delete users (TFS 375337)

  • Added support for REST which allows EFT admins to delete all users except for a specific user name (TFS 375337)

  • Added support for REST which allows EFT admins to execute the Generate pass function for all users (TFS 375337)

SAML

  • Added the ability to leverage federated authentication for Guest users, including SSO and JIT, where desirable (TFS 374120)

SSH/SFTP

  • Added support for aes256-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for rijndael-cbc@lysator.liu.se SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for aes192-ctr SSH cipher in Non-FIPS mode (TFS 372451)

  • Added support for aes192-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added support for aes128-gcm@openssh.com SSH cipher in both FIPS and Non-FIPS mode (TFS 372451)

  • Added support for chacha20-poly1305@openssh.com SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for cast128-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for blowfish-cbc SSH cipher in Non-FIPS mode (TFS 372451)

  • Added legacy support for arcfour SSH cipher in Non-FIPS mode (TFS 372451)

  • Added new advanced properties to enable/disable certain ciphers for client outbound (TFS 372451)

  • Added support for hmac-sha2-512-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for hmac-sha2-256-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for hmac-sha1-etm@openssh.com SSH MAC in both FIPS and Non-FIPS mode (TFS 375033)

  • Added support for umac-64-etm@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

  • Added support for umac-64@openssh.com SSH MAC in Non-FIPS mode (TFS 375033)

  • Added new advanced properties to enable/disable certain MACs for client outbound (TFS 375033)

  • EFT now provides the ability to choose SFTP key type upon creation (TFS 370229)

  • EFT now supports backwards compatibility for DSS keys (TFS 372452)

  • Added support for ecdh-sha2-nistp521 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for ecdh-sha2-nistp384 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for ecdh-sha2-nistp256 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for diffie-hellman-group18-sha512 SSH KEX in both FIPS and Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for curve25519-sha256 SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for curve25519-sha256@libssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added support for sntrup4591761x25519-sha512@tinyssh.org SSH KEX in Non-FIPS mode (TFS 372613, Case 77147)

  • Added back the ability to see negotiated SFTP cipher suites to EFT's client (outbound) logs (TFS 373618)

Web Transfer Client (WTC) & Workspaces Changes

  • Added support for SMS 2nd factor validation for guest account enrollment (registration) and for normal authentication (TFS 374817)

  • Added a new shared folder (Workspaces) history section to the Web Transfer Client for owners and participants (TFS 374884)

  • Added a Received items (inbox) section to the Web Transfer Client for users to see messages and files sent to them (TFS 370375)

  • Added a Sent items (outbox) section to the Web Transfer Client for users to see messages and files they've sent to others (TFS 370374)

Enhancements

EFT Administration

  • Updated the text under the Logs tab to reflect "Audit event rule client outbound transfer" instead of "Diagnostic Logging Settings" (TFS 376313)

  • Optimized EFT's folder monitor polling so that it wouldn't attempt to open file hands for files matching extension exclusion conditions (TFS 373182)

  • Modified EFT's import/export of Event Rules to match the json format supported by EFT's RESTful APIs (TFS 374054)

  • Modified the 'Variable' action so that it utilized only a single line, making it easier to visually parse (TFS 374308)

  • Modified encrypted folder and personal data secrets so they are randomized by default and can be viewed or overridden by admins (TFS 373411)

Advanced Properties

  • Updated default value for Advanced Property SFTP2_ARCFOUR to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_Blowfish to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_CAST128 to False (TFS 372451)

  • Updated default value for Advanced Property SFTP2_MD5 to False (TFS 375033)

  • Updated default value for Advanced Property SFTP2_MD5_96 to False (TFS 375033)

  • Updated default value for Advanced Property SFTP2_SHA1_96 to False (TFS 375033)

REST API

  • Modified EFT's existing RESTful APIs for Server and Site endpoints to adhere to JSON:API (TFS 374361)

SSH/SFTP

  • Prohibit the ability to generate rsa SSH keys less than 2048 bit in FIPS mode (TFS 375076)

  • Prohibit the ability to use SSH keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the use of "diffie-hellman-group1-sha1" SSH KEX (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the use of "hmac-sha1-96" SSH MAC (for both client and server) in FIPS mode (TFS 375076)

  • Enabled by default "hmac-sha1" SSH MAC (for client) in both FIPS and non-FIPS mode (TFS 375076)

  • Prohibit the ability to generate rsa SSH keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

  • Ciphers are now ordered by strength, favoring FIPS approved ciphers, with only FIPS approved ciphers enabled by default (TFS 372451)

  • EFT admins will now be warned if they enable insecure ciphers (3des-cbc, cast128-cbc, blowfish-cbc, arcfour) in Non-FIPS mode (TFS 372451)

  • EFT admins will now be warned if they enable insecure cipher 3des-cbc in FIPS mode (TFS 372451)

  • The following ciphers are now enabled by default (due to FIPS-compliance): aes256-gcm@openssh.com, aes256-ctr, aes256-cbc, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc, aes128-gcm@openssh, aes128-ctr, aes128-cbc (TFS 372451)

  • The following ciphers are now enabled on upgrade: aes256-gcm@openssh.com, aes128-gcm@openssh, rijndael-cbc@lysator.liu.se, aes192-ctr, aes192-cbc (TFS 372451)

  • Improved TED6 log verbosity with newer SSH library (TFS 373819, Case 72767)

  • The following MACs are now enabled by default (due to FIPS-compliance): hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

  • The following MACs are now enabled on upgrade: hmac-sha2-512-etm@openssh.com, hmac-sha2-256-etm@openssh.com, hmac-sha1-etm@openssh.com (TFS 375033)

  • KEX ciphers are now ordered by strength, favoring FIPS approved KEXes, with only FIPS approved KEXes enabled by default (TFS 372613, Case 77147)

  • The following KEX ciphers are now enabled by default (due to FIPS-compliance): ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256 (TFS 372613, Case 77147)

  • KEX cipher diffie-hellman-group18-sha512 will not be enabled by default (despite the fact that its FIPS-compliance) due to its poor performance behavior (TFS 372613, Case 77147)

  • The following KEX ciphers are now enabled on upgrade: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256 (TFS 372613, Case 77147)

  • The following KEX ciphers are enabled by default for Client connections in both FIPS and Non-FIPS mode: ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group18-sha512, diffie-hellman-group16-sha512, diffie-hellman-group14-sha256, diffie-hellman-group-exchange-sha256, diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

  • The following KEX ciphers are enabled by default for Client connections in Non-FIPS mode: curve25519-sha256, curve25519-sha256@libssh.org, sntrup4591761x25519-sha512@tinyssh.org, diffie-hellman-group-exchange-sha1 (TFS 372613, Case 77147)

SSL

  • Updated SSL Library to 1.0.2u (TFS 375029)

  • Prohibit the ability to generate rsa SSL keys less than 2048 bit in FIPS mode (TFS 375076)

  • Prohibit the ability to use SSL keys other than rsa/dsa keys >=2048 bits or ecdsa keys >= 224 bits (for both client and server) in FIPS mode (TFS 375076)

  • Prohibit the ability to generate rsa SSL keys less than 2048 bit (in GUI only) in non-FIPS mode (TFS 375076)

Web Transfer Client (WTC) & Workspaces

  • Updated jQuery to v3.5.1 (TFS 376501, Case 80133)

Outlook Add-in (OAI)

  • Modified functionality

  • Modified the Outlook Add-in to avoid message preparation when the add-in is not being used to handle attachments (TFS 377131, Case 80889)

COM API

  • Changed nKeyBits to nKeyParams in ICIServer CreateSSHKey and CreateSSHKeyRemotely

  • Changed nKeyBits to nKeyParams inICISite CreateSSHKeyPair

Fixes

EFT Administration

  • Fixed an issue where EFT could hang after applying a change to the group and domain for an AD site (TFS 369730, Case 65993)

  • Fixed an issue where EFT would fail to create a GSAuth account when RSA manage password is enabled (TFS 375388, Case 78173)

  • Fixed an issue where a deadlock could be exhibited when stopping the EFT service via the Service Manager (TFS 371230, Case 70079)

  • Fixed an issue where the quick search produced incorrect results for connection profiles in upload/download actions (TFS 375328, Case 77625)

  • Fixed an issue where LDAP users could no longer login after changing the OU (TFS 374566, Case 75760)

  • Fixed an issue where the AWE mail registry SMTP Password would be overwritten when the EFT Admin GUI's SMTP settings were modified (TFS 376198, Case 78079)

  • Fixed an issue where a potential deadlock could cause a hang on the EFT Admin GUI (TFS 376222,376433,376389, Case 78656,79826, 80385, 80914)

  • Fixed an issue where a potential deadlock could cause HTTPs connections to fail (TFS 377021, Case 81348)

  • Fixed an issue where FTP listing on chrome would list an empty directory (TFS 377050, Case 80506)

  • Fixed an issue where plain FTP via DMZ would not work (TFS 376912, Case 78948)

  • Fixed an issue where upgrades to EFT 8.0 could fail when duplicate Event Rule folder names existed (TFS 377445, Case 82273)

  • Fixed an issue where upgrades to EFT 8.0 could fail when duplicate ssh public existed (TFS 377002, Case 80370)

  • Fixed an issue where upgrades to EFT 8.0 could fail when workspaces included duplicate names in upper and lowercase (TFS 376973, Case 80443)

  • Fixed an issue where server admin permissions could disappear after upgrading to EFT 8.0 (TFS 377672, Case 81472)

  • Fixed an issue where upgrades to EFT 8.0 could fail when a certificate resided in both the pending and trusted list (TFS 376153, Case 79408)

  • Fixed an issue where upgrades to EFT 8.0 could fail when an Event Rule contained Mail action (TFS 377457, Case 82232)

  • Fixed an issue where the EFT Admin GUI could run out of memory with heavy configurations (TFS 377338, Case 82025)

  • Fixed an issue where EFT Admins would receive an error when specifying remote SSH keys in Event Rules (TFS 376118)

ARM

  • Fixed an issue where the Activity - by Users reports were misleading with the data being pulled. (TFS 374125)

  • Fixed an issue where the reports using fact tables would group several lines for each group. (TFS 374454)

  • Fixed an issue where EFT would audit 0kb when AS2 transactions are successful (TFS 376257, Case 79486)

AWE

  • Fixed an issue where a race condition was seen when running GSAWE.exe that caused an AWE licensing error (TFS 372374, 71032)

  • Fixed an issue where the AWE OCR action would not work (TFS 375343, Case 76553)

COM API

  • Fixed an issue where user admins could not enable a user account via COM (TFS 373315, Case 74441)

Event Rules

  • Fixed an issue where Timer Event Rules - Exclude UK Holidays had missing days (TFS 376875, Case 78879)

  • Fixed an issue where the Event Rule change log would not properly update after clicking Apply (TFS 376277, Case 79465)

HA (High Availability)

  • Fixed an issue where Event Rule master would send MSMQ tasking message to itself when it shouldn't be (TFS 376320)

ICAP/CIC

  • Fixed an issue where the host header in a CIC request would send a request to http.example.com (TFS 377358, Case 81443)

Installer

  • Fixed an issue where EFT would fail installation when CWDIllegalInDllSearch registry is configured (TFS 373910, Case 70840)

Logging

  • Changed log level to ERROR for AML export errors (TFS 376480)

  • Fixed an issue where the wrong log level for Folder Monitor reconnect events was used (TFS 375800, Case 78333)

Outlook Add-in

  • Fixed an issue where duplicate email stuck in outbox when encrypted with zed mail (TFS 374623, Case 75460)

PCI

  • Fixed an issue where PCI compliance reports would report failures due to password security for remote agents (TFS 377808, Case 82083)

  • Remote Agent (RAM)

  • Fixed an issue where a remote agent could crash when the source path is configured with a virtual local path (TFS 376602, Case 80300)

SAML

  • Fixed an issue where the SAML SSO JIT user template pulldown can set incorrect user setting template (TFS 375614)

  • Fixed an issue where the SAML SSO JIT user email attribute taken from username attribute, not email attribute (TFS 375677)

  • Fixed an issue where users were presented with a 404 on the reply portal when using SSO (TFS 374791, Case 76465)

SSH/SFTP

  • Fixed an issue where EFT could crash when opening a file/folder (TFS 375556, Case 78436)

VFS

  • Fixed an issue where EFT startup performance would be affected by large number of virtual folders (TFS 374893, Case 76483)

Web Transfer Client (WTC) & Workspaces

  • Fixed an issue where "Expires:" headers were sent twice via our WTC page (TFS 375389)

  • Fixed an issue where Workspaces participants could not share their root folder (TFS 376164)

  • Fixed an issue where the From field in Send requests did not enforce server side validation (TFS 376091)

  • Fixed an issue where password resets were treated as successful but actually failed (TFS 375161, Case 76747)

  • Fixed an issue where customization changes in theme.json were not properly applied (TFS 374598)

  • Fixed an issue when viewing a workspace (as invitee) the update is active but would not display a progress bar (TFS 376221)

  • Fixed an issue where session tokens were not properly randomized (TFS 376419, Case 79654)

  • Fixed an issue where default datetime format was not defaulted to US (TFS 376870)

  • Fixed an issue where passwords with trailing spaces would get trimmed (TFS 375354, Case 77494)

  • Fixed an issue where Workspace invitation acceptance would fail if user already had a session open (TFS 377040, Case 81196)

  • Fixed an issue where duplicate file uploads to WTC could break upload functionality in the current session (TFS 377266, Case 80852)

  • Fixed an issue where copy/paste function when inviting someone to a workspace would fail in IE11 (TFS 376708, Case 80348)

  • Fixed an issue where a folder with "#" in the name would cause an error in WTC (TFS 375243, Case 77426)

  • Fixed an issue where EFT's Terms of Service and forced password reset would cause a permission denied error (TFS 376510, Case 79430)

  • Fixed an issue where WTC retry would fail with error 406 on Firefox (TFS 376199, Case 78233)

June 2020

Version 8.0.2.23

jun 14, 2020

New Features
  • Added subscription licensing for EFT and most modules

  • Restored ability to customize default values for Workspaces permissions (TFS 376117, Case 78957)

  • Restored ability to customize default values for Workspaces participant limits (TFS 376121, Case 78957)

May 2020

Version 8.0.2.19

May 10, 2020

New Features

Advanced Properties

  • EFT now provides the ability to override the port used in all workspace email notifications. This is useful when the DMZ Gateway is on a non-default port (e.g., 4443) and differs from the site port (i.e., 443). When enabled, all workspace emails (Send/Share/Request/etc.) will now use and append the PORT defined via the Advanced Property regardless of the Send Settings URL:PORT or Site DMZ port configuration. This property is disabled by default (ExternalLinkPortOverride) (TFS 371388)

  • Ability for WTC reserved file/folder caching for HTTP(S) requests to cache based on file size instead of an entire directory. This property is disabled by default. (MaxCachedReservedFileSizeKB) (TFS 373650)

    Ability to cache WTC reserved files/folders located under .../EFT Server Enterprise/web/public/EFTClient/wtc/lib/, this property is enabled by default (CacheReservedFiles) (TFS 373650)

Fixes

Web Transfer Client (WTC) & Workspaces

  • Fixed an issue where the WTC page failed to load for external domains when EFT is configured with both Internal (with SAML SSO) and External domains (TFS 375093)

  • Fixed an issue where WTC customization failed when configured with multiple sites (TFS 375253)

  • Fixed an issue where upgrades to EFT 8.0 could fail because of duplicated workspaces (TFS 375535)

  • Fixed an issue where EFT may crash on rare instances when configured with AD and authenticating with Internal/External workspace users (TFS 375040)

  • Fixed an issue where upgrades to EFT Express 8.0 could fail due to incorrect data in the local db files (TFS 375555)

  • Fixed an issue where ignored logging to the authentication and protocols tables were not being honored (TFS 375543)

  • Fixed an issue where upgrades to EFT 8.0 could fail because of non-existing workspaces (TFS 375497)

  • Fixed an issue where upgrades to EFT 8.0 could fail because of missing permissions or non-unique connection profiles (TFS 375683)

  • Fixed an issue where upgrades to EFT 8.0.2 could cause Remote Agents Event Rule downloads to fail (TFS 375750)

March 2020

Version 8.0.2.10

Mar 25, 2020

New Features

EFT Administration

  • New option to schedule FACT table updates (TFS 373489)

Advanced Properties

  • By default, EFT uses non-exclusive file-sharing mode when processing file uploads. With this advanced property (UseExclusiveSharingModeForUploads) (TFS 374129), EFT can be configured to use exclusive sharing mode for uploads (i.e., file locking)

COM API

  • Added enums and a Site interface property to support the Out-of-Band passcode to pick-up files in EFT. (Please refer to the EFT administration help contents.)

  • WorkspacesOAIPasscodeProtectionType enum, used in the ICISite property, WorkspacesOAIPasscodeProtection to specify whether the EFT administrator requires a passcode, does not require, or is chosen by the email sender.

Web Transfer Client (WTC) & Workspaces Chages

  • Ability to Secure Send without attachment (Send portal and Outlook Add-in) (TFS 370270)

  • Ability to request passcode for file pick-up (TFS 361146)

  • Ability to redirect to login page instead of registration page for internal domains (TFS 373043)

Enhancements

  • Removed our legacy Jument WTC from the EFT installer (TFS 374773)

  • Ground-up rewrite of the various portals: Request file, Drop-off, Send, and Pick-up resulting in tremendous performance gains (TFS 373849)

Fixes

EFT Admin GUI

  • EFT would not respect server-level permissions (TFS 374330)

  • Admin GUI may crash due to nested workspaces (TFS 374281)

  • Enabling Encryption folders would cause open windows on the background to be displayed in the forefront (TFS 374831)

  • Remote admin GUI would fail to display the GDPR report (TFS 374567)

  • Memory leak in SSL_AES256_CBC_Encrypt (TFS 374865)

ARM

  • Report "Traffic-Average Transfer Rates by User "would report groups by protocol instead of site (TFS 374441)

  • Report "Activity - File Scanned Data Results" was missing in EFT Express (TFS 374150)

Event Rules

  • GUI may not display Else condition after saving and refreshing an event rule (TFS 374154)

  • Virtual Path condition may not work properly (TFS 374139)

  • EFT service may crash when trying to delete user while "On User Account Deleted" event rule is active (TFS 370599)

  • Event Scheduler may crash on service stop (TFS 371951)

Installer

  • Some upgrades to EFT 8.0 would fail during the copy serialization (TFS 374421)

  • Some upgrades to EFT 8.0 would fail when custom calendar selectors contained duplicated case sensitive entries (TFS 374565)

  • Upgrade from EFT Express to EFT Enterprise while changing the configuration path would lead to duplicate config and binaries of EFT folders (TFS 368531)

  • Upon upgrade to EFT 8.0 poor loading performance was experienced on the FileAudit.db (TFS 374194)

  • Upgrade to EFT 8.0 could fail due to a deleted workspace (TFS 374280)

  • Upgrade to EFT 8.0 could fail when a Remote Agent template is in the Awaiting Approval state (TFS 374258)

  • On an HA install, selecting Modify and changing the ARM server to a different SQL server was not saved (TFS 374238)

  • An upgrade to EFT 8.0 could fail when incorrect values exist in Client IP access (TFS 374846)

  • An upgrade to EFT 8.0 could fail when an incorrect participation value exists in the workspaces.db (TFS 374845)

Outlook Add-in

  • Outlook Add-in was treated as an untrusted publisher (TFS 374635)

  • Files sent via the OAI (Outlook Add-in) that contain # in the filename were not available in the pick-up portal (TFS 374077)

  • Emails can become stuck in the outbox when the Outlook Add-in is configured with Zedmail add-in (TFS 374053)

  • Copyright dates on the Outlook Add-in UI were out of date (TFS 372700)

PCI DSS

  • Some users may be disabled every night on a PCI site (TFS 374577)

  • Server admins were not required to use complex passwords when PCI is enabled (TFS 374807)

REST API

  • EFT Express would allow folder creation via REST (TFS 374113)

SAML

  • SAML JIT password fail password complexity when enabled(TFS 374357)

Web Services

  • InvokeWebService action works wrong with Location Header (TFS 373928)

Web Transfer Client (WTC) & Workspaces

  • Sharing a workspace with # the recipient could not register for access (TFS 373156)

  • An expected error message that should be presented when trying to share a workspace with an external user is not being presented (TFS 374100)

  • Authenticated external users were unable to reply to send requests without access to their home folder (TFS 374777)

  • TOS (Terms of Service) and Privacy policy prompts were not working on the various portals (TFS 371808)

  • Fixed an issue where workspaces fails to redirect new external participants to their workspace when taking less than 60 minutes between registration and verification (TFS 371972)

February 2020

Version 8.0.1.4

Feb 09, 2020

New Features
  • Added a "Secrets module" under the Security tab, which provides the ability to encrypt certain EFT passwords locally or via Azure's Key Vault (AKV) (TFS 372081)

  • Added support for Azure's Data Lake Storage Gen2 (ADLSg2) (TFS 372082)

  • Added ability to override VFS credentials (TFS 372229)

  • Added supports REST API for Event Rules (TFS 372230)

Fixes

EFT Admin GUI

  • Fixed an issue where an LDAP site failed to pull users in the UI but would allow authentication (TFS 369709)

  • Fixed an issue where the Admin GUI would truncate virtual folder paths larger than 260 characters (TFS 371035)

  • Fixed an issue where the Admin GUI did not properly apply the certificate to the Administration Service (TFS 373685)

  • Fixed an issue where the EFT Site Wizard UI would not follow the proper flow after pressing the back button (TFS 373735)

  • Fixed an issue where user login authentications may fail after SSL options at the user level are modified (TFS 374027)

  • Fixed an issue where the Admin GUI displayed the wrong CIC profile when editing an event rule for a SCAN file action (TFS 374051)

  • Fixed an issue where the EFT Admin GUI could crash when pressing refresh while viewing a report (TFS 374089)

Auth AD

  • Fixed where EFT was unable to authenticate an AD user (with UPN) on EFT Express (TFS 373552)

AWE

  • Fixed an issue where concurrent EFT Admins may use the same tmp file for editing AWE tasks (TFS 373762)

Event Rules

  • Fixed an issue where the focus in the Admin GUI was lost when adding variables to the subject field in an email action (TFS 374065)

  • Fixed an issue where the Event Rules "Stop Processing Rule" was always enabled (TFS 373879)

  • Fixed an issue where EFT would change the date modified timestamp in copy/move action changes on the destination file (TFS 373600)

FTP

  • Fixed an issue where the EFT service could crash via FTP (TFS 373856)

  • Fixed an issue where EFT failed to connect in FTP PASV mode when using DMZ as a proxy (TFS 371118)

GDPR

  • Fixed an issue where GDPR Article 32:(4) would not follow proper logic (TFS 373712)

  • Fixed an issue where DPIA Report logic for Article 32:(4) would not follow proper logic (TFS 374063)

Installer

  • Fixed an issue where some upgrades to EFT 8.0 would fail when upgrading from a large FTP.cfg file (TFS 373712)

  • Fixed an issue where some upgrades to EFT 8.0 would fail when certain EFT admins had misconfigured permissions (TFS 374116)

SFTP

  • Fixed an issue where the EFT could be flooded by network connections (TFS 373683)

Web Transfer Client (WTC)

  • Fixed an issue where the PowerShell script to customize WTC failed to run (TFS 37458)

  • Fixed an issue where the EFT would report a status code of 200 when failing to log on (TFS 373101)

COM API

  • Added enums, properties, and methods to support the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality in EFT. (For details of the Azure Data Lake Storage, Azure Key Vault, and Secrets module functionality, please refer to the EFT administration help contents.)

    • SecretsModuleType

    • CloudProviderType_AzureDataLakeStorageGen2

    • Properties in ICISiteInterface:

    • OverrideVFSCredentialsEnable

    • OverrideVFSCredentialsLogin

    • OverrideVFSCredentialsPassword

    • SecretsModuleClientID

    • SecretsModuleClientSecret

    • SecretsModuleType

    • SecretsModuleURL

    • Methods in ICICloudStorageMonitorEventRuleParams:

    • GetAzureDLSgen2GeneralParams

    • SetAzureDLSgen2GeneralParams

January 2020

Version 8.0.0.38

Jan 19, 2020

New Features

EFT Administration

  • The DMZ Gateway address box can accept a comma-delimited list of addresses (EFT will try one IP address, then the next, until it can connect) (TFS 339989)

  • EFT can capture certain performance and current state values to SQLite databases on a routine basis which can be used by administrators, support, or Globalscape to evaluate and use for planning, troubleshooting, and statistical analysis (TFS 372346)

  • The EFT SMTP settings page now has a “Send Test Email” button (TFS 372357)

  • Admins can now specify node-unique values for DMZ Gateway PASV Mode port range, which in rare occasions can be different across nodes (TFS 368808)

  • Added a separate control the Request File page/portal URL (TFS 371245)

  • Added REST endpoints to generate the PCI DSS compliance and GDPR DPIA reports (TFS 371829)

  • Added ability to generate a complete manifest of commonly requested tech support data from within the administration interface Help menu (TFS 372341)

  • A new prompt is now displayed when enabling Google Captcha referencing a KB article 11435 (TFS 368710)

  • Added SAML assertion map attribute to email field (TFS 369964)

  • Added new Site-Level Counters

    • User Login Success /sec – rate at which users are authenticating successfully and turn into an active session. See user sessions for count of actively connected users

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with Users connections

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • Folder Monitor Worker Threads – number of folder monitors in active use. Consider increasing FolderMonitorWorkerThreadCount if it routinely exceeds 32

    • Timer Rule Worker Threads – number of timers currently active. Consider decreasing TimerStackSize if it routinely exceeds 200 to conserver memory

    • Templates – number of templates defined for this site. Updated infrequently

    • User Accounts Disabled - subset of this site’s user accounts that are currently in a disabled state. Updated infrequently

    • User Accounts Locked Out – subset of this site’s user accounts that are currently locked out. Updated infrequently

    • User Login Failed Bad Password /sec – rate at which users are failing to authenticate due to a valid username but invalid password being provided. There are mitigation techniques you can use if frequent attacks on root or administrator

    • User Login Failed Non-existent Username /sec – rate at which users are failing to authenticate due tan invalid or non-existent username being provided. Compare with users connections

    • User Login Success /sec - rate at which users are authenticating successfully and turn into an active session. See User Sessions for count of actively connected users

    • Workspaces Drop-offs – number of drop-off requests active and not expired

    • Workspaces File Sends – number of file send operations that are active and have not yet expired

    • Workspaces Folders Shared – number of folder shares that are active and have not yet expired

  • Updated the Amazon S3 Region list (TFS 373493)

  • Configuration settings are now stored in SQLite databases vs. flat files. This should eliminate the need for SyncTool when performing migrations (TFS 368467)

  • Awaiting/Trusted SSL cert list are now stored in SiteConfig*.db and upon upgrade they are moved into this db. (TFS 371720)

  • SSH Key Storage settings are now moved from Server level to Site level (TFS 369528)

  • Each site has its own set of SSH keys

  • Each site’s SSH (SFTP) private and public keys are now stored in SiteConfig*.db

  • The SSH creation and management GUIs were changed accordingly

  • OpenPGP key pairs are now defined and managed at the Site level instead of the Server (TFS 369527)

  • Workspaces tabs have been consolidated into the Site > Web tab

Advanced Properties

  • Accepts configuration overrides using advancedproperties.json (AP) in lieu of registry entries. Upon upgrade, existing registry overrides will be moved to the AP file (TFS 368291). This includes EFT’s VFS data in Config.db (TFS 369529), server settings in ServerConfig.db and SiteConfig[GUID].db (TFS 371366).

  • To provide more control and visibility over EFT's behavior when it comes sync state, draining, and node management (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • To enable/disable encryption when storing personal data. Note that the default is to encrypt using the default key (EncryptPersonalData) (TFS 363303)

  • To specify a 256-bit key (represented by 64 hexadecimal digits) used to encrypt and decrypt personal data. When not configured or malformed, the default key is used. (PersonalDataEncryptionKey) (TFS 363303)

  • To enable/disable JSON format when rendering Data Protection Impact Assessment (DPIA) report.; used to change DPIA report format (JSON/XML) (RenderDPIAReportAsJSON) (TFS 366251)

  • To deny certain usernames without checking the user database, so you can reduce load on the authentication subsystem (AutoDenyLoginAttemptswithSpecificUsernames) (TFS 370345)

  • To specify that cookies shouldn't be sent with cross-site requests. Acceptable values are "Strict", "Lax", "None". Values other than these will result in "Strict" value (HttpCookieSameSitePolicy) (TFS 367997)

  • To specify the maximum number of asynchronous event rule subroutines that may be queued before dropping new subroutine. A value of 0 (default) indicates there is no limit. (QueuedAsyncSubroutinesLimit) (TFS 367875)

  • To specify the maximum number of simultaneous asynchronous event rule subroutines running. A value of 0 indicates there is no limit. (RunningAsyncSubroutinesLimit) (TFS 367875)

  • To specify the recurrence strategy for cleaning up workspaces: 0 - minutely (default), 1 - hourly, or 2 – daily (WorkspacesCleanupRecurrence) (TFS 368683)

  • To specify the number of Workspace invitation expiration days. (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • To specify that the sender for Workspace Messages is 0 - Recipient receives Workspace Invites from User and Secure Send from SMTP Server; 1 - Recipient receives Workspace Messages from the SMTP server, 2 - Recipient receives Workspace Messages from the User. (WSInviteFromAddrUseOwnerEmail) (TFS 371099)

  • Avoid duplicate firing of Account Rules on multiple nodes. (UserAccountTriggersOnOriginatingNodeOnly) (TFS 372193)

  • Change the default “Out of sync” timeout value for HA (ClusterOutOfSyncGracePeriodSecs) (TFS 367401)

  • Change the default “Timeout for sync” value for HA (ClusterOutOfSyncHealSecs) (TFS 367401)

  • Set Workspaces Invitations Expiration (WorkspaceInviteExpirationPeriodDays) (TFS 371827)

  • Allow turning off total drop-off quota limit (MaxAnonymousAllUploadSizeInGB) (TFS 370763)

  • Provide the ability to optionally include and customize EFT WTC’s referrer policy header, (EnableHTTPReferrerPolicyHeader), (HTTPReferrerPolicyAttributeString) (TFS 368162)

  • To disable EFS calculations, (DisableEFSChecksForPCIReport) (TFS 370306)

  • To enable one-way-trust communication between EFT and another domain (AllowToTryLoginUnlistedUsers) (TFS 369294)

  • To copy all ClientFTP settings to JSON, (CopyClientFTPSettingsToRegistry). (TFS 368291)

  • To create a PGP RSA Key with subkey, (CreatePGPRSAKeyWithSubkey). (TFS 370232)

  • To remove UTC designation in timestamp, (ISO8601noUTC). (TFS 368860)

  • To disable cache for DN Type in Active Directory sites (TFS 367876)

  • Added to skip auditing of:

    • Successful socket connections (AuditSuccessSocketConnections). Set to FALSE by default (TFS 369778-AC1)

    • Banned socket connections (AuditBannedSocketConnections). Set TRUE by default (TFS 369778-AC2)

    • Other failed socket connections (AuditFailedSocketConnectionsOther). Set TRUE by default (TFS 369778-AC3)

    • Protocol commands for resources that have an IsInternal flag (AuditIsInternal). Set FALSE by default (TFS 369778-AC4);

    • Workspaces REST calls (AuditRESTWorkspaces). Set TRUE by default (TFS 369778-AC5)

    • Workspaces config REST calls (AuditIsRESTWorkspacesInternal). Set FALSE by default (TFS 369778-AC6)

    • Administrative REST calls (AuditIsRESTAdmin). Set TRUE by default (TFS 369778-AC7)

    • RAM REST calls (AuditIsRESTRAMAgent). Set TRUE by default (TFS 369778-AC8)

    • User initiated REST calls (AuditIsRESTUSER). Set TRUE by default (TFS 369778-AC9)

    • All invalid username authentication attempts (AuditFailedAuthforNonExistingUsernames). Set TRUE by default (TFS 369778-AC10)

    • ‘root’ and ‘administrator’ invalid username authentication attempts (AuditFailedAuthforUsernameRoot). Set TRUE by default (TFS 369778-AC11)

    • Unimportant (non-CRUD) operations (AuditIUnimportantCommands). Set FALSE by default (TFS 369778-AC12); CRUD: Copy/Rename/Upload/Delete

    • Username and password for S/FTP/S events (AuditRedundantUserAndPass). Set FALSE by default (TFS 369778-AC13)

Auditing and Reporting

  • Increased the default ARM queue size from 1,000 t100,000 (TFS 370453)

    • Provided the ability to control what EFT Audits within the following tables (TFS 369778):

    • tbl_SocketConnections

    • tbl_ProtocolCommands

    • tbl_AS2Transactions

  • Improved error messages logged when failing to connect tOracle databases (TFS 369217)

  • ARM schema tables added:

    • AuthenticationsExpired to capture session expirations so admins can track session times (TFS 369874-AC2)

    • AdminActionsChangeDetails that captures before and after values for admin-initiated configuration changes (TFS 369874-AC3)

    • NegotiatedCiphersSSL to audit the negotiated ciphersuites for SSL handshakes (TFS 369874-AC4)

    • NegotiatedCiphersSSH to audit the negotiated ciphersuites for SSH handshakes (TFS 369874-AC5)

    • PrivacyRightExcercised capture privacy rights exercised by users (TFS 363345)

    • PrivacyTermsEUStatus to capture the EU subject matter status of users (TFS 363558)

    • ScanDataAction to contain list of scanned files and scan results (TFS 365254)

    • PersonalDataActions when a user accounts personal data fields have been modified, for GDPR compliance (TFS 363346)

  • Added missing MIC code which wasn’t being audited to the AS2 Transactions table (TFS 369828-AC7)

  • Added a TransactionID column tAS2Transactions table for consistency with other tables (TFS 369828-AC10)

  • Added a Time_stamp column to Transactions table to aid in cascade deletes when purging (TFS 369874-AC1)

  • Added an Actor column to ProtocolCommands table to avoid having to join on Authentications table for just about every report (TFS 369874-AC6)

  • Added a dbo.lu.[TableName] for every table that makes use of enumerators, for easier mapping of values to their meanings (TFS 369780-AC9)

  • Added a relation to Actions and ScanDataActions table via ActionID field (TFS 369870-AC1)

  • Added tbl_PrivacyRightExercised which will audit any right exercised by a user for privacy compliance reporting (TFS 363345)

  • Added tbl_PersonalDataActions which will audit administrator changes to user personal data for compliance with notification rights (TFS 363346)

  • Added tbl_PrivacyTermsEUStatus which will audit any change in a user’s EU data subject status, agreement to Terms of Service, or consent to Privacy Policy (TFS 363558)

  • Added tbl_ScanDataAction which audits third-party file scan results from DLP or similar tools that scan for personal data in files (TFS 365254)

  • Added ARM reports:

    • “Workspaces – Folders Unshared”

    • “Activity - Session Lifecycle” that shows user log on/off information, with data from tbl_AuthenticationsExpired (TFS 371364)

    • “Activity - File Scanned Data Results” that shows the data from the tbl_ScanDataActions (TFS 371364)

    • “Troubleshooting – Negotiated SSL Ciphers” that shows the data from the tbl_NegotiatedCiphersSSL (TFS 371364)

    • “Troubleshooting – Negotiated SSL SSH Ciphers” that shows the data from the tbl_NegotiatedCiphersSSH (TFS 371364)

    • “Privacy – Admin Changes to Personal Data” that shows the contents of the tbl_PersonalDataActions table (TFS 371364)

    • “Privacy - User Rights Exercised” that shows the contents of the tbl_PrivacyRightExcercised table (TFS 371364)

    • “Privacy - Terms and Status Changes” that shows the data from the tbl_PrivacyTermsEUStatus table (TFS 371364)

    • “Admin - Audit Log (Detailed)” that shows the data from the tbl_AdminActionsChangeDetails table (TFS 371364)

    • “Troubleshooting - Most Prolific Users” that shows top three accounts for failed and success auth for a given time period (TFS 371364)

Workspaces

  • Added domain blacklist in addition to existing whitelist for share/send invitations (TFS 370026)

COM API

  • In the ICIServer interface, added defaultvalue and Reason parameter tAddIPAccessRule (TFS 369934)

  • UTF8Logs property

  • In the ICISite interface, added defaultvalue and Reason parameter tAddIPAccessRule method(TFS 369934)

  • PGP Key properties and methods:

    • CreatePGPKey

    • ExportPGPKey, ImportPGPKey

    • PGPKeys

    • RemovePGPKey

    • Added PGPLogLevelDebug to the ICISite Interface PGPLogLevel property.

  • SSH Key properties and methods:

    • CreateSSHKeyPair

    • ExportSSHPrivateKey, ImportSSHPrivateKey

    • ExportSSHPublicKey, ImportSSHPublicKey

    • GetSSHKeyForSFTP, SetSSHKeyForSFTP

    • RemoveSSHKey

    • RenameSSHKey

    • SSHKeys

  • Privacy-related changes:

    • GetClientDataField, SetClientDataField

    • GetPrivacyPolicy, SetPrivacyPolicy

    • GetTermsOfService, SetTermsOfService

    • GetGDPRSettings, SetGDPRSettings

  • Workspaces Properties:

    • WorkspacesDomainsToForbidInviteeAddresses

    • WorkspacesEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToForbidInviteeAddresses

    • WorkspacesOAIEnableDomainsToLimitInviteeAddresses

    • WebSSOJitUserProvisioningEmailLocation and WebSSOJitUserProvisioningEmailAttribute

  • Content Integrity Control profile management methods and properties

  • GetVirtualFolderList Properties (TFS 368492):

    • Calls with empty parameters work as previous behavior

    • Improvements with data returns of virtual folders that are inside the folder

  • In the ICIClientSettings interface, added defaultvalue and Reason parameter to: AddIPAccessRule, GetGDPRPrivacyPolicyConsentStatus, SetGDPRPrivacyPolicyConsentStatus, GetGDPRSubjectStatus, SetGDPRSubjectStatus, GetGDPRTermsOfServiceConsentStatus, SetGDPRTermsOfServiceConsentStatus, ResetAllFieldAttributeDefaults, CompanyName, Duns, Mobile, PartnerId

  • In the ICISSHKeyInfo interface, added HasPrivate property

  • In the ICIManualIPAccessRule interface, added Reason property

  • Interfaces added for new Event Rule Actions:

    • ICICallSubroutineActionParams interface

    • ICIDefineVariableActionParams interface

    • ICIRunPowerShellScriptActionParams interface

    • Interfaces added for GDPR, privacy policy, and terms of service features (TFS 370527):

    • ICIClientDataField interface

    • ICIGDPRSettings Interface

    • ICIPrivacyPolicy interface

    • ICITermsOfService interface

  • Enums:

    • In the AdminAccountType enum, added ADGroupAccount

    • In the AdminPermissionsPolicy enum, added ManagePersonalData

    • In the EventType enum, added EventRuleSubroutine

    • In the EventActionTypeenum, added:

      • DefineVariableAction

      • RunPowerShellScriptAction

      • CallSubroutineAction

    • In the EventProperty enum, added:

      • FileExtension

      • ClientGDPRSubjectStatus

      • ClientGDPRConsentStatus

      • ClientGDPRReason

      • ClientGDPRRightExercised

      • New ClientDataField enum

      • New GDPRTermsofServiceMode enum

      • New GDPRPrivacyPolicyMode enum

      • New GDPRSubjectStatus enum

      • New GDPRPrivacyPolicyConsentStatus enum

      • New GDPRTermsOfServiceConsentStatus enum

    • In UserAccountActionType enum, added:

      • EnableAccount

      • PersonalDataDeleteFields

      • PersonalDataResetToDefaults

      • PersonalDataSetEnabled

      • PersonalDataSetModifiable

      • PersonalDataSetVisible

      • SetEUDataSubjectStatus

      • SetPrivacyPolicyConsent

      • SetTermsOfServiceConsent

Enhancements

  • Advanced Property updates:

    • Updated advanced property to allow setting the disk quota value t0 (zero) so that the quota is rechecked on every login (DiskQuotaBaselineCalculationFrequencyInDays) (TFS 368628)

    • (DiskQuotaBaselineCalculationFrequencyInDays) now has a minimum value of 0, when set EFT will recheck the quota on every login. (TFS 368628)

    • (FolderMonitorWorkerThreadCount) default value has increased from 32 t64

    • (ARMQueueSize) default value has increased from 1000 t10000. (TFS 370453)

    • (EnableLogging) is now renamed to (ClientFTPOverrideLogging). (TFS 373030)

  • AD Authentication into the EFT Admin GUI is no longer dependent on the ASM (Advanced Security Module) and is now part of core EFT (TFS 361153)

  • The Advanced Workflow variable UI is now resizable (TFS 369372)

  • The SSH Key Manager UI is now resizable (TFS 369372)

  • EFT now re-uses the LDAP search timeout for LDAP auth timeout (TFS 371476)

  • AML files are no longer available as of this version (only on the sample files); however EFT provides the ability to export Advanced Workflows, either one at a time or all at once (TFS 371719)

  • The DMZ Gateway connection orientation behavior was extended to AD Sites, whereas before it was limited to LDAP (TFS 367515)

  • Updated OpenPGP library (TFS 370232)

  • Updated OpenSSL to 1.0.2t (TFS 367828)

  • Updated OpenSSH to 8.1.0.0 (TFS 365876)

  • Updated jquery to version 3.4.1 on the WTC login page (TFS 372869)

  • On new EFT install only TLS 1.2 protocol is enabled by default (TFS 373431)

  • As part of the flexibility to ease the migration of an EFT, the configuration path field in the administration interface is read-only (TFS 368290)

  • User email control is no longer displayed on General page; this change is related GDPR (TFS 362046)

  • Restoring configuration from previous versions of EFT are not allowed. EFT only supports restoration from the same version of EFT, which was always the intent for the backup and restore feature. (TFS 369567)

  • EFT log file will no longer report default configuration override values (those can be obtained from the online help file) and instead will only report those values that have been modified from their defaults.

  • Updated Server-Level Counters (TFS 361733)

    • Number of Sites to Sites

    • ARM queue size ARM Queue Size

    • ConnectedAdminCount Admin Sessions

    • WorkspacesLicensesAvailable Workspaces Licenses Available

    • WorkspacesNormalLicensesUsed Workspaces Licenses Assigned

    • WorkspacesDropoffLicensesused Workspaces Drop-offs (this is now under the Site Counters)

    • Updated counter names Site-Level Counters (TFS 361733)

    • Number of Clients User Accounts

    • ConnectedUserCount User Sessions

    • ActiveServerUploadCount User Uploads

    • ActiveServerUploadBytesPerSecond User Upload Bytes /sec

    • ActiveServerDownloadCount User Downloads

    • ActiveServerDownloadBytesPerSecond User Download Bytes /sec

    • Number of running event rules Event Rules Triggered

    • Number of running Upload Actions Event Rules Running Upload Actions

    • Number of running Download Actions Event Rules Running Download Actions

    • Number of running Cloud Upload Actions Event Rules Running Cloud Upload Actions

    • Number of running Cloud Download Actions Event Rules Running Cloud Download Actions

    • Number of running AWE Actions Event Rule Running AWE Tasks

    • Size of AWE Actions queue Event Rules Size of AWE Actions Queue

    • ActiveClientUploadCount Event Rules Client Uploads

    • ActiveClientUploadBytesPerSecond Event Rules Client Upload Bytes /sec

    • ActiveClientDownloadCount Event Rules Client Downloads

    • ActiveClientDownloadBytesPerSecond Event Rules Client Download Bytes /sec

    • New Server-Level Counters (TFS 361733)

    • Sites Started – subset of defined sites that are actively listening for connections, updated infrequently.

    • Sites Enabled – number of sites currently in an enabled state

    • ARM Stalled Audit Events – number of audit events delayed for longer than ARMLogStalledThreadMinDuration, which by default is set t1 (one) second

    • Admin Accounts – number of administrator accounts defined for this server

    • Admin Accounts Locked Out - number of administrator accounts currently and temporarily locked out of the server

ARM schema changes

  • Removed vw_ProtocolCommands view as we added Actor column to the ProtocolCommands table (TFS 369874-AC7)

  • Removed auditing of username and password for HTTP/S events to ProtocolCommands as it is redundant with Authentications table. (TFS 369779-AC1)

  • Removed redundant auditing of authentication records in Authentications table across all protocols except for stateless HTTP. (TFS 369779-AC2)

ARM reports modified

  • “Activity – All Transfers”, modified so that it only shows transfers from tbl_ClientOperations (TFS 371471)

  • “Activity – All Files (as Server)”, used pc.RemoteIP instead of au.IP from remote IP address (TFS 371471)

  • “Activity – All Users (Summary)”, Converted to FACT based (TFS 371471)

  • “Activity – All Users (Detailed)”: removed inner join on tbl_Authentications; removed “AND au.ResultID=0”;changed “Order by au.Time_Stamp” to “Order by PC.Time_stamp”; removed folder column so we can fit longer filenames (TFS 371471)

  • “Event Rules – Actions (Summary)”, Remove details column (TFS 371471)

  • “Executive Summary Report”, Updated report to optionally use FACT tables if available (TFS 371471)

  • “Outlook Send Report”, Change column titles to better match their state (TFS 371471)

  • “Outlook Pick Up Report”, modifications similar to outlook send report (TFS 371471)

  • “Security – Failed Logins”, Remove hashed password column (TFS 371471)

  • “Traffic – Average Transfer Rates by Users”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Connection Summary”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Datewise-hourly Bytes Transferred”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – IPWise Connections (Summary)”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Monthwise-IPWise Bytes Transferred”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Most Active IP – Connections”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Most Active IP – Data Transferred”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Most Active Users – Connections”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Most Active Users – Data Transferred”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – Protocolwise Connections (Summary)”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Traffic – SiteWise Hourly by User”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Troubleshooting – Event Rule Failures”, updated report to optionally use FACT tables if available (TFS 371471)

  • “Troubleshooting – Operational Failures”, increased performance by doing smart select vs. union, removed ‘pass’ as filter as this is for Failed Auth report (TFS 371471)

  • “Troubleshooting – Connection Errors”, excludes authentication failures, translated result codes into string values (TFS 371471)

  • “Workspaces activity”, multiple column and field updates (TFS 371471)

ARM reports renamed

  • Activity – All File Transfers is renamed to Activity – File Transfers as Client (TFS 371471)

  • Activity – All Files (as Server) is renamed to Activity – File Transfers as Server (TFS 371471)

  • Activity – All Groups (Detailed) is renamed to Activity – by Permissions Group (TFS 371471)

  • Activity – All Users (Detailed) is renamed to Activity – by Users (Detailed) (TFS 371471)

  • Admin Actions is renamed to Admin – Audit Log (TFS 371471)

  • Admin Actions (Summary) is renamed to Admin – Authentications (TFS 371471)

  • AS2 – Transactions Detailed is renamed to Activity – AS2 Transfers (Detailed) (TFS 371471)

  • AS2 – Transactions Overview is renamed to AS2 Transfers (Summary) (TFS 371471)

  • Content Integrity Control – Actions (Detailed) is renamed to Content Integrity Control

  • Event Rules – Actions (Summary) is renamed to Event Rules – by Trigger Name (Summary) (TFS 371471)

  • Event Rules – Activity (Summary) is renamed to Event Rules – by Trigger Type (Summary)

  • Event Rules – Activity (Detailed) is renamed to Event Rules – by Trigger Type (Detailed) (TFS 371471)

  • Event Rules – Inbound-Outbound By Date is renamed to Event Rules – Just Transfers (TFS 371471)

  • Outlook Send Report is renamed to Workspaces – Files Sent (TFS 371471)

  • Outlook Pick Up Report is renamed to Workspaces – Files Picked Up

  • Security – Failed Logins is renamed to Troubleshooting – Failed Logins (TFS 371471)

  • Troubleshooting – Connection Errors is renamed to Troubleshooting – Socket Connection Errors (Inbound) (TFS 371471)

  • Workspace Activity is renamed to Workspaces – Folders Shared

ARM reports removed

  • Activity – Ad Hoc (Detailed), this is a redundant with Outlook Send/Pickup Report (TFS 371471)

  • Activity – Ad Hoc (Summary), this is a redundant with Outlook Send/Pickup Report (TFS 371471)

  • Activity – Ad Hoc By File (Detailed), this is a redundant with a filtered Outlook Send/Pickup Report (TFS 371471)

  • Activity – Ad Hoc By Recipient (Detailed), this is a redundant with a filtered Outlook Send/Pickup Report (TFS 371471)

  • Activity – Ad Hoc By Sender (Detailed), this is a redundant with a filtered Outlook Send/Pickup Report (TFS 371471)

  • Activity – By [All Reports], other reports accomplish the same data. (TFS 371471)

  • Activity – By File

  • Activity – By Group (Detailed)

  • Activity – By User (Detailed)

  • Activity – By User (Detailed) – Group by UserName-Action

  • Activity – By User (Summary)

  • EventRules – Inbound-Outbound By User, the same data is available under Event Rules Just Transfers and filter by user

  • Troubleshooting – IP Address Activity (Detailed), the same data is available under the troubleshooting reports if filtered by IP

High Availability-Specific changes

  • Sync value changes (TFS 367401)

  • Changed initial “Out of sync” timeout value from 5 seconds t10 seconds

  • Changed full timeout for sync from default 30 seconds t60 seconds

  • Updated WEL (Windows Event Log) reporting to reflect “Node out of sync, attempting to heal…” instead of “Node out of sync”

  • Time when node entered into out of sync state, “Initial detection of node as out of sync, entering grace period…”

  • Time when node attempted to start healing itself, “Node out of sync, attempting to heal…”

  • Time node took to heal (if healed), “Node was out of sync for [N] seconds but is now in sync”

  • Time at which point node considered itself unable to heal

  • Time at which node began to drain, “Out of sync node unable to recover after [N] seconds, entering drain mode for maximum of [M] minutes. Service [will\will not] restart when draining is complete”

  • Elapsed time node completing drain, “Finished draining node after [N.XY] minutes”

  • Specify log location and prefix with node ID (TFS 367897)

Installer Modifications

  • Update existing ProtocolCommands records with Actor (Account) value from Authentications table (TFS 370935-AC1)

  • Update existing Transactions records with Time_stamp value from other tables (TFS 370935-AC2)

  • Backup existing reports and deposit new ones for new and existing customers (TFS 370935-AC3)

  • Deposit a number of helper SQL scripts, such as row count, most prolific users, etc. (TFS 370935-AC4)

  • Deposit a number of targeted purge scripts. See comments in each script for details (TFS 370935-AC5)

  • Update to the create_5_sprocs.sql to avoid adding NULL values into the database. (TFS 370752)

  • Upgrades are only allowed from 7.4.x (TFS 368126)

  • EFT trials are now 15 days (TFS 369582)

  • Recommendation is to upgrade tour latest GA (7.4.13.15) before upgrading to this release

Privacy-Related Additions

  • GDPR will require ESM/ASM licensing (TFS 371440)

  • Set of privacy configuration settings that map GDPR requirements to EFT’s privacy features, for evaluating compliance levels (TFS 369312)

  • Built-in automatic encryption of all fields identified as personal data, including email, with a separate, managed encryption key (TFS 363303)

  • Updated Account Details dialog on the General tab (when selecting a user) with tool tip functionality (TFS 363529)

  • New Account Details template under security tab at the site level (TFS 363529)

  • Ability to define attributes that are considered personal data

  • Ability to define attributes that are visible to the user

  • Ability to define attributes that are modifiable by the user

  • Changes done will apply tall existing clients and new clients (TFS 370953)

  • Ability to define EFT admins to view/manage personal data (TFS 364360)

  • New User consent to Privacy Policy (PP) drop-down under the General tab at the user level (TFS 368730)

  • Block or allow access to personal data, limiting administrators to need-to-know access to personal data (TFS 362490)

  • Generate a Data Privacy Impact Assessment (DPIA) report which evaluates compliance and risk levels based on settings (TFS 366251)

  • Set an EU subject status teach user account (TFS 363000)

  • Define a privacy policy for a given EFT Site (TFS 367574)

  • Specify whether explicit or implicit consent with the privacy policy is required of end users (TFS 367574/367846)

  • Define a Terms of Service (ToS) for a given EFT Site (TFS 366847/367845)

  • Determine user account details fields are considered personal data or assign attributes over each field (TFS 362406)

  • Specify whether explicit or implicit agreement with the Terms of Service is required of end users (TFS 366847)

  • Reset the privacy policy’s effective date, which re-displays the policy to connected users (TFS 367574/367846)

  • Deny access to other protocols (S/FTP/S) until the user has consented to the privacy policy (TFS 367574/367846)

  • Reset the Terms of Service’s effective date, which re-displays the policy to connected users (TFS 366847)

  • Deny access to EFT via other protocols (S/FTP/S) until the user has agreed to EFT’s Terms of Service (TFS 366847)

  • Identify or specify whether or not a user has consented to use their personal data (TFS 363087)

  • Optionally give users the ability to access (view) their personal data (TFS 363200)

  • Optionally give users the ability to rectify (modify) their personal data (TFS 363201)

  • Optionally give users the ability to delete their account including personal data (TFS 363202)

  • Optionally give users the ability to restrict use to their personal data (TFS 363211)

  • Optionally give users the ability to be notified of changes made to their personal data (TFS 363300)

  • Optionally give users the ability to export (port) their personal data (TFS 363301)

  • Optionally give users the ability to object to the use of their personal data (TFS 363302)

  • Ability for users to see their currently assigned EU subject status (optional) (TFS 371467)

  • Ability for users to modify their current EU subject status (optional) (TFS 371803)

  • %USER.GDPR_RIGHT_EXCERCISED_ARTICLE_ID% for events related to exercising of privacy rights (TFS 363470)

  • %USER.GDPR_RIGHT_EXERCISED% for events related to exercising of privacy rights (TFS 363470)

  • %USER.GDPR_REASON_GIVEN% to capture the user’s rationale when exercising their privacy rights (TFS 363470)

  • %USER.PP_CONSENT_STATUS% to show the current privacy policy consent status for a given user (TFS 363470)

  • %USER.TOS_CONSENT_STATUS% to show the current Terms of Service agreement status for a given user (TFS 363470)

  • %USER.EU_DATA_SUBJECT_STATUS% to capture the EU subject status state for a given user (TFS 363470)

  • New event rule trigger “GDPR Right Exercised” that triggers whenever a user attempts to exercise one of their granted rights (TFS 363341)

  • New conditions for event rule processing related to a user’s EU subject status, privacy policy, and agreement consent status (TFS 363342)

  • Ability to trigger a rule in EFT when a user’s personal data is modified by someone other than the user (right to be notified) (TFS 363300)

  • Ability to modify user privacy fields via EFT’s event rules, such as changing field attributes, modifying EU data subject status, and more (TFS 368623)

Other Event Rule Additions

  • Create or set variable Action (TFS 358683)

  • Run PowerShell Action (TFS 367503)

  • Call (GoTo) Event Rule Subroutine Event and Action (TFS 367875)

  • Ability to scan metadata with Content Integrity Control Action (TFS 363436)

  • “Enable this Account” option added to User Account Action (TFS 368623)

  • Context variable to grab file extension, and place it into the context variable (TFS 367283)

  • Added new context variables for date and time stamps in ISO8601 format. (TFS 368860)

  • Increased the default FM worker threads from 32 t64 (TFS 370453)

  • Retry logic for Copy Action (TFS 370290)

  • Cloud object monitor usability updated (TFS 369671)

  • Workspace re-enable users on re-invite (TFS 368874)

  • Event rule exports are now in JSON format, XML is deprecated and will not be imported in this version of EFT (TFS 371721)

  • AWE task code (.aml) is now persisted in SiteConfig*.db (SQLite file). Upon upgrade, .amls are read from the legacy file location and imported into the database (TFS 371719)

  • CIC profiles are now site-level (previously were Server-level) (TFS 371722)

  • Upon upgrade legacy server level CIC profiles will be cloned into each site (TFS 371722)

  • EFT’s CIC event rule action can now scan ad hoc message metadata, such as the message subject or body text, in addition to files (TFS 363436)

Web Transfer Client & Workspaces

  • Ground-up re-write resulting in tremendous performance gains (TFS 368791)

  • Includes a new Profile page for managing personal/privacy data, language, date format, number format

  • See (TFS 371467) and specify (TFS 371803) whether or not they qualify as an EU data subject (optional)

  • See user's account details fields marked as personal data from within the web client (right to access) (Optional) (TFS 363345)

  • Modify fields marked as personal data from within the web client (right to rectify) (Optional) (TFS 363201)

  • Rescind their consent to previously agreed to privacy policy (right to rescind) (Optional) (TFS 363119)

  • Submit a request to have their account be removed including all personal data (right to be forgotten) (TFS 363202)

  • Request that EFT restrict use of their account details marked as personal data (right to restrict) (TFS 363211)

  • Object to the use of their account details marked as personal data (right to object) (TFS 363302)

  • Download their account details marked as personal data in a semi-structured format (right to port) (TFS 363301)

  • Optionally change their password (TFS 367099)

  • Added support for batch downloads in zipped format (TFS 369255)

  • Added ability to move files between two different workspace folders (TFS 76901)

  • Change default workspace expiration-check cycle to once a minute (TFS 368683)

  • Separate control added tenable Request file portal subject to Send and Reply portals both being enable (TFS 369944)

  • File Expiration has been separated from Link Expiration for ad hoc delivered files, separating link security and data retention concerns (TFS 369706)

COM API

  • The ICIServer Interface methods and properties below are deprecated and no longer work (return E_NOTIMPL error). (Instead use the similar Site-level methods and properties.)

  • Methods:

    • CreatePGPKey

    • RemovePGPKey

    • ImportPGPKey

    • ExportPGPKey

    • GetPGPKeyringSettings

    • SetPGPKeyringSettings

    • ImportSSHKey

    • RemoveSSHKey

    • RenameSSHKey

    • ExportSSHKey

    Properties:

    • AvailablePGPKeys

    • AvailableSSHKeys

  • The ICISite Interface methods and properties below are deprecated and no longer work (return E_NOTIMPL error):

  • Methods:

    • GetSSHKeyFilePath

    • SetSSHKeyFilePath

    Properties:

    • SFTPKeyFile

    • SFTPKeyFile

  • ISATMessage and IAdhocMessage interfaces do not apply tEFT v8 and later

Fixes

EFT Admin GUI

  • Resolved an issue that caused the Start and stop site options from being grayed out under the “File” drop-down option (TFS 368804)

  • Updated the Encrypted folder wizard which had a spelling error (TFS 368880)

  • Updated IP address option to “OS Chooses” (TFS 369223)

  • Fixed an issue when presented with a failed to create user after selecting a different Site on User creation wizard error displayed “FOREIGN KEY constraint failed” (TFS 370378)

  • Provided the ability to customize the URL and port that are sent via Workspace invite email in the Send Portal (TFS 371388)

  • Fixed an issue where invalid SSH key imports would not display any error prompts (TFS 368594)

  • Fixed an issue where the status tab Ban option would not work (TFS 368622)

  • Fixed an issue where the Admin GUI could hang with high traffic (TFS 368908)

  • Fixed an issue where passwords could be shown in plain text in file and folder operation actions (TFS 369656)

  • Fixed an issue where the Admin GUI could hang when enabling ARM (TFS 370382)

  • Fixed the layout in the “AS2 – Transactions Detailed” report (TFS 371246)

  • Fixed an issue where the Admin GUI hang could limit access tWTC (TFS 367876)

  • Fixed an issue where the Admin GUI could timeout during a backup (TFS 372407)

  • Fixed an issue where the Admin GUI in EFT Express could hang upon upgrade (TFS 369339)

  • Fixed an issue where the Admin GUI could hang after making changes (TFS 369391)

  • Fixed an issue where the Admin GUI could crash when removing site while the FileAudit.db is broken (TFS 371278)

  • Fixed an issue where the Max Transfer Speed limit, when enabled, would cause folder downloads to hang (TFS 369373)

  • Fixed an issue where the Admin GUI could hang due to HTTP buffer size (TFS 370952)

  • Fixed an issue where the Admin GUI was not consistent when enabling and disabling administrator permissions (TFS 372895)

  • Fixed an issue where the Admin GUI would revert the Delete file(s) older than X value to 7 in the File Cleanup Action after browsing a folder (TFS 372677)

  • Fixed an issue where the Admin GUI would display an icon image on the IP Access Rules UI (TFS 371654)

  • Fixed an issue where the Admin GUI spinner for Prohibit reuse of previous passwords was not working correctly (TFS 370549)

  • Fixed an issue where the Admin GUI could be slow on high HTTP traffic (TFS 369938)

API

  • Fixed an issue where an API call could cause an EFT exception (TFS 372977)

Auth SAML

  • Fixed an issue where SAML requests could fail. (TFS 370586)

Auth AD

  • Fixed an issue where AD users were unable to reset passwords when AD password has expired or was set t“user must change password at next login” and group consists of users from parent/child domains (TFS 368107)

  • Fixed and issue where one-way trust no longer worked for remote forest (TFS 369294)

  • Fixed an issue were users were unable to authenticate with an AD account when using UPN login (TFS 373152)

ARM

  • Updated crate_5_sprocs.sql to incorporate improvements (TFS 370752)

  • ARM reports were not generating data with traditional Chinese SQL server (TFS 373304)

  • Auditing of HTTP GET requests to use GET rather than LIST verb (TFS 369780-AC2)

  • TransferTime wasn’t appearing for certain transactions in ProtocolCommands table (TFS 369780-AC3)

  • SFTP connections were not auditing LIST operation (TFS 369780-AC4)

  • FTP connections where auditing USER and LIST verbs multiple times (TFS 369780-AC5)

  • Inconsistency with usage of datetime and datetime2 data types for auditing of timestamps (TFS 369780-AC6)

  • AS2Transactions table to use nvarchar(max) rather than "text" datatype for MDN, PayloadHeaders, and MDNHTTPResponse (TFS 369780-AC7)

  • Naming convention in auditing of administrator and REST administrator operations in ProtocolCommands table (TFS 369780-AC10)

  • Circular reference in Actions and EventRules tables (TFS 369871)

  • Circular reference in AS2 Actions and AS2Files (TFS 369871)

  • Modified schema to merge AS2Transactions and AS2Files tables as they were redundant (TFS 369828-AC5.1)

  • Modified EFT to use an AD object per AD call and sends inserts in batches, which improves auditing performance under load (TFS 371279)

  • Modify purge and fast purge with a vastly more performant version of the same (TFS 370935-AC6)

  • Updated Oracle’s stored procedures to avoid a NULL constraint error on offline record insert (TFS 370935-AC7)

AWE

  • Fixed an issue where the Long List FTP action would display an error (TFS 365263)

  • Fixed an issue where EFT variables were missing (TFS 372798)

  • Fixed an issue where the “On error” action email fails after upgrading EFT (TFS 366436)

  • Fixed an issue where the email action was lost after upgrade (TFS 368591)

  • Fixed an issue where EFT administrators were unable to import batches of AWE scripts (TFS 369543)

  • Fixed an issue where variables were initialized differently between AWE10 and AWE8 (TFS 370023)

  • Fixed an issue where the Delete File action did not respect the “Exclude Mask” (TFS 372488)

  • Fixed an issue where the “If Folder Exists” statement was not working (TFS 372490)

  • Fixed an issue where variables as delimiters in a loop were not working (TFS 372491)

  • Fixed an issue where change folder action is appending to the user’s home folder path (SFTP only) (TFS 372494)

  • Fixed an issue where the margins are ignored when converting file to PDF (TFS 373077)

  • Fixed an issue where EFT variables were missing in AWE (TFS 373337)

  • Fixed the aspect ratio of the AWE splash screen (TFS 373282)

CIC

  • Fixed an issue where CIC was not properly processing files as expected (TFS 351868)

Cloud Connectors

  • Fixed an issue where Amazon S3 compatible did not work when providing S3 details (TFS 370883)

  • Fixed an issue where S3/Azure uploads fail if folder exists in source location (TFS 368817)

  • Fixed an issue where cloud monitor events may cause a hang in EFT (TFS 369997)

  • Fixed an issue where post processing actions failed to complete (TFS 370600)

  • Fixed an issue where files over 4GB uploaded to Azure were malformed (TFS 372579)

  • Fixed an issue where cloud object key conditional logic did not work as expected (TFS 372831)

Connection Profiles

  • Fixed an issue where the wrong IP was sent on an outbound request when configured under the Advanced properties (TFS 370758)

Custom Commands

  • Fixed a GUI issue that reflected incorrect admin permissions (TFS 368530)

DMZ Gateway

  • Fixed an issue where EFT did not honor the XFF headers when the traffic is generated from the DMZ Gateway (TFS 370642)

EFT COM

  • Added the reason parameter to Object AddIP Access Rule (TFS 369934)

Event Rules

  • Fixed an issue where the context variables for a copy action did not work in the port field (TFS 372219)

  • Fixed and issue where Folder monitor rules may crash (TFS 370420)

  • Fixed an issue where weekly event rule schedule timer not using recur every <N> weeks(s) on value (TFS 369253)

  • Fixed an issue where the Ban user IP address action was not working as expected (TFS 369995)

  • Fixed an issue where mail attachments were not working in event rules (TFS 369996)

  • Fixed an issue where remote listing cache was never cleaned up (TFS 372220)

  • Fixed an issue where weekly scheduled timer event rules failed to start at the expected cycle (TFS 372876)

  • Fixed an issue where the “On Before Download” would trigger for non-existent 404 resource (TFS 368469)

  • Fixed an issue where “On upload failed” event rule with file is banned condition would not trigger via SFTP (TFS 368801)

  • Fixed an issue where a square bracket saved in the SMTP from field prevented any mail action event rules to be properly saved (TFS 368712)

  • Fixed an issue where “Invoke Web Service” rule always redirected on URL received in Location Header (TFS 369340)

  • Fixed an where upload support would fail when using DMZ server as a proxy (TFS 373297)

High Availability (HA)

  • Fixed an issue where all nodes would trigger a user password change event rule when an EFT admin changes a user’s password (TFS 368864)

  • Fixed an issue where load balanced timer event rules may crash EFT (TFS 370272)

Installer

  • Fixed an issue to provide the HA install MSMQ parameters (TFS 370310)

  • Fixed an issue where an AWE DLL was not properly registered upon install/upgrade (TFS 370584)

  • Fixed an issue where an invalid MSMQ configuration via silent installer caused a crash in EFT (TFS 370928)

Logging

  • Fixed an issue where the Folder Encryption Key is displayed in the log file (TFS 373641)

  • Fixed an issue where the EFT log would log an error when running a PCI DSS Compliance Report (TFS 373517)

Outlook Add-in

  • Fixed an issue where the pickup link was incorrect (TFS 369824)

  • Fixed an issue where duplicate requests were sent to the EFT server (TFS 369832)

  • Fixed an issue where user was not presented with a prompt when using the Secure Message without an attachment (TFS 371259)

  • Fixed an issue where EFT may hang due to high OAI users (TFS 368320)

  • Fixed an issue where Workspace pickup link would display the incorrect link when using a DMZ Gateway (TFS 368504)

REST API

  • Fixed an issue where REST API calls log password in clear text (TFS 371314)

scClient

  • Fixed an issue where scClient did not work using FAST (TFS 371277)

SFTP

  • Fixed an issue where ciphers were missing when upgrading from an older version of EFT (TFS 367978)

  • Fixed an issue where on rare situations EFT would experience a crash in the SFTP engine (TFS 370750)

  • Fixed an issue where quit commands would report “Exit status -1” instead of -0 (TFS 371165)

  • Fixed an issue where SFTP connections would not send a close packet (TFS 372816)

Web Transfer Client (WTC)

  • Fixed an issue where some of WTC pages were missing the X-Frame-Options: SAMEORIGIN Get request (TFS 368205)

  • Fixed an issue where some secure flag was missing for cookies (TFS 370264)

  • Updated cookie naming from loginsession to mfatoken and token to csrftoken (TFS 370266)

  • Fixed an issue where the EFT username is not displayed unless workspaces is enabled (TFS 366503)

  • Fixed an issue where the samlssologgedout cookie was not marked with the secure attribute (TFS 369921)

  • Fixed an issue where the LDAP user account had “user must change password” enabled did not allow the user tlogin tWTC (TFS 370383)

  • Fixed an issue where 0KB folder could not be download (TFS 368671)

  • Fixed an issue where some users were not seeing the correct display when clicking on the Filter option (TFS 367819)

  • Fixed an issue where the broken transfer warning UI did not translate to any other language other than English (TFS 367032)

  • Fixed an issue where the UI would not properly report a valid error message when quota limit was reached (TFS 367608)

  • Fixed an issue where the change password option should not be available when EFT is not configured tallow change password (TFS 368677)

Workspaces

  • Fixed an issue where the workspace owner’s full name was not displayed in the invitee workspace welcome email (TFS 372654)

  • Fixed an issue where the Reply address was not properly populated after KB 11384 was applied (TFS 368578)

  • Fixed an issue where the subject and message body details for a message marked “secure message” was not encrypted in the Workspaces.db (TFS 368575)

  • Fixed an issue where workspaces emails kept the EFT HTTPS port in the email invite instead of the DMZ listening port (TFS 368802)

  • Fixed an issue where Yahoo domain users did not receive the hyperlink for Workspaces send portal (TFS 370406)

  • Fixed an issue where the “Shared With Me” link was displayed even when workspaces was disabled (TFS 352135)

  • Fixed an issue where the toolbar did not reflect the guest permissions (TFS 369559)

  • Fixed an issue where Request File Reply could not upload a file that contained a # character (TFS 368716)

  • Fixed an issue where the Send Portal browse button was not functional in a PCI-DSS site (TFS 372933)

  • Fixed an issue where a race condition in Transactional Workspaces could cause the EFT service to crash (TFS 371428)

March 2019

Version 7.4.13.15

Mar 14, 2019

  • Added security patch updates for potential vulnerabilities. These updates address recently identified potential security vulnerabilities that affect system availability. They do not indicate data security risk. While there are no known exploitations of these vulnerabilities, we recommend upgrading as soon as possible to avoid potential risk.

  • Patches are available for the following versions here:

    • 7.4.13.14 (Enterprise and Express)

    • 7.4.11.34 (Enterprise and Express)

    • 7.4.10.6 (Enterprise and Express)

    • 7.4.9.11 (Enterprise and Express)

    • 7.4.7.18 (Enterprise and Express)

    • 7.4.7.15 (Enterprise and Express)

    • 7.4.5.8 (Enterprise and Express)

    • 7.4.5.7 (Enterprise and Express)

    • 7.4.5.6 (Enterprise and Express)

  • Further information about these vulnerabilities is available here.

Version 7.4.5

Mar 19, 2019

7.4.5 R2

Fixes
  • Fixed scenario of Event Rule delegation to non-existent HA node that could result in failure to execute Folder Monitor event rules

  • Fixed scenario of Event Rule delegation to non-existent HA node that could result in server crash

7.4.5 R1

Nov 21, 2017

New Features
  • Added Cloud Connector Module

  • Added EFT REST endpoint for querying administrative info and server status

Event Rules:

  • Added new context variables related to Remote Agent functionality; %Agent.Name%, %Agent.Version%, %Agent.Last_Update_Timestamp%, %Agent.Next_Update_Timestamp%, %Agent.Computer_Name%, %Agent.Template%, %Agent.Status%

  • Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #

  • Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields

Logging:

  • Added logging for AWS S3 and Azure blob storage to EFT.log

Installation:

  • Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast

Remote Agent Module

  • Added provisioning and management of Remote Agents

  • Added Remote Agent Event Rule Triggers - Folder Monitor, Folder Monitor Failed, and Timer

  • Added Remote Agent Event Rule Actions - Copy/Move (push) file to host, Download (pull) file from host, Stop processing

SMTP:

  • Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab

Web Interfaces – General:

  • Implement robots.txt so that Web Transfer Client does not appear in web search

Workspaces:

  • Added feature to Request Files

  • Added option to Secure Message Body

  • Pick-up Portal now has “download all” option

Enhancements:

  • Removed local notes.txt file (version history).

  • Removed Java Option code from Login.htm file

  • Improved efficiency of ARM Purge script

  • Defaulted log file appender to include computer name

Fixes
  • Login attempts fail with "Precondition failed"

  • Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires

  • "If settings template equals" condition is now properly converted after upgrade.

  • Admin GUI crash when expanding workspaces under the VFS tab

  • Folder monitors are not updating enabled status icon when reconnecting after a failed health check

  • HA: Phantom node appears in Status tab.

  • Mouse pointer spinning in VFS when expanding Site root folders

  • EFS icon not displaying on encrypted VFS folder

  • Connection profile Test button outcome shows up as failed when in reality it does connect successfully

  • Server level TLS/SSL settings are being disregarded when using Connection Profile Test

  • Event Rule level backup nodes not recognized in the Status tab.

  • After adding a child domain group, a member of that group couldn’t login to admin console

  • Outlook Send Activity ARM Report data truncated

  • Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions

  • Event Rules: EFT is hanging and needs to be restarted to restore functionality

  • PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0

  • Web Interfaces – Web Transfer Client (HTML5):

    • The global search on Jument is throwing 404 error

    • Creating a new workspace while uploading a large file will cancel the upload

    • Unable to access WTC using CAC Authentication on an LDAP site

  • Workspaces

    • Fixed issue of workspaces expiring immediately after upgrade

    • Workspace link created from outlook add-in has the incorrect url

    • Workspace Outlook add-in auto disables when using Integrated Windows Auth

    • Workspaces Send breaks with IWA SSO

February 2019

Version 7.4.13

Feb 13, 2019

New Features
  • Added registry settings to control frequency of disk quota login calculations to further enhance quota calculation performance

  • Added registry settings to insert a retry and retry delay to EFT Site start, in case of Site start failure due to blocked ports

  • Added logs to alert administrator when an IP address has been banned

  • Added ability to enable HSTS when HTTPS is enabled, independent of the <link>HTTP to HTTPS redirect</link> feature.

  • Added automatic file download to the DirectDownload.htm template

  • Added a User Account Action to allow administrators to automated changes to accounts

Enhancements
  • Optimized disk quota calculations so that they occur on user account logon rather than upon service start

  • Enhanced usability during initial account registration and change password requests by showing password complexity requirements

  • Updated SQL Server drivers to allow use of newer Transport Layer Security (TLS) protocols

  • Updated OpenSSL library to 1.0.2q

  • Updated OpenSSH derived library to latest version 7.9.0.0

  • Updated Web Transfer Client login page and localization features

  • Removed direct download links from workspace's email template

Fixes
  • Numerous bug fixes were released in this version of EFT.

October 2018

Version 7.4.11

Oct 24 2018

New Features
  • Added support for multiple group filtering under AD

  • Added username to AuthManager login ‘failed login’ eft.log

  • Added a registry option to disable basic authentication

  • Added Azure shared access signatures (SAS) support to cloud connector module

  • Added ability to inject passwords into exported rules xml, for event rule import

  • Added support for accelerated, parallel cloud transfers to Azure (8X speed increase)

  • Added the ability to capture the reason behind a manual IP ban

  • Added more context variables, such as SITE.DMZ_ADDRESS or PORT

  • Added option in EFT to select whether to do DNS lookups on the local EFT Server or DMZ Server

  • Added the ability for users to download entire folders from the WTC

  • Added the ability for users to move folders in the WTC

  • Added a domain whitelist property for greater control over the send file feature

  • Added controls for treating connections differently depending on their origination

  • Added an advanced property (registry override) to display full name rather than login name in WTC

  • Added more granular variables to Workspaces invite messages

  • Added ability to provision LDAP users when a workspace is shared with them

  • Added an advanced property (registry override) to all configuration of HSTS max-age value

  • Added an advanced property (registry override) to manage CSP Content Security Policy header

  • Added an advanced property (registry override) to disallow support for Basic Auth for HTTP/S

Enhancements
  • Updated SFTP library in line with current FIPS compliance standards

  • Decoupled Workspaces sending from sharing permissions: A user may not have permission to share but can send, and vice versa.

  • Hid the disk quota feature by default as it remains experimental

  • Updated SFTP library in line with current FIPS compliance standards

  • Enhanced the WTC to display an error on next login if a background transfer failed

  • Updated language support for French, German, Spanish and Dutch

  • Improved SFTP logging to capture algorithms used

  • Updated OpenSSL to 1.0.2p

  • Improved auditing of expired module licenses in EFT.log

  • Removed optional recording of contact details and IP to better comply with GDPR

  • Changed EFT Enterprise installer file name from eftserver-ent.exe to EFT-Enterprise.exe

  • Changed EFT Enterprise without SQL Express installer file name from eftserver-nodb.exe to EFT-Enterprise-nodb.exe

  • Changed EFT Express installer file name from eftserver.exe to EFT-Express.exe

  • Changed EFT Express without SQL Express installer name from eftserver-nodb.exe to EFT-Express-nodb.exe

Fixes
  • Numerous bug fixes

July 2018

Version 7.4.9

Jul 17, 2018

Enhancements
  • Added ability to construct internal URL hyperlinks in notification emails based on recipient domain

  • Added ability to specify internal domain certificate in instance where direct connection is made that bypasses DMZ Gateway

  • Added ability for AD sites to automatically remove accounts after X days of inactivity

Fixes
  • Various bug fixes and improvements

 

June 2018

Version 7.4.7

Jun 6, 2018

Enhancements

Administration Interface

  • EFT Server (SMB) has been renamed to EFT Express

  • High Security Module (HSM) is now Express Security Module (ESM) in EFT Express

  • Update to SSL security compatibility to reflect “Minimum Protocol Version”

  • Update to the generic Welcome FTP banner message on new installs

  • EFT Login - %Date% %Time% - Please enter valid credentials to continue

  • SMTP Implicit TLS option is now exposed via the new server setup wizard under the SMTP Server settings wizard page

  • Removed the personal data registration page on a new install, under the Globalscape EFT Server Registration wizard page

  • EFT user’s home folder will now sync with their AD profile folder

  • Ability to type a value for toggle “Auto-attach files in Outlook when they exceed:”

  • More descriptive error message when workspaces license count has exceeded

  • Admin will now be presented with a prompt that Request files will be disabled when Reply portal is disabled

  • The EFT full version is now displayed in the title bar

EFT Installer

  • SQL Express 2017 is now bundled with the EFT installer (64bit support only)

  • EFT 7.4 has been rebranded to new logos and title (this includes most if not all UI related Items, including ARM Reporting but excludes the installer)

  • New splash screens

  • New globalscape logo

  • Updated Admin GUI wizard pages

Event Rules

  • Event Rule Action – Send email notification action with attachments

  • New Cloud Object Monitor will allow users to monitor Amazon S3 or Azure blob storage for file triggers including ability to execute an action based on a trigger

  • Ensure S3 regions list is up-to-date

HA

  • Allow EFT admin to specify outbound IP address in Event Rule Advanced option in HA environment

Licensing

  • CCM and MTC are now part of EFT

Outlook Add-in

  • OAI now provides a Secure Message Delivery Option

  • Microsoft Outlook Digital Signature is now supported with EFT OAI

  • Microsoft Outlook Encryption is now supported with EFT OAI

Remote Agent

  • Agent/Account coexistence

  • Agents can be created on same site as standard user account

  • New Diffie-Hellman key exchange security between EFT and Remote Agent

  • Remote Agents will now Auto-update when required

  • Certificate creation for a RAM template is no longer required when configuring a new Remote Agent

  • Changed from “Active’ to “Enrolled” in the agent status list

Workspaces

  • EFT Admins can now enable/disable the Reply portal

  • Admins will now be warned that the Request files functionality will be disabled when the Reply portal is disabled

  • EFT Admins can now enable/disable reply functionality to non-EFT users when using the Send portal

  • Request file options will now provide ability to require authentication

  • EFT email recipients can now access the reply/reply all page from the pickup portal

  • Drop-off portal can now use generic CAPTCHA instead of Google’s re-Captcha

  • Workspace invites are now restricted to whitelisted domains (if configured)

  • EFT will now delete guest accounts if they are not part of a Workspace or transactional workspace

  • The workspace(s) are deleted if the workspace has expired or the user has been uninvited from the workspace share

  • EFT will now restrict guests to their shared workspace

  • External users will no longer be granted by default a home folder of their own

  • Workspaces will now provide a drop-down list for “From” field when an EFT user has multiple email addresses configured in their EFT account

  • Increased Workspace trial license count to 100 seats

  • EFT users should now be taken directly to their shared workspace when clicking on the Workspaces link in the recipient’s email and authenticating

  • Improved the account registration and verification process

  • After verification email is sent the guest can now access their Workspace content without further authentication if the link is accessed within 60 minutes otherwise they will be required to authenticate prior to accessing the workspace

WTC

  • Add Spanish language to WTC

  • Rebranding of the WTC including all portals

EFT Installer

  • SQL Express 2008 is now removed from the EFT Installer

  • Mail Express is now removed from the EFT Installer

Automate

  • AutoMate action has now been removed from AWE

Security

  • Support strong KEX algorithms for Incoming SFTP

  • diffie-hellman-group16-sha512

  • diffie-hellman-group14-sha256

  • diffie-hellman-group-exchange-sha256

  • diffie-hellman-group14-sha1

  • diffie-hellman-group-exchange-sha1

  • diffie-hellman-group1-sha1

COM

  • Expose MTC registration status via COM

  • Expose CIC registration status via COM

Outlook Add-in

  • Add-in readme file now explains the difference between the .exe and .msi installer

Logging

  • Windows event “Windows Event log evaluation period expired” for modules are now logged as Warnings instead of Errors

Fixes
  • Fixed “CTRL+F” search function

  • Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled

  • Updated the security tab typo to reflect “FIPS-certified”

  • EFS icon was not displaying when a VFS folder was encrypted

  • EFT admin GUI crashed when a CIC profile was renamed

  • Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7

  • Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option

  • EFT UI will not accept configuration change when renaming CIC connection profile

  • Statistics box on “My Site” general tab needs to be adjusted

  • Stopped site does not have the red X on the MySite under VFS tab

  • Enterprise option to reset passwords for multiple users is greyed out

  • Cannot enter letters in zip code field in registration wizard

  • Admin UI: visual artifact in the UG tree

  • Web Service – Invoke Event Rules (Detailed) report no longer returns data

  • Outlook Send Report column (Recipient) is not populating

  • PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint

  • Admin console is hanging when login and also when trying to clone rules

  • Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth

  • Passwords not syncing with EFT AD site

  • Service hang - users can't connect

  • EFT Memory is growing gradually

  • Anonymous authentication bug since 7.3.3.21

  • Service crashing intermittently

  • After upgrade and applying hotfix, Permission groups no longer present

  • GUI Crashes with new ODBC site when creating new user

  • EFT Event Action S3 region list is incomplete

  • EFT S3 Region list is outdated

  • Browse Remote File System causes Error and GUI Crash

  • Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently

  • When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination

  • Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6

  • ER: An unencrypted user password can be written to WEL when using User Event Rules

  • Event Rule: The reason for not being able to delete a file (move) is not provided to the user

  • EFT’s copy/move does not appear to honor the “Retries” value

  • EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4

  • Source file name.ext not pre-populating in the source field after clicking OK

  • Source file name.ext not pre-populating in the source field after double clicking

  • UI does not refresh after deleting an Event Rule

  • File/Folder actions leak handle

  • Scheduled event rule not running at expected scheduled times after 12am

  • Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files

  • Connection Profile – Connection Details form disappears when the admin user hits the enter Key

  • Broken upgrade from pre 1M for custom command

  • Admin console hangs on login

  • EFT Server Ent 7.4.2.4 randomly crashes

  • High CPU Utilization and Hangs

  • HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified

  • HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods

  • During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure

  • EFT Upgrade progress dialog is blank

  • Automatic service startup is not consistent

  • Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version

  • Modify install change stops EFT service from working

  • Upgrade -- ERROR AuthManager - Could not create client object already persistent

  • FTP.cfg is corrupted upon upgrade

  • Installer hangs and stops responding when ORCL credential used have expired

  • When modifying the start menu, the default value Globalscape still is the one that is used

  • Administrator Account Configuration screen - Text box line disappears

  • Installer allows upgrade from 7.1 directly to 7.4

  • Installer.log file contains admin user and password

  • Folder monitor override credentials being used when writing to log file

  • IPAccess logging is broken

  • EFT - Can't delete a file because Outlook is accessing it

  • PCI Invalid logins differ at the site and server level

  • EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate

  • Remote Agent Service executable has bad description

  • Agent Install URL returns 404 for HA installations

  • Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template

  • Remote Agent Template window, tab order not going left to right, top to bottom

  • Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."

  • Remote Agent Template can be selected for new administrator accounts

  • SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled

  • SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia

  • ClientFTP: CSocksSocket checks timeout wrong

  • Listing fails on remote server in EFT, but not Filezilla

  • SMTP to Exchange fails with TLS 1.1 and 1.2

  • EFT Admin: Status screen is not refreshing statistics

  • Cannot remove "All Users" group from a folder in VFS

  • Unable to configure streaming repository encryption when site root is a share

  • Show VFS home folder then setting permissions is broken again

  • VFS manipulation is slow

  • Refresh required when an unacceptable character is entered in Maximum message size

  • Banned file types appear to be sent from Drop-off and Send Portal

  • User isn't routed to the workspace (shared) folder upon login to WTC

  • Workspaces – Edit Workspace screen no longer displays the participant email address when the invitation is pending

  • Selected user background turns from 'blue' to 'gray' after the action

  • OAI body message is not visible when accessing the contents via WTC

  • Workspaces license limit email is being sent incorrectly

  • Workspaces guest template defaults to allow creation of workspaces

  • Http/1.1 404 Object Not Found error when clicking on Workspace link from email

  • Customizations.js executing before the UI is rendered, preventing customizations to the WTC

  • WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers

  • Embedded link downloads no longer working as of 7.4.x

  • WTC translation does not persist after clicking request file option

  • WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users

May 2018

Version 7.3.9.18

May 14, 2018

Fixes
  • Admin console hangs on login

  • EFT Server Ent 7.4.2.4 randomly crashes

  • High CPU Utilization and Hangs

  • Fixed “CTRL+F” search function

  • Fixed an issue where the site creation wizard would fail to create a second PCI site when remote administration was enabled

  • Updated the security tab typo to reflect “FIPS-certified”

  • EFS icon was not displaying when a VFS folder was encrypted

  • EFT admin GUI crashed when a CIC profile was renamed

  • Admin hangs upon upgrade from 6.5.11.2 to 7.4.5.7

  • Fixed Cloud action wizard page to reflect proper text when pressing back and selecting a different option

  • EFT UI will not accept configuration change when renaming CIC connection profile

  • Statistics box on “My Site” general tab needs to be adjusted

  • Stopped site does not have the red X on the MySite under VFS tab

  • Enterprise option to reset passwords for multiple users is greyed out

  • Cannot enter letters in zip code field in registration wizard

  • Visual artifact in the Admin UI tree

  • Admin console is hanging when login and also when trying to clone rules

  • Using £ in an SSH key password prevents outbound event rules using SFTP w/ key auth

  • Passwords not syncing with EFT AD site

  • Service hang - users can't connect

  • EFT Memory is growing gradually

  • Anonymous authentication bug since 7.3.3.21

  • Service crashing intermittently

  • After upgrade and applying hotfix, Permission groups no longer present

  • GUI Crashes with new ODBC site when creating new user

  • ARM

    • Web Service – Invoke Event Rules (Detailed) report no longer returns data

    • Outlook Send Report column (Recipient) is not populating

    • PurgeSQLEFTData.sql script fails to drop all tables due to workspace fk constraint

  • Event Rules

    • EFT Event Action S3 region list is incomplete

    • EFT S3 Region list is outdated

    • Browse Remote File System causes Error and GUI Crash

    • Scheduler (Timer) Event - Selection arrows for (Start Time and Until) render inconsistently

    • When moving folder structure using Folder Monitor rules, file transfers intermittently fail if many files are dropped into a directory that does not yet exist on the destination

    • Event Rule push/pull Action Advanced Option to Use local IP for outbound does not work with IPV6

    • ER: An unencrypted user password can be written to WEL when using User Event Rules

    • Event Rule: The reason for not being able to delete a file (move) is not provided to the user

    • EFT’s copy/move does not appear to honor the “Retries” value

    • EFT is using URL encoding on invoke WEB Service request headers after upgrading to 7.4.2.4

    • Source file name.ext not pre-populating in the source field after clicking OK

    • Source file name.ext not pre-populating in the source field after double clicking

    • UI does not refresh after deleting an Event Rule

    • File/Folder actions leak handle

    • Scheduled event rule not running at expected scheduled times after 12am

  • Backup and Restore: Automatic backup on upgrade or repair has not been updated since 7.3.3 release. Needs to backup proper *.db files Connection Profiles

  • Connection Profile: Connection Details form disappears when the admin user hits the enter Key

  • Custom Commands: Broken upgrade from pre 1M for custom command

  • DMZ Gateway

    • DMZ Gateway Caches IPs for host names until service is restarted

    • Registered DMZ Gateway crashes when using FAST with expired DEI trial license

  • FAST: FAST protocol & Connection Profile - EFT GUI crashes when the user selects the test Path

  • HA: HaErrorHandler Option to Drain Server -- mitigate infrequent EFT Service Restart when ActiveNode.json is modified

  • HTTP: HTTP/S ProtocolCommands auditing captures 'UNDEFINED' for many methods

  • Installer

    • During an upgrade of EFT from older version to newer version, the SFTPCOMInterface.dll is occasionally not upgraded with silent failure

    • EFT Upgrade progress dialog is blank

    • Automatic service startup is not consistent

    • Silent Installer does not upgrade properly - FTP Server engine version differs from Administrators version

    • Modify install change stops EFT service from working

    • Upgrade -- ERROR AuthManager - Could not create client object already persistent

    • FTP.cfg is corrupted upon upgrade

    • Installer hangs and stops responding when ORCL credential used have expired

    • When modifying the start menu, the default value Globalscape still is the one that is used

    • Administrator Account Configuration screen - Text box line disappears

    • Installer allows upgrade from 7.1 directly to 7.4

    • Installer.log file contains admin user and password

  • Logging

    • Folder monitor override credentials being used when writing to log file

    • IPAccess logging is broken

  • Outlook Add-in: EFT can't delete a file because Outlook is accessing it

  • PCI Invalid logins differ at the site and server level

  • Remote Agent

    • EFT auto populates the SSL cert details when the user selects the cancel button on the SSL certificate Settings window

    • Remote Agent Service executable has bad description

    • Agent Install URL returns 404 for HA installations

    • Alt + * shortcuts are not working (highlighted with underscores) when creating RAM template

    • Remote Agent Template window, tab order not going left to right, top to bottom

    • Remote Agent Template can be selected via Right Click Option to "Set User Settings Template..."

    • Remote Agent Template can be selected for new administrator accounts

  • SFTP

    • SFTP Connections very slow after about 596 hours of the EFT startup if max speed limit is enabled

    • SFTP public key and password authentication does not work from EFT event rules (outbound) to Tectia Server

    • ClientFTP: CSocksSocket checks timeout wrong

    • Listing fails on remote server in EFT, but not Filezilla

  • SMTP to Exchange fails with TLS 1.1 and 1.2

  • Status Viewer is not refreshing statistics

  • VFS:

    • Cannot remove "All Users" group from a folder in VFS

    • Unable to configure streaming repository encryption when site root is a share

    • Show VFS home folder then setting permissions is broken again

    • VFS manipulation is slow

  • Workspaces:

    • Refresh required when an unacceptable character is entered in Maximum message size

    • Banned file types appear to be sent from Drop-off and Send Portal

    • Edit Workspace screen no longer displays the participant email address when the invitation is pending

    • Selected user background turns from 'blue' to 'gray' after the action

    • Workspaces license limit email is being sent incorrectly

    • Workspaces guest template defaults to allow creation of workspaces

    • Http/1.1 404 Object Not Found error when clicking on Workspace link from email

    • Customizations.js executing before the UI is rendered, preventing customizations to the WTC

    • WTC/Workspaces emails use Bare Line Feeds which cause some issues with some servers

    • Embedded link downloads no longer working as of 7.4.x

    • WTC translation does not persist after clicking request file option

    • User isn't routed to the workspace (shared) folder upon login to WTC

    • OAI body message is not visible when accessing the contents via WTC

    • WTC – Disabling the Reply portal fails to hide the request files icon for registered guest users

November 2017

Version 7.4.5

Nov 21, 2017

New Features
  • Added Cloud Connector Module

  • Added capability to Download and Copy/Move from AWS S3 storage

  • Added capability to Download and Copy/Move from Azure blob storage

  • Added ability to create Connection Profile to AWS S3 and Azure blob storage

  • Added EFT REST endpoint for querying administrative info and server status

  • (Event Rules) Added ability to parse Context Variables in Connection Profile and Event Rule transfer actions - SFTP and SSL Options, Advanced Options, and Port #

  • (Event Rules) Support for %...% variable to be used in Event Rule Email Notification Action - TO: CC: BCC: fields

  • Added logging for AWS S3 and Azure blob storage to EFT.log

  • Added "/MSMQMulticast=0" as a command line argument to the installer to skip the installation of MSMQ-Multicast

  • Added registry value that allows workspace invitation/mail to be relayed from generic EFT/noreply email defined in the SMTP tab

  • Implement robots.txt so that Web Transfer Client does not appear in web search

  • (Workspaces) Added feature to Request Files

  • (Workspaces) Added option to Secure Message Body

Enhancements
  • Removed local notes.txt file (version history). Please see website for up to date version history and change notes.

  • (WTC) Remove Java Option code from Login.htm file

  • (ARM) Improved efficiency of Purge script

  • Defaulted log file appender to include computer name

  • (Workspaces) Pick-up Portal now has “download all” option

Fixes
  • EFT service crashing randomly 7.3.5.4

  • Login attempts fail with "Precondition failed"

  • (Workspaces) Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires

  • "If settings template equals" condition is now properly converted after upgrade.

  • AS2 setup wizard's "Test Connection" results in a GUI crash

  • AS2 Outbound setup wizard results in a GUI crash

  • Admin GUI crash when expanding workspaces under the VFS tab

  • Folder monitors are not updating enabled status icon when reconnecting after a failed health check

  • HA: Phantom node appears in Status tab.

  • Mouse pointer spinning in VFS when expanding Site root folders

  • EFS icon not displaying on encrypted VFS folder

  • Connection profile Test button outcome shows up as failed when in reality it does connect successfully

  • Server level TLS/SSL settings are being disregarded when using Connection Profile Test

  • Event Rule level backup nodes not recognized in the Status tab.

  • After adding a child domain group, a member of that group couldn’t login to admin console

  • Outlook Send Activity Report data truncated

  • Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions

  • EFT is hanging and needs to be restarted to restore functionality

  • Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0

  • The global search on Jument is throwing 404 error

  • Creating a new workspace while uploading a large file will cancel the upload

  • Unable to access WTC using CAC Authentication on an LDAP site

  • Fixed issue of workspaces expiring immediately after upgrade

  • Workspaces – Outlook Add-In

  • Workspace link created from outlook add-in has the incorrect url

  • Workspace Outlook add-in auto disables when using Integrated Windows Auth

  • Workspaces Send breaks with IWA SSO

Version 7.3.8

Nov 21, 2017

New Features
  • Added a COM API method to retrieve the GUID using the site name

Enhancements
  • Removed local notes.txt file (version history). Please see website for up to date version history and change notes.

  • (WTC) Remove Java Option code from Login.htm file

  • Change default key length (in bits) from 1024 to 2048 in Create SSL Certificate Wizard

  • (ARM) Improved efficiency of Purge script

  • Defaulted log file appender to include computer name

  • Workspaces invitation and verify email messages customized per site

Fixes
  • Login attempts fail with "Precondition failed"

  • Rare scenario where EFT service cannot start and/or crashes if Workspace invitation expires

  • "If settings template equals" condition is now properly converted after upgrade

  • Server crashes when running vulnerability scanner Greenbone Security Assistant

  • EFT crashed due to OOM exception caused by excessive ScClientBundler::BundleThreadProc threads

  • Server hangs for 25-30 seconds when making config changes

  • Disabling FTP at the template or user level in EFT SMB prevents the use of FTPS Explicit connections

  • Admin GUI crash when expanding workspaces under the VFS tab

  • Folder monitors are not updating enabled status icon when reconnecting after a failed health check

  • HA: Phantom node appears in Status tab.

  • Mouse pointer spinning in VFS when expanding Site root folders

  • EFS icon not displaying on encrypted VFS folder

  • Connection profile Test button outcome shows up as failed when in reality it does connect successfully

  • Server level TLS/SSL settings are being disregarded when using Connection Profile Test

  • Event Rule level backup nodes not recognized in the Status tab.

  • After adding a child domain group, a member of that group couldn’t login to admin console

  • Hang when accessing SSH public key manager

  • Auditing and Reporting Module (ARM): Outlook Send Activity Report data truncated

  • EFT Client (Outbound): Negotiated protocol version for SSL/TLS outbound connections defaults to weaker versions if gap exists between selected versions

  • Event Rules: EFT is hanging and needs to be restarted to restore functionality

  • High Availability (HA): Server not displaying that HA cluster is being administered on another node as expected

  • PGP: Unable to decrypt ASCII-armored PGP file encrypted with BCPG v1.8.1.0

  • (WTC/Workspaces) The global search on Jument is throwing 404 error

  • (WTC/Workspaces) Creating a new workspace while uploading a large file will cancel the upload

  • (WTC/Workspaces) Unable to access WTC using CAC Authentication on an LDAP site

  • (WTC/Workspaces) Fixed issue of workspaces expiring immediately after upgrade

  • (WTC/Workspaces) Workspace link created from outlook add-in has the incorrect url

  • (WTC/Workspaces) Workspace Outlook add-in auto disables when using Integrated Windows Auth

  • (WTC/Workspaces) Workspaces Send breaks with IWA SSO

August 2017

Version 7.4.2

Aug 29, 2017

New Features

Administration interface

  • Added template for password reset confirmation email that is sent when user is unauthorized to reset password

Auditing and Reporting Module (ARM):

  • Add new option in EFT to log TED6 logs to the new table - default new option to false/off

COM Interface:

  • Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

  • Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

  • New COM APIs for Drop-Off controls

High Availability (HA):

  • Added Node Maintenance/Drain Mode. "Pause/drain" all sites on a single node to halt NEW incoming connections and event rule activity. Existing transfers and events in progress are allowed to resume/complete.

  • Added support for Autoscaling in AWS

  • Implemented TCP based communication for HA cluster messages and coherence as alternative communication method to multicast

  • Added configurable Auto-Restart of node after defined period of being "out of sync" and allotted "drain" time

Logging:

  • Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

Protocols - FTP/S:

  • Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

Protocols - SFTP:

  • Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

  • Added diffie-hellman-group-exchange-sha256 KEX

  • Added ability to select SFTP KEX algorithms through GUI and COM

SMTP:

  • Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

Web Interfaces

  • Web Transfer Client access is now included with HTTP/S functionality. Eliminated WTC Client Access License (CAL)

  • Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

  • Added administrative option to place newly invited Workspace participants in specific settings template

  • Added creation of Drop-Off link capability. External users can now send attachments to internal users, without having to create a EFT profile

  • Users can now reply to a message from Send/Drop-Off

Enhancements
  • PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

  • Now able to login with Admin accounts in AD Universal group in child domains

  • Configuration Restore dialog has been updated. Backup must be generated from EFT 7.3.3 or higher.

  • Find/Search in EFT doesn't search connection profiles

  • Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

  • Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

  • More clearly show the configuration state and current flag value of change password on first login

  • Clarified user Password Expiration, Reminder, and Notification Options

  • On installation, EFT should check the status of windows update KB2999226 to ensure criteria has been met.

  • Improved responsiveness when browsing directories containing many subfolders.

  • Removed SAT install files from EFT 7.4 Installer

Web Interfaces – Web Transfer Client (HTML5):

  • Updated French translation

  • Note about Web Transfer client access being disable needs to be removed or modifiable Workspaces

  • Updated Workspace Invitation Subject line to "You've been added to a workspace"

  • On upgrade from 7.2.x, Workspace notifications should be disabled

  • Where possible, Workspace owner’s full name is used for WS invites instead of their login name

  • Buttons available to Invited Workspace participants more clearly reflect the permissions granted to them

  • New participant of a workspace now lands to that particular shared folder and not at the home page of WTC

  • Workspace owner can now add additional participant(s) to a private workspace

Fixes
  • Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

  • EFT Password email reminders with AD Site did not trigger

  • When changing password for user through Admin GUI, force password option was being automatically enabled

  • EFT forcing users to change their password upon first log in

  • Renaming folders in VFS causes a loading indicator

  • EFT Standalone: User's last time connected was only being updated once per day

  • Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

  • Resolved Server crash scenario induced by vulnerability scanner Greenbone Security Assistant

  • Event Rules were not grayed out on SMB with no add on modules activated

  • Reference to Enterprise only features were available in EFT SMB reports

  • Resolved EFT Admin GUI crash after using the send Email test button

  • Settings Templates was no longer sorted alphabetically as of 7.3.3.21

  • Admin GUI did not retain setting for Password Expiration at user level

  • When changing password in admin interface, force password option was automatically checked

  • When modifying password expiration "Remind" option Apply button was greyed out.

  • Settings Template options did not properly display inherited options

  • Report is missing filters (Traffic - Protocolwise Connections (Summary)

  • Executive Summary Report data was being truncated

  • The text "hmtest" appeared in Event Rules Detailed report after the Description:

  • Admin Action report Change Originator column was being truncated

  • Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

  • Corrected scenario where certain user accounts were not able to authenticate if the account was renamedCouldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21

  • Custom password change responses were not working for LDAP sites

  • "IsFolderVirtual" COM method was no longer functioning in 7.3.5

  • Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

  • ICISite::SetWorkspace failed with MX error 7

  • Custom Command default execution timeout for newly created Custom Commands should be 30 seconds

  • User Account Disabled Rule did not function after upgrade to 7.3.3.21

  • Event Rule using FAST protocol to Download Files would fail if connection profile was used

  • Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

  • Corrected scenario of being unable to import Event Rules caused by unexpected config values

  • Event rules with comma character ',' in event rule name would fail when load balanced

  • When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

  • Upgrade installer asked to create an admin account instead of "Provide server administrator credentials"

  • Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

  • SSL/TLS logging for FTPS connections was not working

  • Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE

  • Addressed potential scenario of new PGP key not displaying correct expiration date

  • EFT responded to a quit command with an additional 0d 0a after version 7

  • Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file

  • Trailing spaces in SMTP host address would not resolve the address

  • User Credentials email had an erroneous = at end of username

  • Email notification for credentials contained an erroneous trailing =

  • Forgot password in WTC didn’t work if 2+ users shared an email address

  • WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled

  • WTC was not displaying password expiration reminder on login

  • While uploading a large file, occasionally received errors when trying to create folders or workspaces

  • Join with Smartcard button was improperly visible when connecting to CAC enabled site

  • Download button did not function the Max transfer speed option was enabled at the site level

  • Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal

  • Resolved issue of being unable to send files from the iFrame

  • Outlook Add-In functionality was not working in some instances

  • Private workspace owner was unable to add additional users to private workspaces

Version 7.3.7

Aug 01, 2017

New Features
  • Added template for password reset confirmation email that is sent when user is unauthorized to reset password

  • Added CIServerVersion COM interface which has single method GetServerVersion(host name, port) to return EFT COM version being used by server

  • Added ForceSynchronizeUser COM method to ICISite interface to allow synchronization of one specific user on an LDAP site

  • Added SSL/TLS logging for successful and failed connections to EFT.log. WARN if insecure or weak algorithm is used

  • Added option to disregard Modify Date/time command to prevent users from modifying date/timestamp of files.

  • Added option to disregard Modify Date/time to prevent users from modifying date/timestamp of files.

  • Added diffie-hellman-group-exchange-sha256 KEX

  • Added ability to select SFTP KEX algorithms through GUI and COM

  • Added registry override to prevent password reset confirmation email from being sent when user is unauthorized to reset password

  • Added advanced property so that associated Owner's email address is now displayed in the WS Invite FROM: field instead of EFT’s “FROM name” as configured in SMTP settings.

Enhancements
  • PCI DSS Violation warning now includes Workspace Send functionality if anonymous user option is enabled

  • Now able to login with Admin accounts in AD Universal group in child domains

  • Find/Search in EFT doesn't search connection profiles

  • Update Admin GUI to reflect new HSTS feature added when "Redirect plaintext HTTP to HTTPS" is enabled

  • Admin could be signed out of the GUI when loading a directory that is missing or unreachable. Timeout increased to 5 minutes when waiting for response.

  • Improved responsiveness when browsing directories containing many subfolders.

  • Updated webclient to version 1.3.0 build 10

  • (WTC) Updated French translation; Update French translation for word "Language"

  • (Workspaces) Updated Workspace Invitation Subject line to "You've been added to a workspace"

  • (Workspaces) On upgrade from 7.2.x, Workspace notifications should be disabled

  • (Workspaces) Where possible, Workspace owner’s full name is used for WS invites instead of their login name

Fixes
  • Fixed scenario of FTP.cfg file corruption if upgrading from 6.2 to +7.3 without making changes to config during upgrade process.

  • EFT Password email reminders with AD Site did not trigger

  • When changing password for user through Admin GUI, force password option was being automatically enabled

  • EFT forcing users to change their password upon first log in

  • Renaming folders in VFS causes a loading indicator

  • EFT Standalone: User's last time connected was only being updated once per day

  • Corrected rare crash scenario induced when modifying user IP Access list while logins are occurring

  • Event Rules were not grayed out on SMB with no add on modules activated

  • Reference to Enterprise only features were available in EFT SMB reports

  • Resolved EFT Admin GUI crash after using the send Email test button

  • Settings Templates was no longer sorted alphabetically as of 7.3.3.21

  • Admin GUI did not retain setting for Password Expiration at user level

  • When changing password in admin interface, force password option was automatically checked

  • When modifying password expiration "Remind" option Apply button was greyed out.

  • Settings Template options did not properly display inherited options

  • Report is missing filters (Traffic - Protocolwise Connections (Summary))

  • Executive Summary Report data was being truncated

  • The text "hmtest" appeared in Event Rules Detailed report after the Description:

  • Admin Action report Change Originator column was being truncated

  • Enabling "UseAuthManagerWithMultiStep" in the registry brute forced user accounts with radius disabled to use two factor authentication

  • Corrected scenario where certain user accounts were not able to authenticate if the account was renamed Authentication - LDAP:

  • Couldn’t query a group that has a user with a comma/apostrophe in the cn in 7.3.3.21

  • Custom password change responses were not working for LDAP sites

  • "IsFolderVirtual" COM method was no longer functioning in 7.3.5

  • Missing COM property ICIComplexPasswordSettings::RequireUnicodeInPassword

  • ICISite::SetWorkspace failed with MX error 7

  • Custom Command default execution timeout for newly created Custom Commands should be 30 seconds Event Rules:

  • User Account Disabled Rule did not function after upgrade to 7.3.3.21

  • Event Rule using FAST protocol to Download Files would fail if connection profile was used

  • Corrected scenario of being unable to export Event Rules caused by unexpected config values if upgrading from legacy EFT versions.

  • Corrected scenario of being unable to import Event Rules caused by unexpected config values

  • Event rules with comma character ',' in event rule name would fail when load balanced

  • When a user was created with COM method ForceSynchronizeUser to sync a single LDAP user, the user did not persist on reboot nor replicate to other HA nodes

  • Upgrade installer asked to create an admin account instead of "Provide server administrator credentials" Logging:

  • Reduced error level in EFT.log file for CFG.Read when loading FTP.bak upon fresh install of EFT

  • SSL/TLS logging for FTPS connections was not working

  • Reduced error level in EFT.log "resetting m_pSweepMsgHandler in StartSweep()" from ERROR to TRACE OpenPGP:

  • Addressed potential scenario of new PGP key not displaying correct expiration date

  • EFT responded to a quit command with an additional 0d 0a after version 7

  • Registry edit to support backslashes in pathnames for FTP did not work when specifying a specific file

  • Trailing spaces in SMTP host address would not resolve the address

  • User Credentials email had an erroneous = at end of username

  • WTC failed to properly load & fails file uploads/folder creation when EFT Admin permission "Show files and folders in list" was disabled

  • WTC was not displaying password expiration reminder on login

  • While uploading a large file, occasionally received errors when trying to create folders or workspaces

  • Join with Smartcard button was improperly visible when connecting to CAC enabled site

  • Occasionally would receive “PTWS is not found” error when trying to send a file from the Send Portal

  • Resolved issue of being unable to send files from the iFrame

  • Outlook Add-In functionality was not working in some instances

  • Private workspace owner was unable to add additional users to private workspaces

May 2017

Version 7.3.6

May 02, 2017

New Features
  • New Globalscape splash screen logo is displayed

  • (COM API) Added ICIServer Interface Property SMTPUseImplicitTLS

  • (COM API) Added ICIServer Interface Function SendTestEmail

  • Added support for Amazon AWS SNS and SQS as alternative to Multicast for HA clusters

  • Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.

  • Added support for Windows 2016

  • EFT.log entry for SSL version and cipher info as part of successful socket connection for FTPS and HTTPS

  • EFT.log entry on startup if FIPS is successfully initialized.

  • EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.

  • EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.

  • Added registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms

  • Added registry override (PGPCompressionMethod) to specify default compression algorithm

  • Add support for OCSP Stapling in EFT Server HTTPS Listener

  • Added SMTP over TLS/SSL

  • Added support for Gmail as an SMTP Server

  • Added SMTP test function

  • (Workspaces) Added ability to send (email) files out from within Workspaces

  • (Workspaces) Added pick-up (download) portal for received files.

Enhancements
  • F1 help has been updated to reflect new features.

  • Removed support for Windows 2008

  • EFT Server Enterprise and Standard:

  • Upgrade OpenSSL to 1.0.2k

  • Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747

  • Now able to add "Universal" Active Directory groups to EFT Administration

  • Improved WTC CAL warnings to be consistent across EFT.log, Admin GUI, and email

  • Trial Extension options are still available in EFT SMB after fully registered

  • Now able to resize the CTRL+F search window

  • Updated Server>Security page FIPS controls

  • (ARM) Exporting reports no longer re-runs the report from the source

  • (ARM) Event Rules table EventName now allows up to 250 characters

  • Improved the speed of the CNTAuthManager::GetUser method when pulling users from AD with large amount of users (>50k).

  • Improved AD group listing algorithm when pulling complex subgroup structure. Time taken to sync listing with 200 subgroups decreased from 240 seconds to 5 seconds.

  • Remove legacy behavior of caching IP address of last successfully connected host.

  • Greatly optimized the {FS.*} condition checking mechanism of Event Rule execution. FS condition checks now performed locally when possible instead of going out to file system.

  • Remote directory browser now works when using DMZ Gateway as a proxy.

  • Event Rule Import now matches Connection Profiles by NAME, not by GUID

  • Account Lockout Status now propagates to other HA nodes

  • Admin Last Login Time for HA is now only propagated to other nodes once per day

  • Modify PGP Encryption behavior to default to CAST5 encryption if registry override AutoSelectPGPCiphers is Off.

  • Check passphrase was taking too long. Has been optimized

  • Update SMTP test warning prompt to exclude '+' from an invalid character

  • (WTC) Full, unlimited access to WTC during evaluation period

  • (WTC) HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.

  • (WTC) Updated Jument webclient to version 1.3.0 build 5

  • (Workspaces) Tidy up default Workspace invite and verify email messages

  • (Workspaces) Redesigned view and management of Workspaces

  • (Workspaces) Support Workspaces unlimited license

  • (Workspaces) Site> Workspaces Outlook add-in (OAI) has been changed to Workspaces - Send

Fixes
  • Passwords were expiring based on the "remind x days prior to expiration" value

  • Used disk space counter was not adjusting properly in some instances

  • Event Rule Admin couldn’t properly remove site from Assigned to this server list

  • When creating an SFTP key using the wizard - Use this key pair as the default host key - was not checked by default

  • AdvancedProperty IgnoreNeverLoggedInLDAPUsers was no longer working after upgrade to 7.3.4.6

  • WTC Licenses with odd numbers were not converting on CAL upgrade

  • Fixed being unable to configure same name for Group and Settings template

  • Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)

  • Fixed rare scenario where configurations carried over from legacy EFT Server versions could cause the Settings template Max connections per user and Max transfer speed that were previously disabled to become enabled and set to 0 on upgrade.

  • Admin user was able to do Batch account management

  • Help -> About showed Acceleration License option when the Module is not available in SMB

  • WTC CAL registration was not accurately reported under Help>About

  • Updated the Help>About text for unlimited WTC licenses

  • Help -> About cuts off licensing information

  • User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.

  • User Account Admin interface window did not scale with the EFT Admin console

  • Event Rule Admins were denied ability to import event rules.

  • FIPS compliant SSH checkbox was available (but non-functional) even after EFT trial has expired

  • Updated all GUI references to FIPS Certified rather than FIPS Compliant

  • On occasion, when deleting event rules from EFT the EFT GUI would crash.

  • Trying to browse subfolders in Browse Remote File System dialog cause VFS to freeze.

  • Fixed scenario of being unable to remove SSL certificates from SSL Certificate Manager

  • Fixed erroneous message stating that SSL certificate will expire in 30 days if site SSL certificate was cleared out.

  • Admin user disconnected when testing a connection profile using DMZ Gateway as a proxy if retry intervals exceeded GUI timeout period.

  • (ARM) Scenario where EFT may crash/hang when PCI Compliance Report was being generated

  • Client (Outbound): Numerate fails when the initial file is 0KB

  • (COM API) ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP

  • (COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP

  • (COM API) ICIConnectedUser interface member TransferredSize does not return result for SFTP

  • Custom Command "Redirect output to clients" doesn't work properly when triggered by FTP protocol

  • Folder Monitor reconnection logic does not properly update FM's enabled state

  • Copy/Move action may not work correctly when custom credentials are used for Local transfers

  • Mitigated rare scenario where Folder Monitor may remove all worker threads

  • Fixed scenario where Folder Monitor with Trigger based on folder change notifications could be overwhelmed.

  • Fixed scenario of SMTP logger failing to record data information

  • Improved scenario where clients were receiving constant timeout errors when uploading files if event rule condition checks took a long time to complete.

  • (WTC) When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.

  • (WTC) WTC is not disabled after EFT trial has expired

  • (WTC) No feedback was given when permissions are denied to a folder

  • (WTC) Firefox version 50 uploads would sometimes fail

  • (WTC) Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions

  • (WTC) Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name

  • (WTC) Filter button was not properly highlighted

  • (WTC) Renaming was causing error in developer console

  • (Workspaces) When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed

  • (Workspaces) Workspaces licensing was showing 0 after upgrading to 7.3.4.6

  • (Workspaces) Workspaces shared folders were disappearing after upgrade from 7.3.0.3

  • (Workspaces) Renaming Workspace as owner failed to propagate to participants

  • (Workspaces) Workspace invitee was occasionally receiving 404 error upon logging in

Version 7.2.9

May 02, 2017

New Features
  • New globalscape splash screen logo is displayed

  • Added registry override (SendQUIT) that invokes QUIT command to be sent at completion of FTP/S transfers.

  • EFT.log entry for SSL version and cipher info as part of socket connection for FTPS and HTTPS

  • EFT.log entry on startup if FIPS is successfully initialized.

  • EFT.log entry if FIPS mode fails to initialize for any reason upon service startup and what steps are being taken to remedy.

  • EFT.log entry if FIPS mode fails to initialize after all attempts exhausted.

  • Add registry override (PGPEncryptingAlgorithm) to specify default encryption algorithms

  • Add registry override (AutoSelectPGPCompression) to default compression to ZIP

Enhancements
  • Upgrade OpenSSL to 1.0.2k

  • Upgraded to OpenSSL FIPS Object Module 2.0.10: NIST FIPS certificate #1747

  • Now able to add "Universal" Active Directory groups to EFT Administration

  • Trial Extension options are still available in EFT SMB after fully registered

  • Now able to resize the CTRL+F search window

  • Updated Server>Security page FIPS controls

  • Exporting reports no longer re-runs the report from the source

  • Remote directory browser does not work when using DMZ Gateway as a proxy.

  • Event Rule Import now matches Connection Profiles by NAME, not by GUID

  • Modify PGP Encryption behavior to default to CAST5 encryption if registry override

  • AutoSelectPGPCiphers is Off.

  • Check passphrase was taking too long. Has been optimized

  • Update SMTP test warning prompt to exclude '+' from an invalid character

  • Full, unlimited access to WTC during evaluation period

  • HTML caching removed. This allows Web Client page to be updated when accessed instead of forcing users to have to clear cache to see changes.

  • Updated Jument webclient to version 1.2.1 build 20

Fixes
  • Manual Registration for Workspaces with a seat count over 1,000 did show the correct # of licenses.

  • Used disk space counter was not adjusting properly in some instances

  • Event Rule Admin couldn’t properly remove site from Assigned to this server list

  • Admin user was able to do Batch account management (SMB)

  • WTC CAL registration was not accurately reported under Help>About

  • Updated the Help>About text for unlimited WTC licenses

  • Help -> About cuts off licensing information

  • User Admins was still showing Users as having an expiration date even after “Expire this account” was disabled.

  • User Account Admin interface window did not scale with the EFT Admin console

  • Event Rule Admins were denied ability to import event rules.

  • FIPS compliant SSH checkbox was available even after EFT trial has expired

  • Updated all GUI references to FIPS Certified rather than FIPS Compliant

  • On occasion, when deleting event rules from EFT the EFT GUI will crash.

  • Scenario where EFT may crash/hang when PCI Compliance Report was being generated

  • Numerate fails when the intial file is 0KB

  • ICIConnectedUser interface members DataConnection does not return result for HTTP/S or SFTP

  • ICIConnectedUser interface member TransferredSize does not return result for SFTP

  • ICIConnectedUser interface member FileName does not return result for SFTP

  • Custom command "Redirect output to clients" doesn't work properly when triggered by FTP protocol

  • Folder Monitor reconnection logic does not properly update FM's enabled state

  • When uploading a file via WTC client is able to upload a file that is bigger than the Max upload size limit if the chunk size is lower than the max upload size limit.

  • WTC is not disabled after EFT trial has expired

  • No feedback was given when permissions are denied to a folder

  • Firefox version 50 uploads would sometimes fail

  • Internal error was occurring upon attempt to move a file into a folder where AD user does not have upload permissions

  • Incorrect error message was displayed to the user when trying to create a folder with a space at the end of the folder name

  • Filter button was not properly highlighted

  • Renaming was causing error in developer console

  • When clicking an expired one time download link with authentication, will receive HTTP/1.1 412 Precondition Failed

  • Renaming Workspace as owner failed to propagate to participants

February 2017

Version 7.3.5

Feb 08, 2017

New Features
  • Added debug level logging setting for PGP through Admin User Interface

Enhancements
  • Upgraded Web Transfer Client (HTML5) to 1.3.0

  • Updated SSL certificate manager to use SHA2

Fixes
  • Fixed comment section when creating a workspace (improperly titled "Message" in prior build)

  • Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)

  • Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)

  • Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)

  • Fixed change password request to use the pre-configured domain (site connection settings)

  • Fixed issue when attempting to use SSL cert authentication with a null password

  • Fixed rolling of EFT.log when running a Command Action and the log size exceeds MaxFileSize

  • Fixed logging for failed upload/download over SFTP protocol

  • Fixed issue where EFT would convert a physical folder into a virtual folder when using the Active Directory profile as the users home folder

  • Fixed potential out-of-memory crash when network folder monitor receives a large number (20,000+) of files

  • Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)

  • Fixed report "Event Rules - Actions (Summary)" to allow Event Name field to support up to 250 characters

  • Fixed issue when attempting to change Active Directory passwords through the Web Transfer Client

  • Fixed GUI error message when using a specific multicast IP address (EFT Enterprise Only)

  • Fixed reporting of WTC CAL registration under Help>About

  • Fixed ability to save new password dictionary file when changing site settings

  • Improved ClientFileSystem locking for more granular FileLocker action

  • Fixed issue with Workspaces shared folders disappearing after upgrade from 7.3.0.3 to 7.3.3.21

  • Fixed issue with users unable to login after upgrading to 7.3.3.14

  • Fixed issue with guest Workspaces user unable to login after upgrade

Version 7.2.8

Feb 08, 2017

New Features
  • Added SFTP flow control improvements by RFC 4254

Enhancements
  • Upgraded Web Transfer Client (HTML5) to 1.2.1

  • Updated SSL certificate manager to use SHA2

Fixes
  • Fixed error when attempting to navigate folders after deleting multiple files in Web Transfer Client (HTML5)

  • Fixed language translation on left hand navigation pane in Web Transfer Client (HTML5)

  • Fixed default sorting of folder and file listings in Web Transfer Client (HTML5)

  • Fixed return value of inherit state of CCIClientSettings::GetForcePasswordResetOnInitialLogin

  • Fixed EX logs to properly report failed uploads for SFTP

  • Fixed error code in cl*.log to show correct error code when target host is unavailable

  • Fixed compatibility with Symantec DLP (EFT Enterprise only)

  • Fixed Invoke Web Service Action to properly URL Encode data (EFT Enterprise only)

  • Fixed issue of removing source files after compress action when using ZCompress format

  • Fixed issue with properly handling WTC licenses over 9,999 users

December 2016

Version 7.3.3

Dec 06, 2016

New Features
  • Added EFT Outlook Add-In and browser support for exchanging files in Workspaces

  • Added controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication - (EFT Enterprise only)

  • Added the Advanced Authentication module for EFT Enterprise

  • Added HTTP Strict Transport Security (HSTS)

  • Added new preconfigured reports

  • Added additional logging for CFileSystem object

  • Added auditing of the originating IP for load-balanced HTTP(S) connections as an Advanced property

  • Added new COM property that exposes "force password change upon first login" flag

  • Added additional logic to prevent admins from accidentally deleting the site home folder if a user has this set as home folder

  • Added additional logging when debugging

Enhancements
  • Updated Jquery version to 1.9.1

  • Updated OpenSSL library to 1.0.2j

  • Updated PGP library

  • Improved URL encoding function in ClientFTP

  • Improved performance of Admin UI when populating "Group Membership" tab

  • Improved password complexity warnings to end user

  • Optimized quick search feature in environments with large amount of users

  • Improved retry transfer logic over high latency networks

  • Updated odb version to 2.5.0 a11

Fixes
  • Fixed memory leak in FIPS SSL

  • Fixed error when trying to download files containing a comma

  • Fixed High CPU utilization with large volume of user connections

  • Fixed issue of having to re-apply permissions when changing the case of the SAMAccountName

  • Fixed Event rule settings where site paths without wildcards were using physical path vs virtual path

  • Fixed event timer issue of calculating the next run time at beginning of DST hour

  • Fixed alphabetically sorting of event rules within folders

  • Fixed dead lock in FTPS

  • Fixed issue of not reporting correct PASV port in the ex.log

  • Fixed issue where Admin GUI incorrectly restores the last selection when refreshing UI

  • Fixed issue of exporting event rules with stop-action set to "Stop processing this and more rules"

  • Fixed issue of downloading EFTClient.txt when using HTTP protocol

  • Fixed issue of editing comments at the Event rule folder level

  • Corrected GUI to properly show the inherited value of Account Security option as "Disable"

  • Fixed email notification to not truncate passwords that use " <v"

  • Fixed issue with restoring EFT Workspaces when restoring a backup

  • Fixed intermittent crash of Admin GUI when creating users from an EFT Admin remote GUI

  • Fixed compatibility with SFTP authentication and WingFTP 4.6.2 using Public key and Password authentication

  • Fixed intermittent Admin GUI crash on close

  • Fixed EFT service crash when site is deleted

  • Fixed reset password issue for external participant in LDAP site

  • Fixed Deadlock in EventRuleQueue in clustered EFT on server startup

  • Removed using FTP Auto mode for client transfers through DMZ gateway as SOCK5 proxy

  • Fixed issue of not showing failed event rule downloads using wildcards under the status tab of Admin UI

  • Fixed "Rest offset" command in FTP sessions

  • Fixed issue of accessing Ban IP address when large amount of IP addresses are configured

  • Fixed unhandled exception when backing up HA site

  • Fixed Mobile Transfer Client crash when attempting to use custom branded MTC

  • Fixed crash in HTTP session manager

  • Fixed DMZ crash when transferring files by FXP

  • Fixed folder monitor crash when transitioning back to event rule load balance master

  • Fixed issue where folder monitor event rule stopped after 1000 files were rejected by condition

  • Fixed ClientFTP retry logic after SSL_connect error

  • Fixed issue of removing source files after compress action when using ZCompress format

  • Fixed issue of large file uploads being reported as individual chunks.

  • Fixed Admin UI crash when working with virtual folder with bad alias name

  • Fixed issue where changes applied by user level admins did not save after server restart

  • Fixed change password issue through web client for ODBC sites

  • Fixed error messaging when user without upload permissions attempts to upload via the web client

  • Fixed reporting of large file uploads to display only one file entry versus individual chunks

  • Fixed issue of exporting PGP public keys with spaces between each line of the public key blob

August 2016

Version 7.3.2

Aug 30, 2016

New Features
  • Admin GUI warns users when they are close to or have exceeded number of CAL users

  • Auditing and Reporting Module (ARM):

  • Audit originating IP for load-balanced HTTP(S) connections

  • Changed Web Transfer Client licensing from concurrent base to client access license (CAL)

  • Webclient updated to 1.2.2 build 2

  • Warning Banner added to indicate if CAL is exceeded

Enhancements
  • Update SSL lib to 1.0.2h

Fixes:
  • EFT log erroneously reports “Error cfg.write can't save server settings”

  • EFT with DMZ crashes on begin transfer file by FXP

  • Crash in HTTP session manager

  • Crash in the CommandAccess internals when saving command execution results to log file

  • Administrator Interface (AI):

  • Failed Event Rule downloads using Wildcard do not appear in status tab

  • Windows 2012 R2: Admin GUI crashes with coredump.

  • When clicking on a help topic the software posts a script error

  • Admin GUI may crash on close

  • Admin GUI hang scenario when attempting to stop an FTPS event rule transfer

  • SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth

  • EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols

  • The Test Button on the Connection Profiles does not connect when using DMZ as Proxy

  • Event timer calculates the incorrect next run time at begin DST hour

  • "Rename transferred file to"-function is not working when destination file size/crc is equal to the original value

  • A folder monitor event rule stops invoking events after 1000 files are rejected by condition

  • MTC crashes the EFT Service when attempting to use a custom branding

July 2016

Version 7.2.4

Jul 05, 2016

New Features
  • (ARM) Audit originating IP for load-balanced HTTP(S) connections

  • Added configurable AdvancedProperties (“AutoSelecPGPCiphers”, “AutoSelectPGPMAC”), default to TRUE.

  • Added additional logging for CServer::Serialize method

Enhancements
  • Dramatically reduced the amount of Event Driven Changes that must be versioned and propagated when we handle ClientLoggedIn and ClienLogged events (Date granularity rather than time).

  • Improved interoperability issue with BouncyCastle

  • Update SSL lib to 1.0.2h

  • External participants in LDAP site Workspace are now able to reset password

Fixes
  • PASV Port utilized being logged incorrectly in ex.log

  • EFT does not properly log the last invalid login before auto ban via SFTP

  • Crash when deleting a Folder Monitor rule while event rule is being executed

  • Crash in the CommandAccess internals when saving command execution results to log file

  • EFT.log is flooded with an error when an FM folder is not accessible

  • Crash in HTTP session manager

  • Admin GUI hangs when attempting to stop an event rule transfer

  • Inherited value of Account Security setting is not properly displayed in the ST/user level

  • Remote user admins are running into runtime errors frequently

  • The EFT Admin interface keeps crashing under specific scenarios. Improved resilience.

  • If display text size is set to 125% or 150%, some options such as "next" and "finish" are pushed off and no longer visible. There appears to be scaling issue with larger text size enabled.

  • Cannot access the IP Ban list via remote admin, system locks out and says "Ban IP list not available"

  • Failed Event Rule downloads using Wildcard do not appear in status tab

  • Event rules are not alphabetically sorted in the event rule folder

  • Unable to open AWE task builder if file "EFT" exists in path of installation

  • GSAWE.exe process has a deadlock

  • AD/LDAP: Incorrect login names lock EFT up for a long time.

  • Unable to switch client's two-factor auth setting on PCI site

  • Complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process was causing a hang when done incorrectly.

  • Disallow using FTP Auto mode for client transfers through DMZ Gateway as SOCKS proxy

  • SFTP authentication failed when connecting to remote server running WingFTP 4.6.2 using Public Key+Password auth

  • "Rename transferred file to"-function is not working when destination file size/crc is equal to the original value

  • EFT Transfer Client does not use server-wide supported cipher list and protocol versions when retrieving remote listing over SSL-based protocols.

  • Unable to switch client's two-factor auth setting on PCI site via COM script

  • The Test Button on the Connection Profiles does not connect when using DMZ as Proxy

  • Unable to export event rules with stop-action set to "Stop processing this and more rules"

  • Cannot edit comments when event rules viewed through event rule folder

  • Event timer calculate wrong next run time at begin DST hour

  • EFT may crash when FM rule sweeps a folder and admin edits that rule.

  • Event Rule Load Balancer threads are blocking for extended periods of time.

  • High CPU usage with a lot of user connections

  • Deadlock occurrence during load balanced event rule startup.

  • Deadlock in EventRuleQueue in clustered EFT

  • When making changes to event rule comments via AI, the service hangs and the nodes get out of sync

  • Crash when stopping site on 1 node and trying to log into admin GUI

  • Crash on startup due to mixed HA status tracking

  • Event rules are being load balanced when they shouldn’t be

  • Unhandled exception while performing back up

  • MTC crashes the EFT Service when attempting to use a custom branding

  • If the PGP key name is more than ~30 characters it is cut off in the OpenPGP action dialog.

  • The “Enable Compression” button was non-functional and would always auto-select compression setting from the public key.

  • SSL FIPS subsystem breaks down disabling users from establishing SSL connections (HTTPS and FTPS)

  • Unable to download EFTClient.txt when using HTTP protocol

  • Specific characters are truncating EFT emails

  • The ChangePassword.htm file is always being served up from the web/public folder instead of the web/custom/<sitename> folder

April 2016

Version 7.3.0

Apr 25, 2016

Enhancements
  • Upgraded PGP library.

  • Protocols - FTP/S: Set default FTP "ReplaceBackslash" advanced property to true.

Fixes
  • Fixed issue where incorrect login names cause EFT to hang.

  • Fixed a potential EFT Service crash.

  • Corrected "Enterprise-only" Help references to Folder Monitor, Timer Event, and File Transfer Client.

  • Fixed display issues for proxy settings on Windows Server 2008 R2.

  • Fixed display issues for PGP key names greater than ~30 characters in the OpenPGP action dialog.

  • Relaxed field validation on proxy settings that aren't in use.

  • Fixed inability to switch client's two-factor auth setting on PCI site.

  • Fixed inability to switch client's two-factor auth setting on PCI site via COM script.

  • AD Auth, complex password expected. If simple password is used, user receives error message with no explanation of what went wrong and the process is causing a hang when done incorrectly.

  • Fixed event rule prioritization.

  • Fixed logic flow issues for File offload/download rules using Socks.

  • Fixed a potential crash associated with FM rule sweeping a folder while admin is editing the same rule.

  • Fixed a potential crash that occurs when deleting an FM rule while it's executing.

  • Fixed a deadlock in EventRuleQueue EFT HA.

  • Corrected erroneous event rule load balancing.

  • Fixed a potential HA node crash related to conflicting node statuses.

  • Fixed a potential EFT service crash for HA environments.

February 2016

Version 7.2.1

Feb 15, 2016

New Features
  • Added support for RSA-authenticated sites to also request user passwords in a two-step authentication model, enabled via registry

  • Added support for EFT COM Admin interface connections from 64-bit processes

  • Added context variables TRANSFER.RATE_KBPS, TRANSFER.BYTES, and TRANSFER.SECONDS to event rule actions

  • Added per-user, per-file metadata operations to Workspaces

  • Added expiration to Workspaces

  • Added administrative option to enable Workspace expiration

  • Added ability for Workspace creators to set an expiration date on WorkspacesAdded "On Workspace Expired" event

  • Added detailed auditing of file and folder operations within Workspaces

  • Added per-user, per-file metadata operations to Workspaces

  • Added ability through Event Rules to notify Workspace owner when a file is uploaded

  • Added Workspace notification email (templated) when adding participant via Admin console

  • Added context variable (and condition variable) WORKSPACE.OWNER_EMAIL to WS-related and FS-related events

  • Added handling for an OnTimer exception which caused the admin console to disconnect from EFT Server

  • Added support for Workspaces REST API 100-Continue header, per HTTP 1.1 specification

Enhancements
  • Improved performance with extremely large password dictionaries

  • Enabled scrolling to view full event rule descriptions

  • Improved performance of HA mode under high volume of login operations

  • Updated SSL libraries to latest stable release

  • Updated SSH HMACs to include SHA-256 and SHA-512

  • Improved performance of rendering contents of a folder that contains a large number (>500) subfolders.

  • Improved performance of searching within a folder that contains a large number (>500) subfolders.

  • Improved auditing and reporting of Workspaces activities

Fixes
  • Fixed a problem where permissions for a user were lost when changing the case of the SAMAccountName and had to be re-added

  • Fixed a problem where admin permissions were mistakenly removed

  • Fixed broken inheritance of permission groups for first logged in clients

  • Connection Profiles are now greyed out in SMB version

  • Fixed admin console crash occurring when refreshing the VFS tab

  • Fixed a problem where the admin console crashes upon site creation when the default template home folder setting is discarded

  • Fixed a problem where the home folder is incorrectly set to the previously used entry during user creation

  • Fixed an issue where right-clicking user\show VFS is not functioning properly in some environments

  • Fixed a problem where a user could not be deleted from a site if the server is not located in the first server group

  • Fixed an issue where, during manual module registration, the wizard becomes unresponsive

  • Fixed broken AWE task search functionality

  • Fixed a problem where the ARM connection test generated an error in the Windows Event Log

  • Fixed a bug where the COM method ICEventRule.SetHASchedulingParams seems to work for any event rule type and non-HA EFT installations

  • Fixed a problem where the ICIAutobanIPAccessRule.BannedIPs COM property shows as empty when the admin console shows addresses on the IP ban list.

  • Changed the event rule folder naming convention to follow that of event rules

  • Event rules are now alphabetically sorted in event rule folders

  • Fixed a bug where the apply option was not enabled at the event rule folder level when event rules were either enabled or disabled

  • Fixed an issue where timer rules skipped their scheduled execution time due to delays caused by the retry logic of ClientFTP

  • Corrected the display of comments for imported event rules

  • HA secondary nodes now verify that the ftp.cfg file can be found during install

  • Fixed a case where the backup list got an invalid value.

  • Disabled option to use local system accounts when in HA mode

  • No longer backing up all user data from site root for HA installations

  • Scheduled PGP decrypt/encrypt event rule settings must now be supplied with the full file path instead of just the virtual path

  • Fixed a problem where PGP private key passphrases were appearing in plain text in EFT.log

  • Fixed a problem where a site's max concurrent socket connections policy could be broken in high concurrency situations

  • Corrected an issue where SSL options were not being updated

  • SSL sessions are now being reused

  • Fixed the OPTS MLST feature (FTP/S)

  • Fix a problem where EFT was not returning any type of error When issuing an "ls" command on a non-existent directory

  • Made return codes for maximum Windows file path exceeded errors consistent in HTTP responses

  • HTTPS offload transfers always failed when connection timeout set to 0

  • Now greying out HTTP proxy setting when selecting SFTP protocol in the offload configuration wizard (event rule) since SFTP is only supported through Socks 5 proxies

  • Fixed a problem where generated SSL key files cannot be assigned as SFTP keys

  • Unified failure messages returned on failed SFTP authentication attempts to avoid user account enumeration

  • Disabled default use of diffie-hellman-group1-sha1 key exchange, now enabled only via registry

  • Fixed the file upload button on the tool bar

  • Fixed the folder upload button when running in Chrome

  • Fixed the filter button on the tool bar

  • Fixed an issue with the refresh button

  • Resend Workspace invitation will now work as expected

October 2015

Version 7.2.0

Oct 27, 2015

New Features
  • Added registry setting ExcludeVFolderInQuotaCalc to exclude virtual folders from quota calculations

  • Added event rule folders which support one level deep folder organization of event rules

  • Added connection profiles which allow definitions of host interfaces that can be referenced inside event rules

  • Added file/folder event rule actions (create, delete, rename)

  • Added compress/decompress event rule actions

  • Added "Invoke Web Service" event rule action

  • Added "If File Exists" event rule condition

  • Added event rule import/export capability

  • Added event rule change log to maintain modification history of event rules

  • Added new role "Event Rule Administrator" that can be granted access to specific event rules, AWE tasks, custom commands, and connection profiles

  • Added server credential verification in Offload events for validating SSL certs and/or SSH keys of remote servers

  • Added folder browse control within the offload action builder

  • Added enhanced event rule logging to allow logging targeting a specific site or rule

  • Added registry setting ExecuteTransferActionsInParallel enable/disable parallelization of all contiguous offload actions (upload/download/move)

  • Added restore for HA mode configurations allowing a restore from backup when running in HA mode

  • Added backup run-on node list for event rule load balancing

  • Added registry setting DisableEFSChecksForPCIReport to bypass EFS checks when running PCI DSS report

  • Added support for navigating directories via the browser’s back and forward buttons

  • Added the ability to be directly deposited into a specified directory via a link

  • Added support for viewing Workspace invitation statuses in the “Edit Workspace Participants” dialog

  • Added the ability to resend pending Workspace invitations from the “Edit Workspace Participants” dialog

  • Added text in the “Edit Workspace Participants” dialog to convey the fact that no users are collaborating in the Workspace for shared folders in which all collaborators have been removed

  • Added localization mechanisms to facilitate the custom addition of additional languages

  • Added German and Dutch translations

  • Added support for WCAG Guideline 1.1

  • Added a configuration file variable to disable CRC in the event upload verifications are not required

  • Added configuration file variables to specify custom default Workspace sharing permissions for user-initiated folder sharing

Enhancements
  • Improved performance of ODBC user synchronization process when there are many new users

  • (ARM)Improved speed of ARM queries used for time-range based reports

  • Redesigned WTC interface to enhance usability and aesthetics. All file and folder operations are now displayed in the newly added toolbar

  • Upgraded OpenSSL to fix a high severity vulnerability

  • Upgraded OpenPGP library to improve configuration flexibility and compatibility with other implementations

  • Made SFTP and FTPS logging consistent with previous EFT Server releases

  • Remove legacy behavior of caching the IP address of the last successfully connected host

Fixes
  • Fixed improper inheritance of initial password reset option

  • Fixed a problem where the EFT service hangs at startup and is unable to connect to the EFT console until after a restart

  • Fixed a problem where EFT was responding with “no such file or directory” when a “cd ..” command was performed on the root directory

  • Fixed a problem where EFT was not respecting the ReplaceExistingOnRename registry setting

  • Fixed a problem where negative “days remaining” was being sent to users in the expiration email reminder

  • Fixed a problem where logging in “change password” administrators are improperly shown the VFS view from the server tab

  • Fixed a problem where EFT Server crashes when authenticating a user with a DES style password

  • (AWE)Fixed a problem where the value of %FS.FILE_SIZE% was not maintained after executing an AWE command that deleted or removed the file from the source directory

  • (AWE)Fixed an issue where the Running AW Task limit was not being respected

  • (ARM)Fixed a problem where EFT was using an unsupported key length longer than 30 digits when creating an Oracle ARM database

  • (ARM)Fixed an issue where running reports via an event rule caused extreme memory usage and eventual crash of the EFT service

  • (ARM)Fixed a problem where relevant information was not being logged by the ARM queue stats logger

  • Fixed a problem where AD sites do not list the principal name of users if they login before EFT pulls users from the AD server

  • Fixed an issue where automatically creating a home folder for new LDAP users only worked if the site’s users had been synced

  • Fixed a problem where a LDAP user’s permissions were lost when the case of the user’s name was changed on the AD server

  • Fixed a problem where LDAP users can't change their password when a 389 Directory Server is used

  • Fixed a crash that occurred when removing users from an ODBC site

  • Fixed a problem where ODBC sites were allowing creation and authentication of usernames containing trailing spaces

  • Fixed a problem where existing users on an ODBC site could not be moved to a different settings template using either the Admin console or COM API

  • Fixed an issue where the provisioning of user accounts through EFT Server’s COM API was taking longer than it did in previous releases

  • Fixed a problem where the CISite.IsFolderVirtual COM method works incorrectly after a call to CISite.GetFolderList

  • Fixed a problem where the ICIFolderMonitorEventRuleParams::PollIntervalSeconds property could not be set with a value exceeding 9999

  • Fixed an issue where download actions incorrectly interpret destination paths when the file name is explicitly given using %SOURCE.FILE_NAME%

  • Removed spurious On User Account Disabled event triggers happening when users were deleted

  • Fixed an issue in the timer scheduler dialog where if “Every weekday” is selected, “Every X day(s)” will still affect the holiday/runtime calendar

  • Fixed a problem where the EFT service would crash when removing an event rule

  • Fixed a problem where folder sweep was crashing the EFT service when the rule was canceled during execution

  • Fixed an issue where starting nodes in clusters under high load would cause them to become out-of-sync

  • Fixed a problem where EFT Server deployed in a HA environment had excessive memory usage when experiencing a high user connect/disconnect rate

  • Fixed the double execution of Folder Monitor event rules under certain conditions when in HA mode

  • Fixed an issue where EFT Server was experiencing unusually high CPU usage in a clustered environment

  • Fixed deadlock occurring when EFT is deployed in a clustered environment

  • Fixed a problem where EFT was returning a zero exit code upon failure to access the shared configuration folder at startup which precluded a periodic restart/retry by the Service Control Manager

  • Fixed a problem where PGP decryption actions in a folder monitor rule were creating 0 length files if the file was encrypted with a different key

  • Fixed a problem where files encrypted by EFT Server when compression is enabled could not be decrypted by Ipswitch WS_FTP Professional 12.4.1

  • Fixed a problem where PGP keyring files were empty after upgrading from EFT 6.4.x/6.5.x

  • Fixed a problem where PGP encrypted files lack a reference to the original filename in the literal data packet

  • Fixed a problem where the EPSV command does not complete successfully when a client tries to connect to EFT Server through the DMZ Gateway

  • Fixed a problem where EFT fails to recognize FTP commands that use a double slash in the path reference

  • Fixed an issue where files being actively uploaded over SFTP could be viewed on disk over a separate FTP connection

  • Fixed issues with the FTP PASV port selection algorithm

  • Fixed a command socket race condition

  • Fixed a problem where EFT Server should have been reporting an error when attempting to download a file over FTP using an offset greater than the length of the file

  • Improved consistency of return codes when the maximum Windows file path length is exceeded in the HTTPS interface

  • Fixed a problem where event rules were creating 0 length files when unsuccessfully downloading over HTTP/S from Oracle and IIS HTTP/S servers

  • Fixed a problem where the status tab was incorrectly showing 0B and 0bps for files downloaded via HTTP/S event rules

  • Removed erroneous trailing slashes on folder names in SFTP PWD and CD requests

  • Fixed a problem where the "Preserve Remote timestamp for downloaded files" setting was not working for SFTP

  • Fixed a problem where severe memory fragmentation due to heavy SFTP load was causing EFT Server to crash

  • Fixed a problem where EFT was responding with the error "SFTP21 module was not initialized" for SFTP outbound connections

  • Fixed a memory leak in SFTP

  • Fixed an issue with inconsistent file sizes in the EX logs for files download through SFTP

  • Fixed an issue where SFTP was using local server time instead of UTC

  • Fixed an access denied error in the SAT send page that occurred when trying to send mail and the adhoc administrator is not a full administrator

  • Fixed a crash occurring when EFT was validating CSRF tokens

  • Fixed a problem where attempts to spoof the CSRF token could crash EFT

  • Fixed a problem where EFT was responding with "HTTP/1.1 412 Precondition Failed" when attempting to open remote files in the Java based WTC

  • Renamed the “Joined Workspaces” folder tree to “Shared with Me” to facilitate easier user recognition

  • Extra spaces are trimed from usernames when copying/pasting into the login page username field to avoid login errors

  • Fixed a problem with the WTC where prepending or appending a slash onto a folder name when creating it caused the listing pane to go blank

  • Fixed an issue where new workspace invitees were redirected to a 404 error page when the initial password reset option is on

  • Fixed an issue where renamed Workspace folders failed to display the updated folder name in collaborators’ views

  • Increased the AJAX timeout limit to 4 minutes to lessen the likelihood of errors during large file uploads

  • Fixed an issue where the UI would only partially render when logging in under certain conditions

  • Improved formatting for improperly-handled transfer pane errors

  • Resolved an issue where users would temporarily see Workspaces elements even when the feature was disabled

  • Fixed an issue where users removed from a Workspace would still appear in the “Edit Workspace Participants” dialog

  • Fixed an issue where uploads of 0-byte files failed the verification process

  • Fixed an issue where spaces in file names where replaced with “%20” encoding when uploading via Safari

  • Fixed an issue where the sharing banner failed to appear when creating a Workspace from within the directory

  • Resolved an issue where the transfer pane queue tabs failed to expand and collapse under certain conditions

  • Fixed an issue where global search terms were retained as a file list filter after disabling global search and failed to show in the search bar

  • Fixed an issue where uploads interrupted manually or due to a network interruption required manual user intervention upon resume

  • Fixed an issue where a timeout would occur with an upload in progress

  • Resolved an issue where the layout would break if the user’s password was nearing expiration

  • Fixed an issue where the multiple file download feature failed to download all files for selections in excess of approximately 75 items

  • Addressed a cross-site scripting vulnerability in the folder creation modal

  • Fixed a problem where IE8 and IE9 were not able to use single click URLs to download or save files

  • Fixed site specific workspace invitation templates

Version 7.1.5
Oct 23, 2015
New Features
  • Added Advanced Property to ignore virtual folders during quota calculation

Enhancements
  • Improved CPU usage

  • Restored reference to original filename in literal data packet

  • Corrected connectivity issue related to port used for data connection in PORT mode

Fixes
  • Fixed enforcement of running task limit

  • Fixed key length problem in Oracle database implementation

  • Removed capability of creating users with trailing spaces following their username (ODBC)

  • Fixed bug in ODBC that disallowed moving users between Settings Templates

  • Remediated potential service crash due to corrupted buffers in Folder Monitor

  • Remediated potential service crash during Event Rule removal

  • Fixed service crash due to internal race condition

  • Fixed potential crash upon admin connection related to empty permission list in root site folder

  • Fixed logging inconsistencies between EFT 6.5 and EFT 7

  • Fixed broken inheritance from Settings Template to User-level “Force users to change their first-time password…” setting

  • Fixed EPSV command problems over DMZ Gateway

  • Restored support for commands preceded by double slash

  • Fixed occasional data socket failures in PASV mode

  • Fixed inconsistent file sizes in the EX logs when downloading files

  • Restored 0 byte upload logging

  • Fixed bug where local server time was being used instead of UTC

  • Fixed potential crash during CSRF token evaluation

  • Fixed server crash related to Opera and other browsers connecting

  • Fixed UTF8 encoding of filename in uploads from IE11

  • Fixed browser sticking during upload verification on moved file

  • Fixed broken page displayed when password expiration was enabled

  • Improved skip / overwrite prompt

  • Fixed redirect for 404 on Workspace invitations when initial password reset option is ON

  • Fixed forwarding when WTC is disabled for a particular user

July 2015

Version 7.1.3

Jul 22, 2015

Enhancements
  • Upgraded OpenSSL to mitigate vulnerability CVE-2015-1793: https://www.openssl.org/news/vulnerabilities.html#2015-1793

  • Improved resilience to loss of HA Mastership

  • Improved recovery from scenario where no node is master

  • Updated OpenPGP to latest /n software libraries

Fixes
  • Decrypting PGP files with folder monitoring created 0kb files if the PGP file was encrypted with a different key

  • Corrected potential deadlock in clustered environment.

  • Fixed bug where PGP encryption algorithm was set to AES128 regardless of the public key cipher used.

  • Fixed a scenario where Ipswitch WS_FTP Professional 12.4.1 failed to decrypt files encrypted by EFT Server 7.0.x with compression enabled.

  • Alleviated potential for PGP keyring files to become empty after upgrading to EFT 7.x from EFT 6.4.x/6.5.x

  • Fixed an issue where SSL Compatibility Allowed Versions would be changed during SMB to Enterprise upgrades.

  • Corrected EFT service crash scenario when specific HTTP/S client connected.

  • Eliminated memory leak scenario in SFTP.

June 2015

Version 7.1.2

Jun 24, 2015

New Features
  • Added registry value for "SFTPProcessThreadStackSize" and changed default stack size to 512Kb

  • Added a boolean AdvancedProperty to bypass EFS Checks when running PCI DSS report

  • Added support for SHA-512 passwords over FTP

Enhancements
  • Improved performance of VFS management

  • Improved search function in Admin UI

  • Mitigated hang in Status Viewer when connected to ARM database

  • Improved performance for ODBC synchronization

  • Improved Move/Copy action error code accuracy

  • Reduce CPU utilization with large volume of user connections on HA EFT cluster

  • Improved startup synchronization for clusters under high load

  • Improved CPU utilization during CreateWorkspace request

  • Expand support SHA-512 hashed passwords to HA mode

Fixes
  • Fixed server hang at startup requiring service restart to connect to Admin UI

  • Fixed manual registration

  • Revoked site admin permission to retrieve ARM password via COM

  • Fixed issues during account creation on AD sites set to use User Principal Name

  • Automatically create home folder for new users even when LDAP hasn't been synced

  • Fixed date parsing in ClientFTP LIST command for AS/400-like servers

  • Corrected ClientFTP port selection in active mode

  • Addressed client connection failures

  • Fixed CISite.IsFolderVirtual behavior after call to CISite.GetFolderList

  • Addressed Folder Monitor double executions

  • Fixed registry override to replace a folder/file with the same name

  • Stop caching IP address of last successfully connected host

March 2015

Version 7.1.0

Mar 02, 2015

New Features
  • Added EFT Workspaces, a collaboration tool to allow users to easily share files and folders

  • Added mechanism for importing accounts with SHA-512-hashed passwords

  • Added advanced property for controlling HTTP request type for CIC actions

  • Added wildcard support for CIC actions

  • Added controls for users to share folders as Workspaces and control participants' permissions

  • Created a registration page for users invited to participate in Workspaces

  • Added multi-file download option

  • Added ex logging for HTML5 client uploads

Enhancements
  • Changed default report type from HTML to PDF

  • Improved performance of VFS management

  • Improved feedback on AJAX request problems when they occur

  • Improved feedback for failed upload verifications

  • Improved Ctrl+F "Search" function

  • Improved accuracy of HA node status tab

Fixes
  • Removed redundant Windows event log error for EFT 7 trial expiration

  • Fixed bug where email notification reminder is sent despite option being disabled

  • Resolved a performance issue where the Transfer Engine was requesting too much information when connecting to Admin Interface

  • Fixed GUI bug where VFS Tab was not jumping to usernames when trying to add a user

  • Corrected virtual folder display problems in Admin InterfaceFixed broken filters for “AS2 – Transaction Overview” report

  • Corrected entries for ReportPort and LocalPort in tbl_Authentications

  • Fixed bug where home folder was created and replaced on first login despite already being configured

  • (AS2, Enterprise only) Resolved an error generated every time the user DB is refreshed: "Remap user's home directory failed: client home directory is root"

  • Fixed a bug that occasionally caused EFT 7.0.3.10 to crash when removing users from an ODBC site

  • Restored COM API change password functionality

  • Fixed SSHFIPSEnabled COM method, which was interacting with the SSL settings rather than SSH settings

  • Fixed issue where CIC Report contained truncated x-header information

  • Cleaned up horizontal scroll appearance mechanism in CIC before it's needed

  • Fixed a potential EFT crash in event rule execution

  • Restored event rule e-mail override functionality

  • Fixed service crash triggered by FM event rule removal during folder sweep

  • Fixed bug where Folder Monitor always followed synchronous logic flow

  • Fixed bug where custom commands' "if action failed" block wasn't being triggered

  • Addressed an issue where HA Folder monitor rules could sometimes runs twice

  • Fixed loss of custom account details on 6.5 to 7.0 upgrade

  • Restored population of %FS.PATH% and %FS.VIRTUAL_PATH% context variables from Mail Express transactions

  • Fixed bug where 0KB files were not deleted in PGP event rules

  • Corrected change in ex.log entries FTP/S and SFTP paths were no longer relative to the root

  • Restored trailing slash for FTP PWD

  • Removed redundant slash from FTP paths

  • Fixed bug where EFT Client FTP was choosing the wrong port in active mode

  • Fixed Client FTP parsing issues for "LIST" command on AS/400-like servers

  • Fixed bug where "local server time" was not being used

  • Resolved EFT crash related to processing invalid MLST command

  • Fixed issue where 'SIZE /' returns 501 rather than '550 - File not found'

  • Made uniform return codes when maximum Windows File Path is exceeded in HTTPS

  • Fixed vulnerability in SFTP due to out of memory crash

  • Restored "Preserve Remote timestamp for downloaded files" functionality for SFTP

  • Removed erroneous "folder not found" SFTP errors from status tab

  • Fixed a bug preventing generated SSL Key file being assigned as SFTP key

  • Restored logging for 0 byte uploads over SFTP

  • Re-enabled use of backslash when changing directories with SFTP

  • Restored On File Upload event rule trigger for zero byte SFTP uploads

  • Removed extra comma in SSH_MSG_KEXINIT exchange when last cipher and MAC were not selected

  • Fixed bug where EFT would disallow HEAD requests for users without Download permission

  • Re-enabled CRC verification where it wouldn't work with EFS enabled

  • Web Interfaces – Web Transfer Client (Java)

  • Fixed WTC Java password change redirection to return to WTC Java instead of HTML5 client

  • Stopped app from timing out during long uploads

  • Fixed display issue with UTF-8 characters in Internet Explorer

  • Restored file upload functionality for WTC Basic in Internet Explorer

October 2014

Version 7.0.3, R2

Oct 24, 2014

Enhancements
  • Updated PCI report for PCI DSS by adding SSLv3 protocol checking to section 4.1 that will prompt a warning

  • Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities

  • Set SSLv3 to off by default for new installations in response to POODLE vulnerability

  • Updated non-FIPS OpenSSL library to OpenSSL 0.9.8zc in response to recent OpenSSL vulnerabilities

  • Set SSLv3 to off by default for new installations in response to POODLE vulnerability

Version 7.0.3 R1

Mon, 10/13/2014

New Features
  • Added Content Integrity Control module and Event Rule action

  • Added AD and LDAP support in high availability installations

  • Added default Event Rule load balancing settings for active-active clusters

  • Added cluster information to Status tab for active-active cluster nodes

  • Added ability to refresh and keep user logged in

  • Added an indicator to illustrate that Global Search is "loading" when enabled

  • Added simple mechanism for issuing a Terms & Conditions acceptance dialog to end users

  • Enabled the "If Using Web Transfer Client" condition in EFT's Event Rules for the HTML5 WTC

  • Enabled On File Upload for HTML5 WTC

  • Enabled On Verified File Upload for HTML5 Advanced WTC

  • Enabled uploads of large files, with up to 20GB tested

Enhancements
  • Changed Single-click URLs and single sign-on to use the HTML5 WTC instead of the Java WTC

  • Created an upgrader to facilitate upgrading the WTC without upgrading EFT

  • Improved performance of uploads in all supported browsers

  • Removed notification in "basic" HTML5 WTC that previously alerted users no licenses were available

  • Improved performance of RESTORE operation

Fixes
  • Fixed issue where invalid home folder path results in corrupt ftp.cfg when upgrading from 6.5 to 7.x

  • Fixed a problem where adding users to a newly created Permission Groups fails with a message "Operation Failed"

  • Fixed an issue where "Show VFS Home folder" command not working for virtual folders

  • Fixed a problem where EFT 7.0 fails to load a 6.4 configuration on upgrade

  • Disabled "Create User Group" option for user-level admins

  • Fixed a problem where config backup wouldn't gracefully disconnect admin during backup

  • Fixed a problem where EFT logged every connect/disconnect to the server

  • Fixed a problem where "Browse VFS" dialog returned wrong path results in "Access Denied" message box

  • Fixed problem where renamed permission group fails to propagate new name to Folder Permissions list in VFS Tab

  • Fixed a problem where EFT logged that it was serializing the EFT.cfg file upon every client connect

  • Fixed a problem where SSH Server would not throttle bandwidth for connecting clients

  • Restored ability to Delete/Modify virtual folder in EFT VFS when physically deleted or inaccessible

  • Fixed a problem where a “User Admin” or “Change Password Admin” disabling a single account caused EFT to mark all user accounts the admin has access to as Updated

  • Fixed a problem where a new user's home folder is set to "/" even when "Automatically create a home folder for new users" is not selected

  • Fixed a GUI crash caused by an admin level "User" being unable to access VFS

  • Fixed Help> About of MTC Registration where it previously showed 0 licenses

  • Fixed an issue where under certain conditions expanding a node in the VFS Folder tree displays a persistent hourglass node with the text "Loading" that requires further interaction before going away

  • Fixed an issue where UI doesn't update properly when switching between settings templates and users

  • Fixed formatting error in Security Failed Logins report

  • Fixed a problem where upgrading to EFT 7 caused "Activity - By File Report" to not return files that were uploaded and then processed with "File Uploaded" event rule

  • Addressed cases where ARM failed to audit the parameters of some event actions

  • Fixed issue where AD Accounts in a child domain cannot connect to EFT over SFTP, while other protocols worked correctly

  • Fixed special character handling for AD Auth site's Domain and Group fields

  • Fixed issue where upgrades involving AD Sites with virtual directories broke user folder permissions

  • Fixed issue where AD physical home folder assignments had changed in 7.0

  • Fixed a problem where AD user accounts didn't update on service restart in HA mode

  • Fixed an issue where AD Password Expiration notifications were sent when corresponding feature was disabled by default

  • Fixed timeout when creating AD Sites with 150K + users

  • Fixed LDAP issues when poorly connected/low performance server was in use

  • Fixed reduction of ODBC synchronization process performance

  • Fixed a problem where CreateUserEx call for an ODBC site is 3-4x slower on average compared to 6.5

  • Fixed an issue where site admins could obtain ARM password via COM

  • Improved usability of event rule function: rule.GetHASchedulingParams()

  • Removed ability to add a non-existent AWE task to an event rule

  • Fixed a problem where Download actions did not work if username length is 40 or more characters and used mask in source path.

  • Fixed a problem where FM failed to move all files in HA configurations

  • Fixed an issue with "Monthly" and "Yearly" timers not working correctly in 7.0

  • Addressed a problem where scheduled event rules periodically stop working after upgrading to EFT 7

  • Fixed an issue where failure to deliver event is not being logged

  • Fixed a problem where event rules weren't executing on fully qualified domain names

  • Addressed scenario where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message

  • Fixed a problem where an event rule couldn't utilise the Settings Template condition

  • Fixed issue where additional items were added to the registry after a backup & restore

  • Fixed node name in error message when opening up a 2nd Admin console in an HA environment

  • Fixed a problem where Certificate Signing Utility returned "Error. Request not signed." error

  • Corrected issue where literal 'CWD ..' while in the root folder will return 501 syntax error

  • Added filenames and corrected incorrect port number in u_ex log file

  • Corrected issue where "ls filename" command responds with a 550 permission denied message

  • Fixed issue where incorrectly configured FTP port range heavily raised CPU usage and broke passive mode with no errors

  • Restored ability to use backslash when changing directories with FTP

  • Fixed a problem where Rename Transferred Files option does not work in event rules over SFTP

  • Fixed issue where tbl_Protocol_commands does not record creation of Folders from WTC when folders are copied

  • Restored Web Session Timeout registry override units to minutes (6.5) instead of seconds (7.0)

  • Fixed a problem where HTTP redirection to built-in pages (login, change password, etc.) failed to work behind NLB or WAF even when X-ORIGINAL-PROTOCOL: https was used

  • Fixed problem where users are unable to create new folders using PTC upon initial login

August 2014

Version 7.0.1

Aug 11, 2014

New Features
  • Added HTTP CRC calculation logging

Enhancements
  • Improved performance of restore operation

  • Improved Backup Configuration performance and stability

  • (WTC/Workspaces) Upgraded Jument to 1.0.1 build 3

  • New text for login error on Web interface

Fixes
  • Fixed a bug where EFT would send AD Password Expiration notifications when corresponding feature should be disabled by default

  • Fixed a problem where EFT logged sensitive information to EFT.log in specific cases

  • Fixed a memory leak related to FIPS SSL

  • Fixed a bug where ARM failed to audit the parameters of some event actions

  • Addressed a scenario that caused a failure to upgrade Oracle database

  • Fixed a bug related to new user creation, where the home folder for the user was automatically assigned to be / even when "Automatically create a home folder for new users" was not selected.

  • Addressed a scenario where EFT may crash in high load when ODBC authentication is used.

  • Refined usability of event rule function: rule.GetHASchedulingParams()

  • Addressed EFT hang during DMZ use.

  • Addressed issue where enabling Event Rules via the Event Rules parent node caused "Operation failed." error message.

  • (AS2, Enterprise only) Fixed issue where testing an AS2 connection via a proxy when a DMZ server is offline would cause the GUI to timeout.

  • Refined behavior of Restore from Backup button in the new site wizard to operate intuitively.

  • Corrected issue where EFT incorrectly balanced FM events with long file names

  • Addressed crash in HA when deleting HA timer rule

  • Addressed scenarios where EFT 7.0 may fail to upgrade from 6.5 when a client had incorrect home folder

  • Fixed EFT service memory leak and crash while using literal site command to call custom command via FTP protocol

  • Fixed EFT service crash when using literal X-CRC command

  • Fixed bug where SFTP created incorrect folder listing which may cause problems for some SFTP clients.

  • Fixed bug where Web Services was not accessible via web browser. 404 returned.

  • Corrected HTTP redirection to built-in pages (login, change password, etc.).

  • Refined per-Site customization of Web interfaces to work as expected

June 2014

Version 7.0.0

Jul 03, 2014

New Features
  • Added High Availability (HA) mode of operation for active-active failover and load balancing without requiring Windows Clustering Services nor Veritas Clustering

  • Added support for High Availability configuration

  • Added High Availability reports to group output by cluster node performing the activity

  • Added support for HA installation mode, including enabling required Windows features to support message queuing

  • Provided command line installation options for HA configuration

  • Added support for load balancing Folder Monitor and Timer event rules in HA mode

  • Added new HTML5-based Web Transfer Client to provide similar functionality to Java applet with fewer deployment problems

  • Added self-healing ARM connections

  • Added end time to ARM database to record when an event action stopped in addition to its start time, which had already been recorded

  • Provided command line installation options for serial number (activation) entry

Enhancements
  • Updated OpenSSL library to version 0.9.8za

  • Updated OpenPGP library

  • Enable Large Address Aware feature so that EFT Service process can access up to 4GB memory

  • Updated password hashing mechanism to use salted, iterated PBKDF generation to improve security

  • Updated PCI/DSS module to audit compliance with PCI DSS v3

  • Improved skipped file handling during Event Rule Offload action

  • Improved CRC checksum calculations efficiency for files on high latency links to network share

  • Increased default ARM queue size to 1000

  • Improved handling of asynchronous Custom Command and AWE Task execution for deterministic, reliable behavior under load

Fixes
  • Fixed scenario where a Folder Monitor rule set to trigger with both ‘Folder Change Notification’ and 'Folder Sweep' turned on may stop processing new files.

  • Updated GUID generation to use sequential GUIDs to reduce index page fragmentation

For version 6.5 and earlier, refer to the EFT Enterprise release notes.

Back to Globalscape Products