LF

# 22 TOP TIP

for Globalscape EFT Server

Scales - comparing EFT Express and EFT Enterprise

This top tip helps you compare EFT Express and EFT Enterprise, so you can identify which is the best solution for your business requirements.

EFT comes in two main variants, EFT Express and EFT Enterprise. While both are written on the same code base and look nearly the same, EFT Enterprise offers some extra features and modules.

How do I tell if I have EFT Express?

The easiest way to tell if you are using EFT Express or EFT Enterprise is to look at the “help” menu in the administration application. If you see an option to register the SFTP or HTTPS modules then you have EFT Express. If you can see an option to register the Advanced Workflow Engine, you have EFT Enterprise.

Modules

You can add many of the same modules to EFT Express as you can to the Enterprise option. The Auditing and Reporting Module (ARM), DMZ Gateway, PGP Module and Workspaces are all available for both and work the same way.

Some modules are only available to EFT Enterprise: AS2, the Advanced Workflow Engine (AWE) and Accelerate.

The Advanced Security Module (ASM) for EFT Enterprise is an extension of the Express Security Module (ESM). It includes advanced authentication options via RADIUS and SAML and ICAP integration for antivirus and DLP solutions.

Other features

There are some other features that form part of EFT Enterprise, which do not require any additional modules: Authenticating users against another domain; Backup / restore of the configuration; Writing messages to the windows event log; Automated clean-up of old files in a folder, among others.

Authenticating users

While EFT Express can authenticate users against an AD Server, the server needs to be a part of that AD. If you need to read authenticate against another domain – or if your server is not in a domain or you use a different Directory service such as OpenLDAP – then you would need to use LDAP authentication. This is only available on EFT Enterprise. Again, multi-factor authentication is only available on Enterprise via the Advanced Security Module.

Backup / restore configuration

Backing up an EFT Express server is quite simply done by backing up the contents of the configuration file. You have to do this when the EFT server is stopped though, because that is when EFT saves its configuration file. This is not always practical. With EFT Enterprise, all configuration files can be backed up without interrupting the EFT service. You do this by either using an event rule or choosing an option in the administration application.

Activity alerts

EFT Express relies on sending email messages to alert users when activities happen. Eg: A certain user uploads a file, a file transfer has failed etc. While this is very useful, it is not as easy to integrate into monitoring solutions such as SolarWinds. If you already have a monitoring solution looking at the health of your server OS, then EFT Enterprise can write to the Windows Event Log as a part of an event rule with a customisable ID and priority. This can be used by the monitoring application to log or alert when an EFT action happens. Some of our customers use this to alert when business critical transfers fail or when key users login for billing purposes.

Clean-up

Automated clean-up is becoming an increasingly important feature in MFT. This is because it helps keep your system GDPR compliant by removing old personal data. It is not available in EFT Express, but Enterprise can be configured as a part of a scheduled rule – eg: to remove all files that have been on the server for more than a specified number of days. If this is used in combination with Data Wiping to overwrite the file on the disk, your system should only contain files that are actively needed and old data will not hang around unnecessarily.

Delegated administration

EFT Enterprise allows you to assign sub-administrator accounts with a very specific subset of permissions. This can be used for managing EFT, COM, Site(s), Settings Templates, user accounts, user passwords and reports. Sub-administrator permissions are set via a series of controls on the server’s Administration tab.

An example use-case would be allowing help-desk staff to create user accounts, without risking them accidentally making changes to EFT, or accessing engineering and marketing group accounts.

Delegated administration allows you to create one or more sub-administrator account(s) with access to user accounts management only. You can use templates to house marketing, engineering, and other department accounts. This will further limit the sub-administrators to only access accounts for departments they are authorised to manage. Each of the sub accounts can also be authorised or denied access to COM and/or Auditing and Reporting.

In addition to the Server and Site Admin roles available in Express, Enterprise offers Event Rule Admin, Template Setting Admin, User Admin and Change Passwords Admin to reflect common support roles in a larger organisation.

Web services

In EFT Enterprise, the Web Service allows you to initiate EFT workflow from an external application such as an enterprise scheduler. To access Web Service you need authentication with a COM-enabled Server Administrator account. Requests to any /WebService URL are logged to the text log and ARM database. EFT supports both POST and GET HTTP requests to “/WebService/InvokeEventRule” with two parameters “EventRuleName” and “EventParams” and triggers an Event Rule that is specified in the “EventName.” The Web Service supports the REST invocation model, supporting both POST and GET methods for invocation.

Additional automation functionality

Users might upload or download files that need to be compressed (eg: zipped) or decompressed (eg: unzipped) before transferring. With the Compress/Decompress Action, you can compress/decompress the following formats: ZIP, 7Zip, GZip, BZip2, Tar, Tar and GZIP, and ZCompress. This action can be included in Event Rules.

EFT Express’ automation capabilities can be extended with Timer Module, File Transfer Client and Folder Monitor.

Conditional logic is only available on EFT Enterprise. The Else clause, for example, executes if the condition preceding the Else statement is not met. You can also generate context variable conditions based on a specified string.

High availability (HA)

Both EFT Express and EFT Enterprise offer an active:passive configuration.

EFT Enterprise with HA can:

  • Maintain availability through any planned or unplanned outage
  • Increase stability and flexibility by implementing multiple nodes of EFT Enterprise for load balancing
  • Enhance throughput and better meet important SLAs by deploying multiple nodes of EFT Enterprise to allow the collective environment to use more available resources
  • Improve scalability with the ability to share common configurations across nodes, eliminating the challenge of having multiple servers set up with different configurations
EFT Enterprise’s active-active deployment provides HA using multiple instances of EFT Enterprise and a load balancer for non-stop availability of your network. And unlike active-passive failover clusters, all of the nodes in EFT Enterprise’s active-active deployment are put to work in production. There is no standby hardware and no clustering software. Globalscape does not provide the load balancer, but is compatible with most major load balancers and is a member of the F5® Technology Alliance Program.

Cloud connector

EFT Version 7.4.7 brings the Cloud Connector capabilities for all EFT Enterprise customers. These include automatically copying/moving files to cloud storage as they arrive, setting timer rules to download files from cloud and native integration with Amazon S3, Azure blobs and other cloud storage.

Mobile Transfer Client

Mobile Transfer Clients are available for EFT Express users but are now included in EFT Enterprise as standard. The app is available for both iOS and Android phones and tablets and ensures security controls over files being uploaded, downloaded and shared via the device.
 

Find out more in the EFT Express – Enterprise comparison data sheet.

Upgrading EFT Express to Enterprise is a simple process taking less than half an hour in most cases. All existing user data and account information is retained.

If you would like to discuss whether your business requirements are better suited to EFT Express or Enterprise, please get in touch.