LF

Compare EFT Express and EFT Enterprise

#36 TOP TIP

This top tip helps you compare EFT Express and EFT Enterprise, so you can identify the best solution for your requirements.

EFT (Enhanced File Transfer) now comes in three main variants: EFT Express, EFT Enterprise and EFT Arcus. While all are written on the same code base and look nearly the same, EFT Enterprise offers some extra features and modules that aren’t available with EFT Express. EFT Arcus is the cloud version of EFT Enterprise – find out more here.

How do I tell if I have EFT Express or Enterprise?

The easiest way to tell if you are using EFT Express, EFT Enterprise or EFT Arcus is to launch your EFT admin GUI and look at the splash screen. If already inside the EFT Admin GUI, look at the title bar at the top, or visit the help/about section.

Modules

You can add many of the same modules to EFT Express as you can to EFT Enterprise. The Auditing and Reporting Module (ARM), DMZ Gateway, PGP Module and Workspaces are all available for both solutions and work the same way.

Some modules are only available to EFT Enterprise:

  • AS2
  • Advanced Workflow Engine (AWE)
  • Accelerate

The Express Security Module (ESM) for EFT Express includes many, but not all, of the features that the Advanced Security Module (ASM) for EFT Enterprise provides. The latter includes advanced authentication options via RADIUS and SAML. Previously ICAP integration for antivirus and DLP solutions was a differentiating factor. However, in the latest release, ESM also offers ICAP support for the first time.

Other features

There are some less obvious features included in EFT Enterprise as standard, which would require additional modules or complex scripting and workarounds in EFT Express. These include: authenticating users against another domain; backup / restore of the configuration; writing messages to the windows event log; automated clean-up of old files in a folder.

If you need any of these in your organisation, you would benefit from the simplified and more comprehensive features in EFT Enterprise.

Authenticating users

While EFT Express can authenticate users against an AD server, the server needs to be a part of that domain. If you need to authenticate against another domain – or if your server is not in a domain, or you use a different directory service such as OpenLDAP – you would need to use LDAP authentication. This is only available on EFT Enterprise (and EFT Arcus). Again, Multi-Factor Authentication is only available on Enterprise via the Advanced Security Module.

Backup / restore configuration

Backing up an EFT Express server is done by backing up the contents of configuration files ftp.cfg, *.db, *json. However, with EFT Enterprise, all configuration files can be backed up much more simply. You do this by either using an event rule or choosing an option in the administration application via “File > Backup Server Configuration” and restored via “File > Restore Server Configuration”.

Activity alerts

EFT Express relies on sending email messages to alert users when activities happen. Perhaps a certain user uploads a file, or a file transfer fails. While this is very useful, it is not as easy to integrate into monitoring solutions such as SolarWinds. If you already have a monitoring solution looking at the health of your server OS, then EFT Enterprise can write to the windows event log as part of an event rule with a customisable ID and priority. This can be used by the monitoring application to log or alert when an EFT action happens. Some of our customers use this to alert when business critical transfers fail, or when key users log in for billing purposes.

Clean-up

Automated clean-up is becoming an increasingly important feature in MFT. This is because it helps keep your system GDPR compliant by removing old personal data. It is not available in EFT Express, but with Enterprise it can be configured as part of a scheduled rule – for example, to remove all files that have been on the server for more than a specified number of days. If this is used in combination with data wiping to overwrite the file on the disk, your system should only contain files that are actively needed, so that old data is not retained unnecessarily.

Delegated administration

EFT Enterprise allows you to assign sub-administrator accounts with a very specific subset of permissions. This can be used for managing EFT, COM, sites, settings templates, user accounts, user passwords and reports. Sub-administrator permissions are set via a series of controls on the server’s administration tab.

An example use-case would be allowing help-desk staff to create user accounts, without risking them accidentally making changes to EFT, or accessing other departments’ accounts.

Delegated administration allows you to create one or more sub-administrator accounts with access to user account management only. You can use templates to house marketing, engineering, or other departmental accounts. This will further limit the sub-administrators to only access accounts for departments they are authorised to manage. Each of the sub accounts can also be authorised or denied access to COM and/or auditing and reporting.

In addition to the server and site admin roles available in Express, EFT Enterprise offers event rule admin, template setting admin, user admin and change passwords admin to reflect common support roles in a larger organisation.

Web services

In EFT Enterprise (and EFT Arcus) the web service allows you to initiate an EFT workflow from an external application such as an enterprise scheduler. To access the web service you need authentication with a COM-enabled server administrator account. Requests to any web service URL are logged to the text log and ARM database.

EFT supports both POST and GET HTTP requests to “/WebService/InvokeEventRule” with two parameters “EventRuleName” and “EventParams” and triggers an event rule that is specified in the “EventName.” The web service supports the REST invocation model, supporting both POST and GET methods for invocation.

Additional automation functionality

Users might upload or download files that need to be compressed or decompressed before transferring. With the compress/decompress action, you can alter the following formats: ZIP, 7Zip, GZip, BZip2, Tar, Tar and GZIP, and ZCompress. This action can be included in event rules.

EFT Express’ automation capabilities can be extended with Timer Module, File Transfer Client and Folder Monitor.

Conditional logic is only available on EFT Enterprise. The ‘else’ clause, for example, executes if the condition preceding the else statement is not met. You can also generate context variable conditions based on a specified string.

High availability (HA)

Both EFT Express and EFT Enterprise offer an active-passive configuration.

EFT Enterprise with HA can:

  • Maintain availability through planned or unplanned outages.
  • Increase stability and flexibility by implementing multiple nodes of EFT Enterprise for load balancing.
  • Enhance throughput and better meet important SLAs by deploying multiple nodes of EFT Enterprise to allow the collective environment to use more available resources.
  • Improve scalability with the ability to share common configurations across nodes, eliminating the challenge of having multiple servers set up with different configurations.

EFT Enterprise’s active-active deployment provides HA using multiple instances of EFT Enterprise and a load balancer for non-stop availability of your network. And unlike active-passive failover clusters, all of the nodes in EFT Enterprise’s active-active deployment are put to work in production. There is no standby hardware, and no clustering software. Globalscape does not provide the load balancer, but is compatible with most major load balancers and is a member of the F5® Technology Alliance Program.

Cloud Connector Module

Previously, cloud connectivity was a differentiating factor between Express and Enterprise. At first, capabilities were only available to EFT Enterprise customers from version 7.4.7 onward. Recently though, the Cloud Connector Module has been made available for EFT Express. Functionality includes automatically copying/moving files to cloud storage as they arrive, setting timer rules to download files from cloud, and native integration with Amazon S3, Azure blobs and other cloud storage.

Mobile Transfer Client

Mobile transfer clients are available as an add-on for EFT Express users but are now included in EFT Enterprise as standard. The app is available for both iOS and android phones and tablets and ensures security controls are in place for files being uploaded, downloaded and shared via the device.

You can find out more in the EFT Express & Enterprise comparison data sheet.

Upgrading EFT Express to Enterprise is a simple process, which takes less than half an hour in most cases. All existing user data and account information is retained.

If you would like to discuss whether your business requirements are better suited to EFT Express or Enterprise, please get in touch.

Compare MFT solutions: