Globalscape EFT™ is available in small-to-medium business SMB and Enterprise platforms. Each is built on the same foundation and offers similar core functionality to enable organizations to receive files from business partners or end users over a variety of Internet standard protocols, such as FTP/S, SFTP, and HTTP/S. Modules are available for both products that extend auditing from simple flat-file logging to database driven auditing and customizable reports; provide advanced security controls typically needed by organizations that must comply with security standards such as PCI DSS, HIPAA, or SoX; facilitate ad hoc provisioning of users; and provide a richer experience when transferring data over a web browser.

DATASHEET

EFT ™ SMB and EFT Enterprise Feature Comparison

During the evaluation period, all functionality is enabled and visible in the EFT administration interface. After the trial expires, the functions and modules that are enabled and visible depend on the license purchased. (EFT’s Web Services interface, Oracle support, AWE, and AS2 are available only in Enterprise.)

The tables below compare the features available in EFT SMB to EFT Enterprise. Certain features require the activation of one or more of the following modules, as indicated by one or more superscript numbers after “Optional.” For example,

“Optional, 6,7” indicates that the feature requires the High Security module (6) and the Auditing and Reporting module (7).

1. SFTP module (Included in EFTEnterprise; optional modulein EFT SMB)

2. HTTP/S module (Included in EFTEnterprise; optional module inEFT SMB)

3. OpenPGP Encryption/Decryptionmodule

4. Mail Express ad hoc transfer

5. Web Transfer Client (RequiresHTTP/S module; limited tomaximum of 5 concurrent usersin trial period)

6. High Security module (RequiresARM to run PCI DSS reports)

7. Auditing and Reporting (ARM)(Oracle support available in EFTEnterprise only)

8. DMZ Gateway (Outbound proxysupport in EFT Enterprise only)

9. AS2 Module (Available in EFTEnterprise only; requiresARM module)

10. Advanced Workflow Engine(AWE module (Available in EFTEnterprise only)

11. Business Activity Monitoring(BAM) dashboard

12. Mobile Transfer Client (MTC)module

13. Content Integrity Control (CIC)(Available in EFT Enterprise only)

14. Workspaces allows you to sharefolders and their files with internaland external users.

15. Folder Monitor Module (Includedin EFT Enterprise; optional modulein EFT SMB to add Folder Monitorevent)

16. Timer module (Included in EFTEnterprise; optional module in EFTSMB toadd Timer event)

17. File Transfer Client module(Optional module in EFT SMBto add Copy/Move Action andDownload Action to Event Rulesystem in EFT SMB; included inEFT Enterprise)

18. Accelerate module uses apatented implementation of UDPto accelerate file transfers usingEFT Event Rule Actions.

19. Advanced Authentication Module(AAM) enables organizationsto centralize their user accesscontrols, improve productivity, andincrease adherence to securitypolicies.

2

Feature SMB EnterpriseFTP/S (File Transfer Protocol / Secure) - still used for communications with legacy systems.

SSL/TLS – secure FTP communications Included Included

SSL key manager – manage, import, export, and create SSL certificates Included Included

SSL Config – specify ciphers and versions allowed (SSL v2, v3, and TLS v1) Included Included

Checkpoint restart – resume interrupted transfers Included Included

Compression – inline compression of ASCII files Included Included

Acceleration – reduce transfer time over poor connections by allowing uploaded files to be split apart and transferred in multiple segments simultaneously

Included Included

Verification – guarantee integrity by comparing checksums Included Included

Command blocking – prevent unwanted behavior Included Included

S-key OTP – One-time-password scheme for plain-text FTP Included Included

PASV port range – facilitate FTP connections behind network firewalls Included Included

EBCDIC – Used for communicating with legacy systems Included Included

UTF-8 – Transfer Unicode filenames over FTP Included Included

Session tools – Real-time session monitoring Included Included

Customizable – Modify various FTP banners to suit your specific needs Included Included

FIPS – FIPS 140-2 compliant SSH cryptographic module Optional, 6 Included

SFTP (SSH2). The secure alternative to FTP, especially for system-to-system transfers. Optional, 1 Included Optional, 1 Included

Key manager – manage, import, export, and create SSH key pairs Optional, 1 Included

Key types – OpenSSH and SSH.COM (SECSH format) supported Optional, 1 Included

Authentication – Any combination of password and/or public key Optional, 1 Included

Strong ciphers Optional, 1 Included

Configurable SSH-protoversion-softwareversion – lower attack footprint Optional, 1 Included

FIPS – FIPS 140-2 certified SSH cryptographic module Optional, 1, 6 Included

HTTP/S (Hyper Text Transfer Protocol / Secure) - Ideal for interactive person-to-system transfers Optional, 2 Included

Customizable landing portal – Login page can be branded Included Included

Form-based auth – sessions are managed securely by the server Optional, 2 Included

Basic-auth – standard browser authentication (fallback auth mechanism) Optional, 2 Included

Session management in accordance with OWASP guidelines Optional, 2 Included

Password reset in accordance with OWASP guidelines Optional, 2 Included

Lost username retrieval in accordance with OWASP guidelines Optional, 2 Included

SSO – using Integrated Windows Authentication (IWA) Optional, 2 Included

3

Feature SMB EnterpriseHTTP –> HTTPS auto-redirect – increased security through implicit redirection of non-secure connections Optional, 2 Included

Web client – Optional web client adds a rich set of features compared to script-driven HTTP/S transfers Optional, 2 Included

Mobile client – Provides secure, remote access to your EFT files through HTTPS Optional, 2 Included

AS2 (Applicability Statement 2) – used for transmission of EDI documents N/A Optional, 9

Multi-directional – service inbound and initiate outbound AS2 transactions N/A Optional, 9

Drummond certified – 3rd-party certified equals superior interoperability. N/A Optional, 9

Message Level Security (MLS) – certificate-based authentication N/A Optional, 9

Reliability Profile – AS2 extension that increases interoperability N/A Optional, 9

Multiple Attachments (MA) Profile – AS2 extension that facilitates multiple concurrent transactions N/A Optional, 9

Authentication (Access Controls)

Native – (Proprietary) Authentication (Eft-Managed Authentication) Included Included

Active Directory (AD) authentication Included Included

ODBC – leverage any ODBC data source for user authentication Included Included

NTLM – authenticate local system accounts (Choose “Windows AD Authentication” when creating the Site.) Included Included

LDAP – authenticate against LDAP sources, including AD N/A Included

SAML (WebSSO) - user interface controls for enabling and configuring SAML for achieving Single Sign On (SSO) for Web-based authentication N/A Optional, 19

RADIUS – often used as a two-factor authentication source N/A OPTIONAL, 19

SMS authentication – two-factor authentication using a mobile device to receive a login code (must have SMS software) N/A Optional, 19

RSA SecurID® – third-party access manager that provides two-factor authentication N/A Optional, 19

CAC – Common Access Card authentication N/A Optional, 6

Authorization (Resource Controls)

AD Impersonation – leverage Active Directory ACLs Included Included

Permissions – set folder level permissions or inherit from parent Included Included

Permission groups – assign users to permission groups or templates Included Included

Virtual folders – map virtual to physical folders including network shares Included Included

Home folders – designate a home folder and optionally make it the user’s root folder Included Included

Set limits – number of logins, connections, file sizes, transfer speeds, disk quotas Included Included

4

Feature SMB EnterpriseSecurity

Invalid passwords – controls to auto-lockout, disable, or ban IP Included Included

Invalid account names – controls to auto-ban offender IP Included Included

DoS detection – controls to temporarily or permanently ban suspect IPs Included Included

IP access rules – full featured IP access rule manager Included Included

Banned file types – prevent upload of unwanted file types Included Included

Monitor and kickoff ending users from the server Included Included

Password complexity – configure a large number of complexity options Included Included

Password reset – user-initiated or on initial login Included Included

Password reuse – disallow historical (previously used) passwords Included Included

Expire accounts – disable account on a given date Included Included

Expire inactive accounts – disable or remove account after N days of inactivity Optional, 6 Included

Expire passwords – expire passwords after N days Optional, 6 Optional, 6

Expiration reminder – email user reminder to change their password Optional, 6 Optional, 6

Data sanitization – securely clean deleted data using military grade wiping Optional, 6 Optional, 6

EFS – encrypt data at rest using Windows’ Streaming repository encryption (EFS) Optional, 6 Optional, 6

OpenPGP – use OpenPGP to encrypt, sign, and decrypt data Optional, 3 Optional, 3

PCI DSS monitor – actively monitor and alert on violations

PCI DSS report – generate a compliance with a single mouse click Optional, 6,7 Optional, 6,7

PCI DSS compensating controls (CCs) – capture and report admin-provided CCs Optional, 6,7 Optional, 6,7

PCI DSS setup wizard – walkthrough configuration with PCI DSS in mind Optional, 6,7 Optional, 6,7

DMZ Gateway – securely proxy transfers through the DMZ Optional, 8 Optional, 8

Administration

Silent installation – unattended setup Included Included

Administrator GUI – Windows based Graphical User Interface (GUI) Included Included

Remote administration – administer from other systems in the network Included Included

Secure remote administration – SSL encrypted administration communications Included Included

Multiple administrators – allow concurrent administration Included Included

Secure administration – password complexity options for admins Included Included

Flexible authentication – leverage native, NTLM, or AD to authenticate administrators Optional, 6 Optional, 6

5

Feature SMB EnterpriseCOM API – programmatic administration N/A Included

Delegated administration – role based administrator accounts with granular permissions

Server and Site admin only Included

Backup and Restore – one-click backup and easy restore of entire configuration N/A Included

Batch account management – perform actions to multiple accounts simultaneously N/A Included

Forensics – audit and report on all administrator activity and changes N/A Optional, 6,7

Auditing and Visibility

Logging – flat file log in W3C and other formats Included Included

Monitor inbound transfers in real time Optional, 7 Included

Audit to SQL – audit transactions to a SQL database Optional, 7 Optional, 7

View reports – choose from pre-built or build your own Optional, 7 Optional, 7

Audit to Oracle – audit transactions to an Oracle database N/A Optional, 7

Monitor outbound transfers in real time N/A Included

Business Activity Monitoring (BAM) – real-time visibility, dashboarding, and analytics N/A Optional, 11

Automation (Integration with Back End Systems)

React to stimuli – trigger workflows based on file uploads and other server events Included Included

Send email to users or administrators as part of a workflow Included Included

Execute a process including scripts as part of a workflow Included Included

Context variables – use transaction values inside of workflows Included Included

Hot folders – trigger workflows when files arrive in a monitored folder Optional, 15 Included

Scheduled events – trigger workflows on a recurring basis Optional, 16 Included

Web Services – trigger workflows using WS calls; Invoke Web Service from URL N/A Included

Conditional logic – build fine-grained business logic into workflows N/A Included

Clean up – securely clean target folders from within a workflow N/A Included

Offload and download – push or pull files to remote servers as part of a workflow Optional, 17 Included

Send pre- and post- commands to mainframe during copy/move actions N/A Included

Perform folder and file operations N/A Included

Compress/Decompress files N/A Included

Advanced workflows – tap into the Advanced Workflow Engine to build sophisticated workflows N/A Optional, 10

Integration with antivirus and DLP (Data Loss Prevention) tools to permit or prevent transfers based on policies. N/A Optional, 13

6

Feature SMB EnterpriseAd Hoc (person-to-person file transfer)

Ad hoc file transfer – secure file transfer available either via Outlook Add-in or web interface Optional, 4, 14 Optional, 4, 14

Two-way file sharing – recipients provided with multiple methods to send files back Optional, 4, 14 Optional, 4, 14

Receipt notification – email notification when files are picked up by the recipient Optional, 4, 14 Optional, 4, 14

Pick-up authentication – recipients can be required to verify their identity before downloading files Optional, 4, 14 Optional, 4, 14

Full file tracking – Users and administrators can view complete history of files sent and received Optional, 4, 14 Optional, 4, 14

Centralized policy controls – administrator can enforce varying levels of required usage policies Optional, 4, 14 Optional, 4, 14

Active directory authentication – authentication internal users using AD Optional, 4, 14 Optional, 4,14

Integration with EFT – monitor all Mail Express file transfer activity from EFT Optional, 4 Optional, 4

Complete customization – easily customize all Mail Express web interface Optional, 4 Optional, 4

Folder/File Sharing using Outlook Add-In Optional, 4, 14 Optional, 4, 14

Architecture

IPv6 – Full dual stack (IPv4/6 mixed) support Included Included

Virtual – Run on virtual machines, e.g. VMware and Hyper-V Included Included

Unicode – UTF-8 encoding of filenames and other fields where applicable Included Included

IDN – Internationalized domain name support Included Included

I/O Completion Ports –Technology that allows for tremendous performance on Windows systems Included Included

Active-passive clustering – Failover for high availability N/A Included

Active-active, high availability (HA) clustering with 3 or more EFT Enterprise licenses N/A Included

SaaS – Managed or hosted N/A Included

Supported on Windows Server 2008 and 2012 Included Logo certified

ABOUT GLOBALSCAPEGlobalscape is an innovative software company that secures mission-critical exchanges of data across multiple platforms - including remote and mobility solutions - for businesses worldwide. Through superior software, standards compliance and experienced, reliable support, Globalscape secures information exchange for individuals, global enterprises, governments, and small and medium enterprises across a wide range of industries.