Pragma SFTP vs Generic FTP
Pragma is focused on providing the most secure, fast, scalable, comprehensive and reliable solutions for your Secure File Transfer (SFTP) needs by offering one of the fastest (32-bit & 64-bit) SFTP server and client in the industry. Key highlights of our products are listed below after FTP and SFTP description.
Why should an organization use SFTP versus FTP?
SFTP is a secure form of the ftp command. Whenever a user opens up a regular ftp session or most other TCP/IP connections, the entire transmission made between the host and the user is sent in plain text, which violates a number of key security fundamentals.
Anyone who has the ability to snoop on the network packets can read the data, including sensitive username/password information. If an unauthorized user can login, they then have the opportunity to compromise the entire network.
When using SSH’s SFTP instead of FTP, the entire login session, including transmission of password, is encrypted. It is therefore much more difficult for an outsider to observe and collect passwords from a system using SSH/SFTP sessions.
More details are provided below on the FTP and SFTP protocols.
FTP (File Transfer Protocol):
File Transfer Protocol (FTP), a standard Internet protocol, is the simplest way to exchange files between computers on the Internet. As a user, you can use FTP with a simple command line interface (for example, from the Windows MS-DOS Prompt window) or with a commercial program that offers a graphical user interface.
The advantages to FTP are primarily that it is easily accessible, relatively inexpensive, and easy to use. The primary disadvantage – especially in the current regulatory and compliance driven environment associated with many companies today – is it’s inherent lack of security. Using packet sniffing technology, a malicious intruder can capture sensitive data such as username and password information which is generally transmitted in clear text, thus, compromising security. That is why many companies are using Pragma Systems’s SSH Server (which has full SFTP server built-in) for securely transferring files and data.
SFTP (Secure File Transfer Protocol):
In computing, the SSH File Transfer Protocol or SFTP is a network protocol that provides file transfer and manipulation functionality over any reliable data stream. It is typically used with the SSH-2 protocol (TCP port 22) to provide secure file transfer, but is intended to be usable with other protocols as well. Compared to Secure Copy (SCP) protocol, which allows only file transfers, the SFTP protocol allows for a range of operations on remote files – it is more like a remote file system protocol. An SFTP client’s extra capabilities compared to an SCP client include resuming interrupted transfers, directory listings, and remote file removal.
A common misconception is that SFTP is simply FTP run over SSH; in fact it is a new protocol designed from the ground up by the IETF SECSH working group. It is sometimes confused with Simple File Transfer Protocol.
The protocol itself does not provide authentication and security; it expects the underlying protocol to secure this. SFTP is most often used as subsystem of SSH protocol version 2 implementations, having been designed by the same working group. Pragma Systems offers our market leading SSH Server and SSH Client for affordable, easy to install, and easy to use SFTP usage. Our key benefits include:
- Extremely fast file transfer speeds
- Fully secure and scalable across any enterprise environments
- Pragma SFTP Server and client software available in both 32-bit & 64-bit versions.
- Comprehensive support of SFTP industry standard protocol which allows for compatibility with any vendors SFTP clients
- Utilizes FIPS compliant AES encryption (128,192,256 bits) for authentication and file transfers
- End-to-end Secure file transfer
- Windows Active Directory, Kerberos and GSSAPI authentication
- Works seamlessly with Windows user accounts across the enterprise
- Unix/Linux clients can authenticate with Kerberos to Pragma SFTP (Pragma SSH Server) server running in Windows for enterprise-wide secure file access
- Virtual directory support (allows user-friendly directory renaming)
- Mapped root support
- Granular access control per user or per system
- SCP (Secure Copy) server and client built-in