Find White Papers
Home About Contact Help
Free Membership Member Login
Nov 20, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

Comparison of FTP and Signiant

Signiant
By : Signiant
INFORMATION
Published : Jun 18, 2008
Length : 8
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :

FTP (File Transfer Protocol) is used to perform file transfers over Internet Protocol (IP) networks such as the public Internet and corporate intranets. FTP is widely deployed and is widely accepted as a file transfer solution. However, are there downsides to using FTP for file transfers?

This paper compares FTP with file transfer methodologies of Signiant's software applications and identifies the shortcomings of FTP that Signiant was designed to overcome.

View All Items By This Company
Browse Related Categories :

Content Delivery

,

Information Management
 
FTP
FTP, as a term, is often used in multiple ways. As such, it is important to distinguish between FTP as a network protocol and FTP client and server implementations.
File Transfer Protocol
The FTP protocol is a set of formal rules that specify how to transmit files and file system_related information between two computer systems. FTP is a client_server protocol. The FTP client initiates a connection to an FTP server and can issue requests to STORE or RETRIEVE individual files. The base protocol also supports file system listing and manipulation commands and simple user authentication. The protocol provides mechanisms to specify data types and file structures with the assumption that two incompatible systems can provide conversion between data representations and storage formats. In practice, translation features are only for text conversion (e.g. EBCDIC1 to ASCII2 conversions).
FTP Clients and Servers
The FTP applications that most computer users are familiar with are interactive computer programs that implement the client portion of the FTP protocol. Users interact with the FTP client using a command line or graphical user interface. Many FTP clients support operations that are not part of the FTP protocol but rather are implemented by executing multiple FTP primitives in sequence for user convenience.
FTP servers are usually deployed on back office server infrastructure; however, FTP servers can also run on desktop and notebook computers. An FTP server typically has no user interface and runs as a background service or daemon3. Some FTP server implementations support graphical management and monitoring interfaces.
An FTP client connects to the FTP server and usually provides, via the FTP protocol, a username and password for authentication. Most FTP servers support an anonymous mode of operation that allows clients to access a portion of the file system after a user supplies an email address instead of a password. Anonymous FTP is not a function of the protocol or the client, but rather a local implementation feature of the server.
FTP SECURITY EXTENSIONS
Security extensions for the FTP protocol were proposed in the late 1990’s to promote secure file exchange. These security extensions support strong authentication, data integrity, and confidentiality. However, the extensions only specify how the security messages are conveyed in the FTP control protocol and don’t specify the actual security mechanisms used to implement authentication, message privacy, and integrity. As a result, FTP security extensions are not widely implemented and, when security extensions are implemented, systems are often incompatible.
Many organizations that use FTP for secure data exchange use a third party tool to encrypt files before and decrypt the files after transfer. This process provides some confidentiality and integrity; however, securely transferring files then involves multiple manual steps or the use of homegrown scripts to automate the process. Further, if it is necessary to implement tasks—such as key distribution—after transfers have taken place, the security utilities then require a management infrastructure of their own, adding more complexity to the overall solution.
Another factor to consider is that encrypting files does not address FTP authentication issues. A common approach to addressing the authentication void is to use a semi_secure host in a demilitarized zone (DMZ4) to relay messages. This further complicates the end_to_end data transfer process and does not solve the authentication problem but rather reduces the impact of security breaches. DMZ FTP relays are a poor solution at best.
FTP AND FIREWALLS
The FTP control protocol establishes a separate TCP5 (Transport Control Protocol) connection for each file transferred. A new TCP port number, in the dynamic (or short_lived) port range, is chosen for each new connection and firewalls must be ‘application aware’ to manage FTP traffic. That is, the firewall must interpret the FTP protocol to determine which TCP ports are being used and dynamically alter the firewall rules. Low_end firewalls and filtering routers cannot put adequate controls on FTP traffic.
FTP PERFORMANCE
The FTP protocol transfers each file over a new TCP connection. Not only does this introduce connection setup overhead for each file, but in high latency environments, additional round trip delays are introduced. When large numbers of files are transferred, the per_file setup overhead can significantly reduce overall throughput.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map