How Does SFTP Work?
How Does SFTP Work?
Secure File Transfer Protocol or SFTP is a file transfer protocol developed to send large amounts of data and files over the internet securely. SFTP builds on the widespread protocol FTP or File Transfer Protocol by embedding a security mechanism in the SFTP file transfer process. SFTP uses a security measure known as SSH or Secure Shell to establish and secure a connection between the data source and data receiver and encrypts file data as it is transmitted between endpoints.
Sections
SFTP Essentials
As noted, SFTP is the security-enhanced answer to the traditional FTP data transfer method. SFTP was first designed as a proprietary protocol in 1997 by Tatu Ylönen with assistance from Sami Lehtinen. It was later redesigned by the IETF as an open standard. Before this security-focused approach, FTP had been a standard well-adopted transfer protocol since the mid 1970s. With the rise of cyberattacks in the mid-90s, FTP exhibited its shortcomings, particularly its security vulnerabilities, sparking the need for a more secure file transfer protocol.
FTP by design transmits data in clear text, posing serious security challenges. In comparison, SFTP transmits data over an SSH data stream, encrypting the transmitting endpoints and the data in transit, minimizing the risk of data exposure in transit.
How Does SFTP Work?
Both SFTP and FTP are similar in their design approach. Both SFTP and FTP transmit files between a source client and destination servers to transmit data over the internet. However, to dig into the details of how SFTP works, we should first look at FTP and SSH to understand the underlying foundation of the SFTP protocol.
How Does FTP Work?
When you send files via FTP, files are uploaded to an FTP server and then downloaded from the FTP server to the target client. Importantly, as noted before, FTP transmits data in cleartext. This data transmission not only increases the risk associated with FTP transfer but can also break compliance regulations such as PCI-DSS and HIPAA. FTP also uses two channels to establish a connection and transmit data. In this design, one transmission channel (established on a random port) designated as the control channel will establish and maintain a connection between the client and the FTP server. In contrast, the other channel designated as the data channel will transmit the data between the source and the FTP server.
How Does SSH Work?
SSH known as Secure Shell is a cryptographic security network protocol that sits on top of the file transfer protocol providing a layer of encryption for the communicating endpoints as well as the data tunnel. Often SSH connections are established via an application that is installed on a computer that provides a connection to the targeted server.
How Does SFTP Work?
SFTP is different from FTP in a few fundamental differences. First, SFTP uses SSH to ensure that data is transmitted in an encrypted fashion from the source client to the target SFTP server. This security enhancement allows organizations to not only protect valuable data that is transmitted around the world but also allows them to meet compliance requirements through PCI-DSS, HIPAA, GDPR, and CCPA. Also, SFTP establishes communication and transmits data over one data channel rather than two channels, as seen in the traditional FTP method. This methodology allows fewer ports to be consumed with data transfer and minimizes the risk of data being exposed in transit, as it reduces the available channel targets from two to one.
How Does SFTP Compare To Other Transfer Protocols?
FTP and SFTP, the security-enhanced alternative to FTP, both pose a challenge in speed and scalability. These more traditional protocols were once great solutions for transferring small amounts of data within a network. However, with the growing interconnected global economy requiring businesses to transfer files at a global scale or expand into the cloud, FTP and SFTP simply can’t keep up. SFTP / FTP have been found to exhibit extremely slow transfer speeds as organizations look to send more and more files at larger distances. To combat this challenge, organizations such as IBM’s Aspera have provided new advanced data transfer protocols to remove the barriers seen in SFTP.
IBM Aspera FASP Overview
IBM Aspera provides a patented file transfer protocol alternative to the traditional SFTP solution. Aspera is designed on a uniquely different file transfer protocol known as FASP. This Aspera proprietary file transfer mechanism is built to be up to 100X times faster than SFTP when transferring large amounts of files at great distances. This fundamental difference in Aspera’s FASP compared to traditional file transfer methods makes Aspera the answer for organizations who need to collaborate locally and globally at the speed and scale of today’s business.
Take a look at IBM Aspera’s file transfer calculator to get an in-depth understanding of how Aspera can transfer large amounts of files around the world quickly, seamlessly, and securely. By comparing this estimate with your organization’s current file transfer speeds, you can immediately get a sense of the value that this unique file transfer protocol can provide for your organization as you grow into a more globally connected organization.
Next Steps
As you strategize to move from a traditional, more limited file transfer service to a file transfer service that allows your organization to collaborate in today’s interconnected global market, consider leveraging the resources of our team here at PacGenesis. We here at PacGenesis are a premier IBM Gold-status Partner with over ten years of experience supporting organizations to implement data transfer and data security solutions.
To learn more about PacGenesis, follow @PacGenesis on Facebook, Twitter, and LinkedIn, or go to www.pacgenesis.com.