Never place the core Globalscape EFT server directly on the public internet. Use the Globalscape DMZ Gateway proxy. The DMZ Gateway holds no data in the DMZ and passes sessions directly to the internal network via outbound-initiated connections, neutralizing direct network attacks against the data store.
In version 8.2 and newer, Fortra introduced a localized strategy utilizing a dedicated configuration file:
: If a version is EOL but you have an active M&S plan, you may get minimal support, but Globalscape will release new maintenance builds or patches for that version. Globalscape 4. Critical Policies to Note "As-Is" Customization
To prevent data corruption, stop all active file transfer services before applying the patch. Use a maintenance page to notify external clients that the MFT gateway is temporarily offline. Verification: How to Confirm Your Terms Are Patched globalscape terms patched
To help tailor this to your needs, please share a few more details:
What is your organization currently running?
The impact of failing to apply these Globalscape patches is catastrophic for an organization. Never place the core Globalscape EFT server directly
Run an external credentialed scan using tools like standard enterprise vulnerability scanners to verify the target CVEs no longer flag the host. Best Practices for Long-Term EFT Hardening
Flaws that allow an attacker to bypass file access restrictions and view sensitive system files outside the intended web root directory.
Do you need assistance setting up an for testing updates? Share public link In version 8
Use the backup to restore EFT.mdb and reinstall the older version (not recommended long-term).
globalscape.com/Print11235.aspx">configuring Event Rules for secure file transfers?
Disclaimer: Always refer to official Globalscape security bulletins before applying patches in your specific environment. The above steps are general guidelines.