We are excited to announce that development of SFTP Gateway Version 3.0 is almost complete. We’ve been working hard to implement a number of improvements and requested features, making it easier than ever to set up an SFTP server that is backed by your favorite cloud storage service.
What Is SFTP Gateway?
For those who are not already familiar, SFTP Gateway is a virtual SFTP server image that is available on the AWS and Azure Marketplaces. It is preconfigured and secure by default, which eliminates the complexity of setting up an SFTP server from scratch. Since all files that are uploaded to the SFTP server are stored on Amazon S3 or Azure Blob Storage, SFTP Gateway is an invaluable tool for integrating with third-party partners and vendors. It allows external organizations to transfer files using a common, industry standard protocol, without having to know the details of your proprietary cloud applications. With SFTP Gateway, you can easily manage users with a simple web-based user interface. Whether you need only a single instance, or a high availability configuration that balances the load across multiple instances, SFTP Gateway setup is completely automated using CloudFormation or Azure Resource Manager (ARM) templates.
What is new in SFTP Gateway Version 3.0?
The feedback we have received from version 2.0 has been outstanding, thank you! We appreciate all your comments, questions and suggestions. The list of new improvements is long, so here is the TLDR;
- Simplified setup – no command line configuration required
- Significant performance improvements
- Better support for high availability
- Feature compatible with AWS Transfer at a lower cost
- Easily manage users, folders and permissions
- Seamless cross-cloud connectivity
- Independent third-party security audit
- 30-day free trial for everyone
A primary goal for SFTP Gateway 3.0 was to simplify server deployment and setup. We want everything to just work right out of the box. No Linux command line administration is necessary. You can literally be up and running in seconds. After you launch a SFTP Gateway instance, just connect to the web based admin dashboard, complete the one-time setup by choosing an admin password, and you can immediately start creating new SFTP user accounts. It’s that simple.
For all the SFTP Gateway admins out there that are Linux SysAdmins, don’t worry. You can still SSH to the server to tweak the configuration if you want to. But keep this in mind… we have enlisted a top-notch cybersecurity firm to perform a security audit and help harden our server image. So you shouldn’t need to.
For typical work loads, prior versions of SFTP Gateway worked great. As people commented, it is a solid product that gets the job done. A goal for version 3.0 is to make sure the server stays responsive and transfers files efficiently, under any workload. Prior versions of the product utilize the AWS or Azure Command Line Interface (CLI) to transfer files to persistent cloud storage. These command line tools can consume a large amount of server CPU and memory resources, which can lead to performance degradation under heavy workloads.
We have completely redesigned the file transfer process from scratch in version 3.0. We have eliminated the dependency on resource-heavy command line tools and replaced it with a custom implementation that utilizes Non-Blocking Asynchronous I/O. The performance improvements are staggering.
We’ve also been able to eliminate an antiquated LDAP server component that was a potential point of failure when server resources are constrained. This greatly improves the reliability and performance of our high-availability configuration, allowing you to scale predictably. Need to support thousands of simultaneous file uploads from thousands of SFTP users? No problem…just add as many server instances to the load balancer as you need. And of course, our world-class support team is always here to help you figure out how many you need.
Not only does our new implementation increase performance, it also provides a number of exciting new features…
Feature Compatible w/ AWS Transfer
Now that we have complete control over the file transfer process, the fact that SFTP Gateway utilizes AWS S3 or Azure Blob Storage for persistent storage is completely transparent to the user. Similar to AWS Transfer for SFTP, when a user connects to the server via SFTP, they land in their home directory. Depending on their permissions, users can upload files to their home directory and create subdirectories. They can also list and download files that have been previously uploaded.
With SFTP Gateway 3.0, SFTP users can have the following permissions on any directory in their home directory tree.
- Read-Write – allows them to upload and download files
- Read-Only – limits them to downloading files only
- Write-Only – allows them to upload files but not view or download them. This is consistent with the one-way file upload feature that customers of existing SFTP Gateway versions have enjoyed.
SFTP Gateway 3.0 provides several advantages over AWS Transfer for SFTP. Unlike AWS Transfer, you can easily attach an Elastic IP address to your SFTP Gateway instance giving you a static IP address, which is a common security need for IP Whitelisting. The cost of SFTP Gateway 3.0 will remain $0.06 per hour for On-Demand instances. This is significantly lower than $0.30 which AWS charges for their product. AWS also charges $0.04 per GB uploaded. Because AWS does not charge Ingress data transfer fees for EC2 or S3, uploading files with SFTP Gateway is completely free. Finally, our improved admin web interface makes SFTP User and Folder management quicker, easier and far more intuitive than AWS Transfer.
Improved User & Folder Management
A highlight of the previous SFTP Gateway version was a web-based user interface for managing SFTP users. We’ve taken this one step further in version 3.0 with a powerful administrative interface that allows you to customize folders each user has access to. Users are no longer limited to folders called “uploads” and “downloads” (however, you can easily create them if you want to). When you create a new user in version 3.0, a default home directory will automatically be created for them with the permissions you specify. As an administrator, you can also create any number of subfolders for each user, giving you the ability to create the ideal folder hierarchy needed for your business.
The ability to share files between users has been a commonly requested SFTP Gateway feature. In version 3.0, we have decoupled the server folder hierarchy from the cloud storage destination using a powerful construct we call “Cloud Connections”. Any folder in the server folder hierarchy can be mapped to a different Cloud Connection, giving you virtually unlimited sharing possibilities. As an example, you might create SFTP user accounts for each vendor your business uses. One vendor might have a home directory that looks like
/Users/vendors/acmecorp. Another’s might look like
/Users/vendors/abc-corp. Your internal logistic manager, however, might have an SFTP account with a home directory that looks like
/Users/vendors/. When the logistic manager connects with an SFTP client, they can access all of the subfolders of the
vendors directory, allowing them to manage files from every vendor.
Cloud Connections aren’t unique to a single cloud service provider. You can create multiple Cloud Connections to either AWS or Azure (and other future cloud service providers) at any level in the server folder hierarchy, which allows for our next exciting feature announcement.
A final goal of SFTP Gateway 3.0 is to help protect you from cloud vendor lock-in by providing seamless cross-cloud connectivity. With version 3.0 you can create any number of Cloud Connections that point to either AWS or Azure (and more to come). You can have some users with home directories that are backed by S3 and other users with home directories that are mapped to Azure Blob Storage. You can even have a single user with subfolders that point both Azure and AWS. A setup like this would allow you to instantly transfer all your files from AWS to Azure with a single SFTP command. As the administrator of SFTP Gateway, you know where files are stored, but it is completely transparent to your users.
Just imagine how powerful this is! SFTP Gateway can protect your business by serving as a file-level abstraction layer. You might have hundreds of SFTP users that upload files needed by your business applications running on AWS. Should you decide to move these applications to Azure at some point down the road, getting every user to update their sftp connection details would be a painful exercise. With SFTP Gateway 3.0, this burden does not exist. Updating the Cloud Connection to point to Azure instead of AWS can be done with a few simple clicks in our admin dashboard. Everything else stays completely the same as far as the users know.
Large organizations might have several hundred SFTP accounts that are managed across different business departments or organizational units using several different file sharing solutions. Whether you choose to store files on AWS or Azure, SFTP Gateway gives you a single, consistent interface to manage them all in one place.
30 Day Free Trial
We certainly hope that you’ll be as excited about these new features as we are. To help encourage you to try them out, we are providing a 30 Day Free Preview for all new SFTP Gateway subscriptions. As always, our world-class support team will be here to help you out, answer any questions, and listen to your feedback. So keep it coming!
Can I get an early preview of the beta version?
Absolutely! SFTP Gateway 3.0 is still a few months away from being released on the AWS and Azure marketplaces. We are targeting Q2 2021 for our first release. We can provide access to a free preview of a beta version in the coming weeks. If you are interested in trying it out, drop us a line and let us know. We’d love to hear your feedback.