Comparison of FTP Versions: FTP, FTPS, FTPES, SFTP

This is a general technical comparison of the different versions of “FTP” that Smartfile supports. Each has their own pros and cons depending on what programs are available to a user and want one wants to accomplish. All discussed options can be used for scripting and automation.

  1. FTP – tcp port 21 (command), + passive ports (data) – This is the most basic form of transfer Smartfile supports. It has been around since 1971, hence there are a large number of old and new programs that can utilize ftp. The wide usage is about the only reason to utilize basic FTP today. FTP transfers all information, username, password, and data unencrypted between client and server. Anyone eavesdropping on this communication can easily gather this data. FTP was developed before NAT was used in homes and offices, so a workaround is built into most newer gateway devices.

    FTP communicates either passively, client to server, or actively, server to client. Due to the NAT workaround, active mode does not work with FTPS, implicit or explicit, unless it is explicitly configured. Passive is usually the best choice for opening an FTP data channel.
  2. FTPS (Implicit) – tcp port 990 (command) + passive ports (data) – FTPS(I) was one of the first attempts to encrypt FTP communication. It was expected the client to connect securely to the server, no negotiation was allowed. All other major operations of FTP stayed the same. This has been deprecated in favor of FTPS (Explicit).
  3. FTPS (Explicit) – tcp port 21 (command) + passive ports (data) – This was added to FTP to all the client to negotiate encryption for the FTP communication. FTPS(E) functions the same as FTP except it negotiates an SSL or TLS connection when the client asks for it, prior to authentication.
  4. SFTP – tcp port 22 – SFTP is not technically similar to FTP, but SFTP can be used with similar commands to transfer files. SFTP encrypts both commands and data making it secure. All communication is done over port 22, which makes it NAT friendly. The biggest issue is since SFTP runs on a different port, standard FTP clients may not be usable.

SmartFile recommends utilizing encryption whenever possible. With this in mind, we always suggest a client use SFTP or FTPS when moving files and creating automated processes.

If you are looking for an FTP solutions that provides SFTP, FTPS, and FTPES access, as well as an HTTPS interface that makes FTP management easier, then check out SmartFile. We are the leading FTP alternative solution for businesses seeking secure transfer solutions.

SmartFile is a business file mangement platform that gives you more control, compliance and security.