Data Transfer Security

Cerberus FTP Server Professional and Enterprise editions provide strong transfer encryption, robust access security, comprehensive logging and streamlined compliance tools to support data transfer security and privacy requirements.

Cerberus FTP Server Server Manager Encryption Settings

It is one of a kind. 99% of searches done looking for “File Sharing” are cloud-based. This is not applicable for a lot of agencies that protect sensitive data that prefer or require data to remain on-premise. In addition, Cerberus FTP Server is scalable, clean-cut and simple for end users, and supports multiple sharing protocols.

Christopher S.

Network Administrator, Government Administration, 51-200 employees

Cerberus FTP Server Server Manager Encryption Settings

Data Transfer Security Over Any Protocol

Use the Server Manager to transfer via FTPSSFTP, HTTPS, or SCP, with support for TLS 1.3, SSL cipher specification; RSA, DSA, and Elliptical Curve public and private keys; and Ephemeral Diffie-Hellman key exchange.

FIPS 140-2 Validated

Data transfer security certified to meet or exceed U.S. federal government data security standards.

File Transfer Integrity Checking

Using strong checksums based on SHA-512 or SHA-256 cryptographic hashes.

Secure File Access

Cerberus FTP Server’s User Manager provides data transfer security through user- and protocol-based connection and login requirements; automatic account lockouts; password policies and change alerts; temporary user accounts; and the ability to block FXP and reserved ports for PASV connections.

2-Factor Authentication

Using HOTP and DUO Security for both HTTP/S web client and web administration users.

Active Directory FTP Security Groups

Including Certificate Revocation Lists (CRLs).

2FA Prompt in Cerberus FTP Server
2FA User Setup with DUO

Client Certificate Verification

Via several different configuration options, including our OpenSSL command line tool.

IP Allow and Deny Lists

Through Cerberus FTP Server’s IP Manager, which includes auto- and geo-blocking to prevent DoS and brute force attacks.

Cerberus FTP Server's Report Manager

Automatic Auditing & Logging

Cerberus FTP Server provides a complete view of your data transfer security at all times. Conduct full audits of all commands and file activity (including TLS/SSL cipher and bit strength per connection) while streamlining reporting with Syslog integration and rolling log files with configurable size limits.

Detailed Reporting

Report Manager generates detailed client activity audits based on user names, dates ranges, and file access.

SQL Database Capture

Cerberus FTP Server’s Enterprise Edition allows administrators to create detailed connection, login and file transfer reports with enhanced report filtering/ordering by file name, file time stamp, user, date, or host.

File Retention Policy Management

Cerberus FTP Server offers several tools to simplify data retention policies:

Cerberus FTP Server Automated File Transfer Event Manager Icon

Folder Monitor

Configure automated file retention policies for all directories and sub-folders.

Advanced Policy Automation

Set up advanced policies, including alerts and batch file actions, using Enterprise Edition’s Event Manager.

Cerberus FTP Server Folder Monitor

Regulations Governing Data Transfer Security

In this section, we provide a list of regulations to help your IT administration understand the data transfer security requirements for your industry or jurisdiction.

Health Insurance Portability and Accountability Act (HIPAA) - USA

Major Requirements

  • A covered entity must implement technical policies and procedures that allow only authorized persons to access electronic protected health information (e-PHI)
  • A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI
  • A covered entity must implement policies and procedures to ensure that e-PHI is not improperly altered or destroyed. Electronic measures must be put in place to confirm that e-PHI has not been improperly altered or destroyed
  • A covered entity must implement technical security measures that guard against unauthorized access to e-PHI that is being transmitted over an electronic network

For More Information: