What is FTPS?

The original File Transfer Protocol (FTP) was designed to allow users to browse directories and transfer files between computer systems. The FTP protocol has no provisions for security, and all information, including usernames, passwords and file data, is transmitted unencrypted. Anyone on the same network can easily examine the data as it is sent between machines.

FTP over SSL/TLS (FTPS) solves this security problem by first securing the connection using SSL or TLS encryption, before any user or file data is exchanged. FTPS is a common method of securing an FTP connection.

There are generally two modes of secure FTP available, FTP with explicit SSL/TLS encryption (FTPES) and implicit SSL/TLS (FTPS). Another method of establishing a secure connections and exchanging files is called SSH File Transfer Protocol (SFTP), but despite the name similarity, SFTP is a completely different protocol.

Implicit FTPS works very similar to HTTPS, establishing a secure connection using the TLS/SSL protocol before the FTP session begins. With FTPS, regular FTP commands are sent over the secure connection and are protected by the TLS/SSL protocol. Explicit FTPES works a little differently. It uses newer FTP commands to upgrade an unencrypted FTP connection to a secure connection during the initial authentication step. The FTPES protocol is somewhat more firewall friendly that the FTPS protocol, and allows the server and client to negotiate different levels of encryption and integrity protection on the control and data channels.

Protocol Support

Cerberus FTP Server 2.0 and higher support FTP and FTPES, while Cerberus FTP Server 4.0 and higher support FTP, FTPES, FTPS, and SFTP.

If you are interested in more information about the three protocols, we’ve written up a short article on which protocol is the most appropriate in a given situation. We also have detailed help on the FTP features supported by Cerberus FTP Server.