Blade File Transfer System 2.1
This file transfer solution effectively mitigates the problems of unreliable networks by restarting interrupted file transfers where they left off. However, it has a major security loophole.
February 16, 2010
Those of us who live in areas that offer multi-megabit-per-second broadband Internet connections can easily forget that fast and reliable communication isn't the norm in many parts of the world. Some areas suffer with the vagaries of aged telephone networks and satellite links, which can make transferring large files difficult or even impossible.
Blade File Transfer System 2.3 mitigates the problems of unreliable networks by letting you restart interrupted file transfers where they left off, which is a boon when you can't get continuous connectivity to a remote server. It sports other useful features, such as a web-client interface in addition to the native Windows client, a command-line utility that can synchronize directories while minimizing data transfers, and email notification of transfer status.
Why not just use FTP? FTP is an insecure protocol that can open your server to hacker attacks. Although other secure file transfer solutions exist—such as FTP over SSL (FTPS) in Windows Server 2008's IIS 7.0 and the restart-enabled open-source FileZilla (filezilla-project.org)—they lack the convenient web GUI supplied by Blade File Transfer System.
Hard to Install But Easy to Use
Installing Blade File Transfer System isn't for the faint of heart. The bundled installer merely extracts a minimal installer and a how-to PDF document describing post-installation steps, which are numerous. For example, you must manually set IIS directory permissions, generate and install an SSL certificate, and create an IIS application pool. The installer could automate these steps to greatly simplify the setup process and head off potential missteps. In addition to the post-installation steps, you must manually create users' download and upload folders.
Once installed, however, Blade File Transfer System is straightforward to run. Users can install a native Windows client or access a web portal that downloads a .NET runtime file transfer utility. In both the Windows and web GUIs, the user simply selects files to be transferred and initiates the copy operation. This is where the system's fault tolerance comes into play. If the client's network connection is broken or if the server gets rebooted, Blade File Transfer System automatically restarts the file transfer from where it left off, without missing a byte.
The Advantages
On slow, unreliable networks, large file transfers could take hours or days—longer than anyone wants to sit around waiting. Blade File Transfer System has a convenient email notification feature that lets you know when a transfer completes or if a restart is required. Its command-line utility lets you synchronize files between a server and client, copying only the files that have changed, minimizing the amount of data that must be copied to maintain parallel file repositories. (This feature isn't available through either GUI.)
Blade File Transfer System has a few other advantages, such as the ability to move files up to a terabyte in size, which is far larger than the files you can move with Microsoft's FTPS utility. In addition, the files will pass through most firewalls without special configuration requirements because the system uses SSL/Transport Layer Security (TLS) transport, which is also known as HTTP Secure (HTTPS) transport.
The Disadvantages
Blade File Transfer System has a couple negatives—and one is serious. If you neglect to install a digital certificate, it authenticates users and transfers files without encryption. More important, it doesn't warn you by sending a message to the client or logging an error on the server. Nothing in the installation process forces you to install a certificate, which is an easy step to miss, especially given the minimal guidance about SSL provided in the installation guide. This oversight contravenes enterprise-level security practices, which is to fail in a “safe” state, especially for a product at this price that claims data protection as a major feature. Even worse, the system fails to record in its audit log that encryption isn't operational. Even a basic web browser clearly depicts when a session is unencrypted. Blade File Transfer System should display the security status during transfers, log that status for every file moved, and alert users when data is being sent unencrypted.
The second negative is a buyer's caveat: Blade File Transfer System requires separate CALs for each user (including web and command-line users) and comes bundled with only five CALs. This could be a deployment limitation if you're looking for a way to interact with many customers in, for example, a tech support environment.
Useful But Needs Work
If you need to securely move large or numerous files on less-then-perfect networks or if you want to give your users a simple web-based file transfer interface, Blade File Transfer System is a useful solution. However, the serious security flaw I found regarding unenforced encryption must be remedied before I can recommend it wholeheartedly.
About the Author
You May Also Like