WIXLIB

EFT CLOUDIMPLEMENTATION GUIDEMicrosoft AzureAmazon Web Services

TABLE OF CONTENTSDeployment Options.3Deploying Amazon EC2 Instances of EFTin Amazon Web Services (AWS).3Prerequisites.3Licensing .3Obtaining the Image.3Quick Test.3EFT Administration.4Next steps.5Deploying EFT on Microsoft Azure.6Prerequisites.6Licensing .6Create VM.6Quick Test.6EFT Administration.6Next steps.72

DEPLOYMENT OPTIONSAside from Globalscape’s SaaS solution, EFT CloudServices, we also offer EFT that you can deployyourself, in the cloud, with a perpetual EFT licenseand by a managed service provider (MSP),Globalscape, or by yourself. EFT can be installed on: Amazon Web Services (AWS)LicensingThe EFT image includes a fully functional,preconfigured copy of EFT that will operate without alicense for 30 days. After the evaluation period is over,you will need to provide a license key to continueusing the software. The license key is not restrictedto an EFT running on AWS, but is instead restrictedbased on the number of servers licensed. For more Microsoft Azureinformation on licensing, please refer to EFT’s End An MSP of your choosingUser License Agreement or contact GlobalscapeNo matter how you deploy EFT, you can request aTechnical Account Manager (TAM) to administer EFTfor you.DEPLOYING AMAZON EC2INSTANCES OF EFT ON AMAZONWEB SERVICES (AWS)You don’t need to have your own infrastructureand server hardware to deploy an enterprise-levelmanaged file transfer (MFT) server. As an alternative,or an adjunct, to EFT installed on premises, EFT canbe installed on Amazon Web Services, MicrosoftAzure, or other hosting providers, with a perpetuallicense and managed by a managed service provider,a Globalscape Technical Account Manager (TAM),one of our partners, or yourself. This guide explainshow to deploy EFT on Amazon Web Services.PREREQUISITESsales.Obtaining the ImageIf you haven’t done so already, log in to your AWSaccount, go to the AWS marketplace, and searchfor “Globalscape.” Locate the Globalscape EFToffering, select it, and then follow Amazon’s OneClick setup process to create and launch an instanceof that image. Globalscape recommends that youselect the default options, and also requires thatRDP be available (so you can log in and performadministrative tasks in EFT), and HTTPS (so you canlog in as a user and upload and download files to EFTusing EFT Web Admin).Quick TestIf you used the One-Click setup, then an instance ofEFT is both created and launched in a single step.Give the instance a few minutes so that the machinepassword will be available and so that EFT canTo run EFT on AWS, you need the following:finish configuring itself. After 5 minutes or so do the An Amazon AWS accountfollowing to connect to EFT: A license key from Globalscape if you plan to use1. In your web browser, type:EFT past the 30-day evaluation period.3https:// this instance ip address

If the connection fails, then you should eitherThe WTC represents a tiny sub-set of EFT’stry again in a few minutes, or double check thefunctionality, and isn’t necessary if purelySecurity Group (EC2 Dashboard Network &automated transactions will be conducted betweenSecurity Security Groups) assigned to this image,systems; however, it is a good way to test thatensuring that HTTPS is added and that your IPthe server is running. The WTC is useful whenaddress is allowed.person-to-business or person-to-person transfers2. If you get a security warning in your browser,select the option to proceed. The browser is simplyalerting you to the fact that the SSL certificateused by the site is unsigned (self-signed), and thusuntrusted. More on SSL certificates below.3. At the login page, type in the user accountEFT AdministrationTo take full advantage of EFT you will need toconfigure it beyond the preconfigured settings. Thisincludes security settings that meet your internalpolicies, user provisioning, and creation of workflowscredentials as follows:that depend on triggers such as files being uploaded,Username: ec2-userfiles deposited into a “hot” folder, or recurringPassword: The Instance ID scheduled events.4. The instance ID is shown in your EC2 Dashboardfor this instance. This is a unique value that wasgenerated when you created the instance fromthe EFT image. When the instance was launchedfor the first time, a script was run that generatedthis test account and retrieved the instanceID, and thus dynamically setting the password.Even though it is unique, we recommend youchange the test user account credentials at theearliest opportunity, as both the testuser and EFTadministrator account are assigned the instance IDas their respective password.5. In the rare case that the script failed and yourlogin fails, then please contact our support team orRDP in and use EFT’s administration interface tomanually configure EFT.6. When login succeeds, then EFT’s Web TransferClient (WTC) interface appears, and you will beable to transfer files from/to EFT using the intuitivecontrols provided.4are needed.1. Establish a remote desktop session to the runninginstance (if you are reading this then you are likelyalready connected). Instructions for RDPing andfor obtaining the uniquely generated administratorpassword for this instance are available onAmazon’s website.2. Once logged in to Windows, click on the EFTadministration shortcut located on the desktop.3. When the administration interface appears, youwill be asked which server you want to administer.Select Local server, then click OK or Next.4. On the next screen, provide your administratorcredentials as follows:Admin username: AdministratorPassword: The Instance ID 5. As with the test user account, the admin accountuses the instance ID as the password. We highlyrecommend that you change the default password,which can be done on the Server’s Administrationtab. (Click the Server node in the tree pane.)

6. You can now configure the server to your liking,6. If you plan on using this EFT in a productionwhich could include things like adding more usersenvironment, then you will probably want to auditto the default Site, creating a new Site (which isto a separate SQL server, rather than the providedlike a virtual host that can have its own uniqueSQL Server Express 2014 edition. In order toauthentication mechanism, protocol, and securityboth change EFT’s audit settings AND createsettings), changing default settings, or startthe schema on the target SQL server, you willexperimenting with EFT’s automation capabilities,need to re-run the installer, choose Modify, andwhich include the Event Rules and Advancedthen follow the instructions when prompted to setWorkflows features.EFT auditing and reporting. Alternatively you can7. The complete documentation on EFTadministration can be found on oursupport website.Next steps1. First, don’t forget to change your EFT administratorand ec2-user account passwords in EFT.2. If you haven’t done so already, you should changeyour Windows Administrator password.3. Enable additional protocols in EFT (FTPS, SFTP,AS2) as desired, remembering to update yourAWS Security Group values as necessary, so thatconnections can be established from outsideof AWS.4. EFT was preconfigured with Amazon’s SMTPserver values; however, you will need yourAmazon Simple Email Service (SES) SMTPcredentials ide/Welcome.html) if you wantto leverage EFT’s email notification capabilities.5. If you plan on using this EFT in a productionenvironment, and assuming it’s been licensed,then do not forget to replace the test SSLcertificate that was generated for EFT with acontact our support team for assistance.7. The instance will default to the UTC time zone.Instructions for changing the time zone owsGuide/windows-set-time.html8. You can join this instance to your AWS domainwithin your Virtual Private Cloud (VPC) byfollowing these instructions: ide/ec2-join-aws-domain.html Note that EFT supportsan authentication mode that lets you point to anAD controller, using native Windows calls (for fullimpersonation), using LDAP, if authenticationalone is needed (with EFT controllingauthorization).Contact the Globalscape sales team if you wouldlike to see a demo or have specific questions aboutdeploying EFT on AWS.The Amazon EC2 Instance Deployment Guide.pdfprovides the steps necessary to createEC2 – Virtual Servers in the Cloud instance. Note thatAmazon charges a fee for this service, and the feeincreases with the amount of bandwidth you need.CA signed certificate. Please note that the testcertificate private key password was also theinstance ID.5

DEPLOYING EFT ONMICROSOFT AZUREQuick TestYou don’t need to have your own infrastructure1. In your web browser, type https:// instance ip orOnce the image has been deployed:and server hardware to deploy an enterprise-levelhost address . If the connection fails then youmanaged file transfer (MFT) server. Instead, youshould try again in a few minutes.can build and scale EFT on Microsoft Azure. Theinstructions below describe how to get started withthis type of cloud-based deployment.PrerequisitesTo run EFT on Azure, you need the following: An Azure account An EFT license key if you plan to use EFT past the30-day evaluation periodLicensingThe EFT image includes a fully functional,preconfigured copy of EFT that will operate withouta license for 30 days. After the evaluation period isover you will need to provide a license key in orderto continue using the software. The license key isnot restricted to an EFT running on Azure, but isrestricted based on the number of servers licensed.For more information on licensing please refer toEFT’s End User License Agreement or contactGlobalscape sales.2. If you get a security warning in your browser,select the option to proceed. The browser is simplyalerting you to the fact that the SSL certificateused by the site is unsigned (self-signed), and thusuntrusted. More on SSL certificates below.3. At the login page, type in the user accountcredentials as follows:Username: testuserPassword: Alaska!!4. You will be prompted to change the test account’spassword upon initial login.5. In the rare event that the EFT setup script failedand the login fails, then please contact our supportteam or RDP in and use EFT’s administrationinterface to manually configure EFT.6. When the login succeeds, then EFT’s WebTransfer Client (WTC) interface appears after afew moments, and you will be able to transfer filesfrom/to EFT using the intuitive controls provided.The WTC represents a tiny sub-set of EFT’sCreate VMfunctionality, and in fact isn’t necessary if purelyIf you haven’t done so already, log on to your Azureautomated transactions will be conducted betweenaccount, go to the Azure marketplace, and thensystems; however, the WTC is a good way tosearch for “Globalscape.” Locate the Globalscapetest that the server is running, and is useful whenEFT offering, select it, and then click Create. Specifyperson-to-business or person-to-person transfersyour desired configuration settings, and make noteare also needed.of the admin username and password you enter, asyou will need them later. Click Purchase to deployan instance of EFT. Azure’s setup process will createand launch an instance EFT, which could take severalhours.6