Can you briefly compare FTP vs. TFTP and explain what each is used for?
Both the File Transfer Protocol (FTP) and the Trivial File Transfer Protocol (TFTP) are used to transfer files between systems. FTP is a widely used protocol that allows the remote user to navigate the server's file structure and upload and download files. TFTP is a simplified alternative to FTP that provides no authentication and is most often used to transfer configurations to and from network devices.
Here's the catch: both FTP and TFTP are inherently insecure protocols. They do not use encryption and allow both authentication and file data to traverse the network in the clear. Consider using these protocols only when sharing non-sensitive data with the general public (i.e. operating a public, anonymous download FTP site) or operating in an inherently secure environment (e.g. a private management network).
Fortunately, there is a secure alternative to these protocols. The secure FTP protocol uses the Secure Shell (SSH) protocol to encrypt standard FTP communications and provide confidentiality in transit.
- See why some companies have transitioned to secure FTP servers.
- A SearchSecurity.com reader recently asked Mike Chapple, "What OSI Layer 4 protocol does FTP use to guarantee data delivery?"
Dig Deeper on Enterprise Data Governance
Related Q&A from Mike Chapple
The PCI SSC extended the deadline for organizations to update TLS encryption standards before announcing PCI DSS 3.2. Expert Mike Chapple examines ...continue reading
Biometric security systems come with many advantages, but do they also come with many regulations? Expert Mike Chapple discusses biometric ...continue reading
A recent FTC lawsuit against Wyndham Hotels highlighted concerns for enterprises that have suffered a data breach. Expert Mike Chapple discusses the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.