Can you briefly compare FTP vs. TFTP and explain what each is used for?
Both the File Transfer Protocol (FTP) and the Trivial File Transfer Protocol (TFTP) are used to transfer files between systems. FTP is a widely used protocol that allows the remote user to navigate the server's file structure and upload and download files. TFTP is a simplified alternative to FTP that provides no authentication and is most often used to transfer configurations to and from network devices.
Here's the catch: both FTP and TFTP are inherently insecure protocols. They do not use encryption and allow both authentication and file data to traverse the network in the clear. Consider using these protocols only when sharing non-sensitive data with the general public (i.e. operating a public, anonymous download FTP site) or operating in an inherently secure environment (e.g. a private management network).
Fortunately, there is a secure alternative to these protocols. The secure FTP protocol uses the Secure Shell (SSH) protocol to encrypt standard FTP communications and provide confidentiality in transit.
- See why some companies have transitioned to secure FTP servers.
- A SearchSecurity.com reader recently asked Mike Chapple, "What OSI Layer 4 protocol does FTP use to guarantee data delivery?"
Dig deeper on Enterprise Data Governance
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.