Can you briefly compare FTP vs. TFTP and explain what each is used for?
Both the File Transfer Protocol (FTP) and the Trivial File Transfer Protocol (TFTP) are used to transfer files between systems. FTP is a widely used protocol that allows the remote user to navigate the server's file structure and upload and download files. TFTP is a simplified alternative to FTP that provides no authentication and is most often used to transfer configurations to and from network devices.
Here's the catch: both FTP and TFTP are inherently insecure protocols. They do not use encryption and allow both authentication and file data to traverse the network in the clear. Consider using these protocols only when sharing non-sensitive data with the general public (i.e. operating a public, anonymous download FTP site) or operating in an inherently secure environment (e.g. a private management network).
Fortunately, there is a secure alternative to these protocols. The secure FTP protocol uses the Secure Shell (SSH) protocol to encrypt standard FTP communications and provide confidentiality in transit.
- See why some companies have transitioned to secure FTP servers.
- A SearchSecurity.com reader recently asked Mike Chapple, "What OSI Layer 4 protocol does FTP use to guarantee data delivery?"
Dig Deeper on Enterprise Data Governance
Related Q&A from Mike Chapple
The rights of medical identity theft victims have been confused by health providers, but the rules under HIPAA are actually quite clear. Expert Mike ...continue reading
The New York State Department of Financial Services announced plans to increase cybersecurity regulations for financial firms. Here's what they need ...continue reading
Smaller organizations have a tougher time handling the compliance burden, specifically from the PCI DSS requirements. Expert Mike Chapple has some ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.