SFTP is a protocol for transferring files securely—or, more simply put, a way to transfer files between machines over a secure connection. SFTP, which stands for SSH (or Secure) File Transfer Protocol, was developed in the 1990s, and is natively secure so that if you send confidential data, it can’t be intercepted.
What is a Protocol?
To understand SFTP fully, it is important to first know exactly what a protocol is. According to Techopedia.com, “a protocol is a set of rules and guidelines for communicating data. Rules are defined for each step and process during communication between two or more computers. Networks have to follow these rules to successfully transmit data.”
Other examples of commonly-known protocols are FTP and HTTP, which you should recognize if you have ever used an internet browser.
SFTP Clients and Servers
In order to use SFTP, an SFTP client and an SFTP server are required. An SFTP Client is software that gives you the ability to connect to an SFTP Server. This client software allows you to upload files to be stored on the server, or to download files that are already stored on the server.
An SFTP Server is basically a place to store files or a place where you can retrieve files. For example, a software vendor may store software updates on an SFTP Server and allow customers to download the files with an SFTP Client.
Going Deeper—How Does SFTP Work?
SFTP usually runs on Port 22 (port numbers are part of the addressing information used to identify the senders and receivers of messages). However, it can be assigned to whatever port number you choose.
The SFTP protocol is packet-based instead of text-based. Packet-based protocols are easier to process because they are compact, whereas text-based protocols can contain a larger amount of characters that can take more time to process. Therefore, SFTP is typically faster than other protocols because less data is crossing the wire.
SFTP Benefits
Since SFTP runs over SSH, it is inherently secure. There is no non-secure version—the encryption cannot be triggered or turned off by anyone. This is a plus for companies that are trying to enforce corporate security policies.
Most versions of SFTP Server software are also able to deliver a much richer and more detailed set of data about the files, such as the permissions, date, time, size, and other information not normally available, thanks to the more robust request protocol of SFTP.
Interested in trying an SFTP Server in your environment?