Often, the terms FTPS vs FTP vs SFTP will be exchanged as data management geeks converse in their tech groups.

It may just happen that these terms are familiar with you but you may have not gone much deeper into what they stand for or represent.

Let’s begin with a brief about what each of them does.

FTPS is a File Transfer Protocol that has support for Transport Layer Security also known as TLS or SSL. On the other hand FTP – File Transfer Protocol – and SFTP – SSH File Transfer Protocol – are protocols that allow the remote transfer of files between server and client.

 

These transfer protocols bearing similar names have often brought plenty of confusion and it is best to be familiar with the differences between them.

You will soon realize that having this precious knowledge of distinguishing FTPS vs FTP vs SFTP in mind will be of great value than you had ever imagined,

So, read on. 

You will gather that in the file transfer world of today the most common protocols in use are FTP, FTPS, and SFTP.

Despite the similarity in acronyms of these protocols, they bear some key differences between them, in particular how the exchange of data takes place, the security levels provided, and considerations regarding firewalls.

Familiarizing yourself with these key differences can help you when making the FTPS vs FTP vs SFTP file transfer protocol choice or solving common connection issues.

FTPS

FTPS vs FTP vs SFTP

FTPs is the term used to describe several ways in which FTP software performs secure file transfers.

Each of these ways takes in the use of an SSL of TLS layer under the regular FTP protocol to enable encryption of the control and data channels.

Times have changed and data security is an everyday concern. Sending data without encryption over any public network is very risky.

Some scenarios prohibit this and provisions are made to ensure all data transmissions are encrypted. Examples of this are the HIPAA and PCI-DSS regulations. 

To address the file transfer security issue is the extension RFC2228 that protects all FTP data with SSL encryption as it travels over a network. 

 

Pros of using FTPS:

  • Popular and used by many.
  • The communication involved is understandable and readable by humans.
  • Services for file transfer in-between servers are available.
  • SSL/TLS authentication mechanisms are good (X.509 certified features).
  • Many internet communications frameworks have in-built support for FTP and SSL/TLS.

Cons of Using FTPS:

  • Lacks a standardized format for directory listing.
  • A secondary DATA channel is required, making it hard to utilize behind firewalls.
  • Doesn’t have a defined standard for file name character sets (encodings).
  • SSL/TLS isn’t supported by all FTP servers.
  • No standard way to obtain and change directory attributes or files.

 

FTP

FTPS vs FTP vs SFTP

FTP is a file transfer protocol that moves files to and from computers connected on a network. With FTP you can;

  • Swap files from one computer account to another
  • Move files between a desktop computer and an account
  • Gain access to online software repositories

However, FTP sites tend to be heavily used and will often require several attempts before a connection is achieved. Additionally, FTP lacks encryption. The Data Channel and Command are not encrypted; therefore, data sent through these channels can be captured and read. 

This vulnerability of FTP has often been exploited via the – man-in-the-middle attack – which uses a packet sniffer and ARP poisoning.

 

Pros of Using FTP:

  • There is no size limitation to any single transfer, unlike browsers that have a limit of up to 2 GB.
  • Ability to transfer multiple directories as well as files.
  • Faster transfers than HTTP.
  • If the connection is lost a transfer can still be resumed.
  • Adding items to a “queue” to be uploaded or downloaded is possible.
  • Most clients have a synchronizing utility.
  • Scheduled transfers are possible (many FTP clients have this ability).
  • Scripting capabilities available to clients via command line.

Cons of Using FTP:

  • The communication is binary and isn’t readable by humans.
  • Operations for recursive directory removal and server-to-server copy are unavailable.
  • Compatibility problems in software from different vendors arise from the standards defining certain things as optional or recommended.
  • In VCL and .NET frameworks, there is no built-in SSH/SFTP support.
  • Managing and validating SSH keys is hard.

 

SFTP

FTPS vs FTP vs SFTP

SFTP is a network protocol that offers file manipulation and transfers functionality via any dependable data stream. Usually, the application of the SSH File Transfer Protocol or SFTP is used alongside the TCP port 22 (SSH-2 protocol) to ensure file transfer is secure.

Regardless of this, SFTP can be used along with other protocols as well.

Pros of Using SFTP:

  • The communication is binary and isn’t readable by humans.
  • Operations for recursive directory removal and server-to-server copy are unavailable.
  • Compatibility problems in software from different vendors arise from the standards defining certain things as optional or recommended.
  • In VCL and .NET frameworks, there is no built-in SSH/SFTP support.
  • Managing and validating SSH keys is hard.

Cons of SFTP:

  • The communication is binary and isn’t readable by humans.
  • Operations for recursive directory removal and server-to-server copy are unavailable.
  • Compatibility problems in software from different vendors arise from the standards defining certain things as optional or recommended.
  • In VCL and .NET frameworks, there is no built-in SSH/SFTP support.
  • Managing and validating SSH keys is hard.

 

Lastly

You are now a step ahead in the knowledge of the terms FTPS vs FTP vs SFTP. The abbreviation SFTP is commonly mistaken to identify some type of Secure FTP, which in most instances people often means FTPS. Similarly, people often mistake SFTP as some type of FTP over SSL. The fact is SFTP stands for SSH File Transfer Protocol as indicated earlier. Remember, SFTP is neither FTP over SSL nor FTP over SSH.