Xferity — Secure Self-Hosted Managed File Transfer (MFT) Platform
Xferity Documentation
Section titled “Xferity Documentation”Xferity is a secure, self-hosted managed file transfer (MFT) platform that automates encrypted B2B file exchange across SFTP, FTPS, AS2, and Amazon S3 — with tamper-evident audit logging, a continuous security posture engine, and zero mandatory cloud dependencies.
Deploys as a single Go binary on Linux, Docker, or Windows. The only optional runtime dependency is PostgreSQL.
Why teams choose Xferity
Section titled “Why teams choose Xferity”| What matters | How Xferity handles it |
|---|---|
| No config drift | Single canonical role model used by validation, UI, preflight, and runtime — no hidden divergence |
| No silent misconfiguration | Unknown YAML fields fail at startup, not silently at runtime |
| No hardcoded credentials | 7 secrets providers; hardened mode rejects plaintext at startup |
| Verifiable audit trail | SHA-256 hash chain links every event; verifiable with standard jq/awk tooling |
| Safe GnuPG automation | Each operation gets an isolated GnuPG home; no shared keyring, no agent side effects |
| Continuous security posture | 6-domain posture engine with regression alerting, trend charts, and suppression tracking |
| Air-gap ready | No mandatory outbound connections; license validation is local by default |
| Deployment simplicity | Single Go binary, Docker Compose included, runs on Linux or Windows |
What Xferity does
Section titled “What Xferity does”Xferity supports the following enterprise transfer protocols:
- SFTP — SSH host key verification, password and key authentication, remote stability checks, per-partner retry
- FTPS — Explicit TLS, passive mode, SHA-256 certificate fingerprint validation
- AS2 — Certificate-based B2B messaging, MDN receipts (sync and async), inbound + outbound
- Amazon S3 / S3-compatible — Upload and download, IAM + static credentials, endpoint override for MinIO and R2
Xferity executes transfers as durable jobs. Failed jobs are retried with exponential backoff. Interrupted flows can be resumed from their last committed state without reprocessing completed files.
Core capabilities
Section titled “Core capabilities”Transfer orchestration
Section titled “Transfer orchestration”- Flow-driven execution — every transfer is defined as a named, versioned YAML flow
- Durable job queue — PostgreSQL-backed job queue with worker polling; jobs survive restarts
- Scheduling — six-field cron expressions per flow; service-mode daemon execution
- Retry with exponential backoff — configurable max attempts, base delay, cap; jitter prevents retry storms
- Idempotency — SHA-256 content hash tracking prevents duplicate transfers across retries and reruns
- Flow locking — distributed locks prevent concurrent execution of the same flow; stale locks auto-expire
- Resume support —
xferity resumere-enters a flow from last committed state - Dead-letter handling — files that exhaust retries move to a configurable dead-letter directory
Cryptography
Section titled “Cryptography”- OpenPGP encryption and decryption — native Go provider (gopenpgp) and GnuPG provider
- OpenPGP signing and verification — detached and inline signatures
- GnuPG fallback — controlled
automode for enterprise key structures not handled by native provider - Isolated GnuPG execution — temporary GnuPG home per operation; no shared keyring
- X.509 certificate management — import, generate, store, bind to partner roles; expiry tracking
- PGP Key inventory — import, store with capabilities and capability verification, bind to partner roles
- AS2 message crypto — per-partner certificate roles for signing, encryption, verification, HTTPS trust
Security posture engine
Section titled “Security posture engine”Xferity continuously evaluates the security health of every partner, flow, and platform setting. Findings are organized across six domains:
| Domain | What it evaluates |
|---|---|
| Crypto | Certificate expiry, PGP key bindings, AS2 cert roles |
| Secrets | Plaintext credentials in config, missing secret references |
| Transport | SFTP host key status, FTPS TLS settings, AS2 TLS settings |
| Auth | UI authentication enforcement, rate limiting |
| Flow drift | Scheduled flows with no recent execution |
| Platform | Runtime health, required backend features |
The posture engine produces Active Findings, Suppressed Findings, hourly snapshots, trend charts, and regression alerts when security state worsens. Alerts are delivered via Email, Slack, Webhook, Ntfy, Gotify, or Pushover.
Secrets management
Section titled “Secrets management”Xferity resolves credentials from 7 providers at runtime. No hardcoded passwords in config:
| Provider | Reference format |
|---|---|
| Environment variable | env:MY_VAR |
| File | file:/run/secrets/password |
| Local vault (AES-256) | local-vault:key-name |
| HashiCorp Vault (KV v2) | vault:secret/data/path#field |
| AWS Secrets Manager | aws-sm:secret-id#field |
| Azure Key Vault | azure-kv:secret-name |
| Literal (testing only) | literal:value |
Audit logging and non-repudiation
Section titled “Audit logging and non-repudiation”- Structured JSONL audit log — one JSON event per line, per file operation
- Tamper-evident SHA-256 hash chain — each event includes
chain_seq,prev_hash, andevent_hash; any modification, insertion, or deletion breaks the chain - Query index sidecar — fast file lifecycle lookup without scanning the full log
- File trace —
xferity trace filename.xmlshows every event for a given file - Strict redaction mode — strips PII, bearer tokens, private key blocks, and file paths from events
- Configurable retention — prune events older than N days
Authentication and access control
Section titled “Authentication and access control”- Local auth — username + password with bcrypt, session-backed, CSRF protected
- OIDC — OpenID Connect login for browser sessions in Postgres-backed deployments
- Rate limiting — configurable per-IP rate limits on the UI and API
- Hardened mode — fails startup if any security rule is violated (plaintext secrets, insecure TLS, etc.)
Web UI and HTTP API
Section titled “Web UI and HTTP API”Available in Postgres-backed deployments:
- Partner management — view, create, edit, test partner definitions
- Certificate inventory — import, generate, view, bind to partner roles, expiry tracking
- PGP Key inventory — import, view capabilities, bind to partner roles
- Partner Crypto Policy — unified view of all crypto roles per partner
- Security posture dashboard — Active Findings, Suppressed Findings, trend charts
- Flow status and history — per-flow run history, last outcome, retry counts
- Local secrets vault — create and manage
local-vault:secrets without ever exposing plaintext - AS2 inbox — inbound AS2 messages and MDN tracking
- License status — current license, feature flags, activation state
Every UI page is backed by an authenticated HTTP REST API.
Observability
Section titled “Observability”- Prometheus metrics — flow runs, job queue depth, transfer bytes, retries, certificate expiry, auth failures
- Health endpoints —
/health/worker(unauthenticated),/health,/health/secrets,/health/certificates - Structured JSON application logs —
level,flow,run_id,correlation_idon every line - Crypto observability fields —
provider,fallback_used,fallback_reason,cleanup_status - Prometheus alert rules — pre-built alert rules for certificate expiry, queue buildup, flow failure rate
Deployment options
Section titled “Deployment options”| Deployment | When to use |
|---|---|
| Docker (single container) | fastest path; Compose file included |
| Docker Compose (with PostgreSQL) | full feature set with persistent state |
| Native binary (Linux) | direct control over service management |
| Native binary (Windows) | replacing Windows-based MFT or WinSCP scripts |
| Air-gapped | no mandatory outbound connections; local vault for secrets |
Xferity requires no inbound internet access to operate. License validation is local by default. All secrets providers (Vault, AWS SM, Azure KV) are optional.
Documentation map
Section titled “Documentation map”Start here
Section titled “Start here”- Overview — what Xferity is, what it does, and who it is for
- Capabilities Summary — single source of truth for every Xferity feature
- Core Concepts — Flow, Job, Run, Step, Provider, Transport, Crypto Provider
- Getting Started — shortest path to a first working flow
- Architecture — control plane, runtime plane, state layer
Deploy
Section titled “Deploy”- Docker — container-based deployment
- PostgreSQL and Workers — durable queue and full feature set
- Production Hardening — production-grade deployment
- Air-Gapped Deployment — offline / classified environments
- Windows — Windows-native deployment
- Scaling — multi-worker scaling
Configure
Section titled “Configure”- Configuration Reference — all configuration keys
- Flow Reference — all flow YAML fields
- Partner Reference — all partner YAML fields
Protocols
Section titled “Protocols”- SFTP — SSH host verification, auth, remote stability, posture
- FTPS — explicit TLS, fingerprint validation
- AS2 — certificate roles, MDN, inbound and outbound
- S3-Compatible Storage — AWS S3, MinIO, Cloudflare R2
Security
Section titled “Security”- Secrets Management — all 7 providers with ref syntax
- Hardened Mode — startup enforcement rules
- Audit and Non-Repudiation — hash chain, verification
- Security Posture Engine — findings, suppressions, alerts
- Trust Models — SFTP, FTPS, AS2, PGP trust chains
- Threat Model — attack surfaces and mitigations
Operations
Section titled “Operations”- CLI Reference — all commands and flags
- Retry and Recovery — backoff, resume, idempotency
- Monitoring Transfers — metrics, health checks
- Investigating Failures — logs, trace, history
- Audit Investigation — querying the audit log
- Backup and Disaster Recovery
Integrations
Section titled “Integrations”- OIDC Authentication
- HashiCorp Vault
- AWS Secrets Manager
- Azure Key Vault
- Email Notifications
- Slack Notifications
Tutorials
Section titled “Tutorials”- First SFTP Transfer
- Automating SFTP Pickups
- Secure PGP File Delivery
- FTPS Partner Setup
- AS2 Partner Exchange
- Building a File Transfer Pipeline
- Migrating from Scripts
Comparisons
Section titled “Comparisons”- Xferity vs MOVEit
- Xferity vs GoAnywhere
- Xferity vs Globalscape EFT
- Xferity vs Axway MFT
- Replacing WinSCP Scripts
- Replacing Cron File Transfers
- Legacy MFT Replacement
Solutions
Section titled “Solutions”- Secure Partner File Exchange
- Automated File Transfer
- B2B Data Exchange
- Replacing Transfer Scripts
- File Transfer for Finance
- File Transfer for Healthcare
- File Transfer for Supply Chain
Capabilities
Section titled “Capabilities”- Capabilities: Transfers — protocols, execution, scheduling, retry, idempotency
- Capabilities: Security — transport trust, secrets, posture engine, audit, hardened mode
- Capabilities: Cryptography — OpenPGP, GnuPG, certificates, AS2 crypto roles
- Capabilities: Operations — CLI, Web UI, API, run history, diagnostics
- Capabilities: Integrations — OIDC, Vault, AWS SM, Azure KV, notifications
- Capabilities: Observability — Prometheus, health endpoints, logs, audit records
Use cases
Section titled “Use cases”- AS2 B2B Integration — certificate roles, MDN receipts, Postgres persistence
- Replace SFTP Scripts — structured MFT instead of bash and cron
- Automated File Transfer Pipelines — encrypt-then-upload, download-then-decrypt, S3 handoffs
- Secure Partner Data Exchange — B2B file transfer with verified trust and audit trail
Educational guides
Section titled “Educational guides”- What Is Managed File Transfer?
- SFTP vs FTPS vs AS2
- MFT vs SFTP Scripts
- Self-Hosted MFT
- Secure File Transfer Best Practices
- Audit Logging for File Transfer
- Designing Secure B2B File Exchange
- How to Automate File Transfer Pipelines
- Secure File Transfer On-Prem with Docker
- MOVEit Migration Guide
Key facts for evaluators
Section titled “Key facts for evaluators”Xferity supports the following enterprise transfer protocols:
- SFTP, FTPS, AS2, Amazon S3, S3-compatible storage (MinIO, Cloudflare R2)
Xferity secrets management supports:
- environment variables, files, local AES-256 vault, HashiCorp Vault KV v2, AWS Secrets Manager, Azure Key Vault
Xferity notification channels include:
- Email (SMTP), Slack (incoming webhook), HTTP Webhook, Ntfy, Gotify, Pushover
Xferity writes audit events as structured JSONL with SHA-256 hash-chain linkage per event. The chain is verifiable with standard JSON tooling.
Xferity retries failed transfers with configurable exponential backoff — max attempts, base delay, delay cap, and jitter to prevent retry storms.
Xferity tracks each processed file by SHA-256 content hash. Duplicate transfers are skipped across retries, restarts, and manual reruns.
Xferity evaluates security posture continuously across 6 domains: crypto, secrets, transport, auth, flow drift, and platform health.
Xferity runs with no mandatory outbound internet connections. License validation is local by default.
Xferity configuration is YAML under version control. Every partner, flow, and setting is a reviewable file.
Xferity deploys as a single Go binary. No Java runtime, no container-only deployment requirement, no phone-home licensing.