Skip to content
Xferity

Xferity FAQ — Enterprise File Transfer Questions Answered

FAQ

Section titled “FAQ”

This FAQ answers common questions about managed file transfer, secure file exchange protocols, and how Xferity fits into self-hosted operational environments.

What is managed file transfer?

Section titled “What is managed file transfer?”

Managed file transfer (MFT) is a system for automating secure file exchange between internal systems and external partners with traceability and operational control.

In practice, MFT platforms add structure around file exchange through:

  • repeatable workflows
  • endpoint trust verification
  • scheduling and retries
  • operator visibility
  • audit records and history

What problems do MFT platforms solve?

Section titled “What problems do MFT platforms solve?”

MFT platforms are usually adopted when file exchange has outgrown scripts, manual desktop tools, or email-based processes.

Common problems they address include:

  • inconsistent trust and credential handling
  • poor visibility into what ran and what failed
  • weak retry and recovery behavior
  • no durable history for partner-facing investigations
  • difficulty reviewing file transfer logic over time

What is the difference between SFTP and FTPS?

Section titled “What is the difference between SFTP and FTPS?”

SFTP and FTPS are different protocols with different trust models.

  • SFTP runs over SSH and relies on SSH host verification.
  • FTPS uses FTP with TLS and relies on X.509 certificate validation.

Operationally, SFTP is often simpler for directory-style partner exchange, while FTPS is used when a partner requires FTP-compatible behavior with TLS.

How does AS2 message signing work?

Section titled “How does AS2 message signing work?”

AS2 message signing applies a digital signature to the message payload so the receiving side can verify who signed it and whether the signed content was modified in transit.

In AS2 deployments, signing is part of a broader certificate-based trust model that can also include:

  • encryption
  • signature verification
  • MDN receipt validation
  • HTTPS transport trust

When should you use AS2 instead of SFTP?

Section titled “When should you use AS2 instead of SFTP?”

Use AS2 when the exchange requirement is message-oriented and the protocol contract matters, not just the file payload.

AS2 is usually the better fit when:

  • a partner explicitly requires AS2
  • message signing and encryption are part of the contract
  • MDN-based acknowledgement is required
  • the workflow needs certificate-based B2B message exchange rather than remote folder polling

Use SFTP when the requirement is simpler SSH-based partner directory exchange.

What is a self-hosted managed file transfer platform?

Section titled “What is a self-hosted managed file transfer platform?”

A self-hosted managed file transfer platform is an MFT system that runs inside infrastructure your team operates.

Teams choose self-hosted MFT when they want direct control over:

  • deployment boundaries
  • keys and certificates
  • logs and audit paths
  • network routing
  • runtime operations and change control

How does Xferity fit into the MFT category?

Section titled “How does Xferity fit into the MFT category?”

Xferity is a self-hosted managed file transfer platform designed for teams replacing scripts, cron jobs, WinSCP-style automation, and legacy MFT workflows.

Xferity includes:

  • a CLI for validation, diagnostics, execution, logs, and tracing
  • a Web UI and HTTP API for operator workflows
  • protocol support for SFTP, FTPS, S3-compatible storage, and AS2
  • audit logging, run history, idempotency, and retry behavior
  • file-backed and Postgres-backed runtime modes

Does Xferity replace scripts completely?

Section titled “Does Xferity replace scripts completely?”

Not always.

Some teams continue using scripts around Xferity for surrounding operational tasks such as packaging, upstream exports, or deployment automation.

What Xferity replaces is the need to keep the core transfer workflow itself embedded in many custom scripts.

What makes a file transfer workflow auditable?

Section titled “What makes a file transfer workflow auditable?”

A file transfer workflow becomes more auditable when operators can answer questions such as:

  • what ran
  • when it ran
  • which file was processed
  • which partner endpoint was involved
  • what the result was
  • what happened during retries or recovery

In Xferity, that evidence comes from logs, run history, status, and audit records.

Section titled “Does audit logging create legal non-repudiation by itself?”

No.

Audit logging can provide strong operational evidence and tamper-evident event linkage, but it does not create legal non-repudiation guarantees by itself.

That also depends on the surrounding trust boundary, retention model, access controls, and external evidence handling.

How do Postgres workers change the deployment model?

Section titled “How do Postgres workers change the deployment model?”

Postgres-backed deployments add durable shared state and worker-based execution.

This changes the operating model by introducing:

  • queued jobs
  • shared state across processes
  • authenticated browser sessions in supported deployments
  • richer AS2, certificate, and secret-store persistence features

Where should a new team start?

Section titled “Where should a new team start?”

Start with:

  1. Overview
  2. Getting Started
  3. Deployment
  4. Protocols
  5. Security

Then use the problem pages and protocol pages for the specific workflow you are implementing.