Use Upload Widgets to Receive Files on Your Site or Blog. Some of our premium plans include 1 or more Upload Widgets that allow you to receive large files directly on your web site or on a custom TransferBigFiles.com URL. Easily customize the fields you require and use any of 24 themes to match your site's style.
Join the conversation. You can post now and register later. If you have an account, sign in now to post with your account.
Download 11,100 courier free vectors. Choose from over a million free vectors, clipart graphics, vector art images, design templates, and illustrations created by artists worldwide!
Take control of your media assets 100% free, open source software released under GPL 3.0 Easy to use media web gallery you install on your web server Unlimited albums, media files and users Quickly build your gallery by synchronizing with existing photos, videos, audio files,.
LiquidFiles is a Virtual Appliance that helps Companies and Organizations Send, Receive & Share Large Files, Fast & Securely
Download Now
FREE 45 Day Trial No credit card required
LiquidFiles is a Virtual Appliance (pre-configured software including operating system) that you install in your VMware, Microsoft Hyper-V, Xen environment, in your own private Amazon EC2 Cloud or if you prefer on a dedicated server. In most cases you will be up and running and sending your first large file within minutes of downloading the trial.
LiquidFiles Product Highlights
LiquidFiles aims to fulfil all needs most organizations need to Send, Receive and Share Files of any file size in and out of your environment:
Send Unlimited Sized Files to anyone using a simple Webmail-like Interface
Receive Unlimited Sized Files from anywhere using modern and legacy methods.
File and Folder Sharing with internal and external teams.
Request Files with a simple link for the receiver to use when responding to the request.
FTPdrops that can receive files and send to internal users using FTP/FTPs/SFTP or SCP.
FTPdir - like a traditional FTP server to integrate into existing workflows using FTP/FTPs/SFTP or SCP.
Emaildrops - Receive Files Securely using email with additional tracking.
When we say Large Files, we mean it
LiquidFiles has no file size limit. That's right, no limit. You can send files larger than 100GB+ if you want.
LiquidFiles uses modern HTML 5 methods for sending files, seamlessly splitting large files in 100MB blocks when uploading. 1, 2, 10 or 10,000 of these 100MB blocks makes no difference. This means that the only size limitations are the size of the disk you assign LiquidFiles and the administrative limit you set for your users.
So no more 1 or 2 GB size limits that typically exists on so many cloud services and competing products. With LiquidFiles you can definitely make overnight shipping a thing of the past, even if you're sending many Gigabytes of data.
Filedrop pages Receiving Large Files
Receiving large files is often as much of a hassle as sending large files. With LiquidFiles you can configure Filedrop pages. A Filedrop is a page where any files uploaded is sent to a pre-defined recipient (or recipients). There are system wide Filedrops for company wide uses, or user Filedrops where each of your users will have their own Filedrop page and any file uploaded there will be delivered to them.
Your users will love it, your customers will love it and the IT department loves it as this is one less thing they will be bothered by the staff to do on an ad-hoc basis.
Outlook Plugin Super Easy to use
Using the Outlook plugin, it's never been easier to send files. Click Secure Attach instead of attach in Outlook and you are done! By default, files will also automatically use LiquidFiles if any file attached is larger than 20MB - you can set this limit to anything you want.
Confirmation
No more waiting around. A confirmation email will be sent as soon as your files are downloaded. No guessing needed and no one will be able to claim the didn't receive the document. You have the logs and confirmation to prove it. You can even show on a map exactly where the file was downloaded from, how fast it downloaded and what browser and operating system was used.
LDAP / Active Directory Integration
With the LDAP/Active Directory Integration, you don't need to setup any users. Simply point your LiquidFiles Virtual Appliance to your LDAP server and your users will be able to authenticate and user accounts created automatically.
If you need, you can also set up multiple LDAP/AD servers and they will be searched in your specified order.
Strong, Two Factor Authentication
For some, using two factor authentication is the holy grail of security, and LiquidFiles support it out of the box. You can enable it for different groups of users, like all your administrators, or for individual users.
Single Sign-On (SSO)
LiquidFiles supports the standardized SAML2 standard for Single Sign-On, and also a simplified pre-shared secret method for automatically log users into your LiquidFiles system.
Speaks Your Language — Looks Like You
All public LiquidFiles pages are fully localizable. Many users have shared their language files and there are currently language files available for German, French, Spanish, Dutch, Italian, Turkish, Swedish, Czech & more.
You can override all stylesheets, upload your own logos to use on the front page, headers and footers. The text on the front page of your LiquidFiles installation is directly editable.
Integrates in your existing environment
LiquidFiles has an API that you can use to integrate Sending Large Files Securely from your existing system. It could be that you have a payment system and you want the send payslips to your employees directly from the payment system. You can then use the API to integrate sending files using LiquidFiles directly from the payment system and will not only send files securely but get tracking as well.
The API uses standardised protocols, http(s), REST, JSON and XML. You can use any programming language to send your secure files.
Your Files in Your Control An Auditors Dream
LiquidFiles is different from most other Large File Transfer Functions in that you will always have control over your data.
Regardless if you're sending board papers, CAD drawings of your latest invention, sensitive client or patient data — you can rest assured that your sensitive documents are not being shared on the same server as files from other companies or organizations.
Your Auditors will love this (this is if Auditors in fact love anything).
Local Deployment in your own data centre
If you want to deploy LiquidFiles in your own environment, download the VMware, Hyper-V or ISO image and install in your own data centre and under your control. If you want maximum performance and control of your data, this is the preferred and most secure way to deploy LiquidFiles. Much more Secure than any Cloud Service.
Cloud Deployment in the Amazon EC2 cloud
You can also choose to deploy LiquidFiles in your own private Amazon EC2 cloud. No local installation necessary and you still keep complete control over your data.
Cloud services are great, and we believe that this is the best of both worlds — someone else runs the servers for you. But this is still your installation, in your control. No one else can get access to your secure files and your files don't share location with files from other companies.
Secure by default
Encrypted — All files are transferred with Strong 256 bit FIPS approved encryption.
Authenticated — All downloads are authenticated (your can disable authentication if it's not needed, per message or system wide) ensuring that only the intended recipient will receive the files. Even Unauthenticated messages are protected using Strong Random Numbers to ensure only recipients with access to the secure link will be able to access the message.
Audited / Logged — All transfers are logged, giving you proof of any files sent in and out of the organization.
Scanned — All files are Virus Scanned when uploaded and deleted if found to be infected. You can integrate with your own custom file scanning and you can limit what types are files each user is allowed to send.
Self Managed
The LiquidFiles Virtual Appliance is architected to be as self managed as it can be. All files have an expiration date and will be automatically deleted when the expiration has passed. With LDAP integration you don't even have to configure any users. It's as set and forget as it can be.
You can configure automatic Group Assignment in LiquidFiles so that your Project Group Alpha group in Active Directory automatically gets assigned to the Project Alpha LiquidFiles group. And users from @yourpartner.com automatically gets assigned to a Partner Group in LiquidFiles, that has access to the Partner Info file share. Doyourdata super eraser 5 7 x 9.
Scalable will grow with your needs
While the typical LiquidFiles customer is a company or organization with between about 10 and 1000 users, there are plenty of installations in multinational enterprises, government departments and universities with thousands and thousands of users.
For small to medium installs, or where performance is not critical, a virtualized installation in VMware or any other virtual platform is the most common option. For larger installs, or if performance is critical, the best option is to install LiquidFiles on dedicated hardware.
Simple, No Nonsense Pricing
Courier 1 3 2 – Share Files Images And More Beautiful
LiquidFiles has license brackets from Unlimited Users down to a 5 user license. You only need licenses for your own local users. You don't need any licenses for any receiving user so you don't need to purchase license for your customers. Only your local users.
There are no lock-in contracts, hidden gotchas, reinstatement fees, payment for support or additional features. You sign up for the number of users you need and it's valid for the timeframe you purchased it for. When the license expires you won't be able to send any more files but you can still download files you've already sent.
What some of our customers say..
There is no other product of this type that I have found that is such a cost effective solution with the outstading personal support offerd. Install - Try - Then Buy .. you wont be dissapointed.
-- Darren A
This is a excellent product for the legal industry for large file transfers. This product has saved us a lot of money in shipping CD/DVD media to clients.
-- Russ Harmon
These was just a highlight of the Features available with LiquidFiles. We could go on, but if you like what you read so far, the best way to see for yourself if LiquidFiles is going to suit your needs is to download a trial and see for yourself.
Please click on the Download Now! button below and you can register and start your trial today!
-->
Applies to: Windows Server 2012 R2, Windows Server 2012, Windows Server 2016
This topic explains the SMB security enhancements in Windows Server 2012 R2, Windows Server 2012, and Windows Server 2016.
SMB Encryption
SMB Encryption provides end-to-end encryption of SMB data and protects data from eavesdropping occurrences on untrusted networks. You can deploy SMB Encryption with minimal effort, but it may require small additional costs for specialized hardware or software. It has no requirements for Internet Protocol security (IPsec) or WAN accelerators. SMB Encryption can be configured on a per share basis or for the entire file server, and it can be enabled for a variety of scenarios where data traverses untrusted networks.
Note
SMB Encryption does not cover security at rest, which is typically handled by BitLocker Drive Encryption.
SMB Encryption should be considered for any scenario in which sensitive data needs to be protected from man-in-the-middle attacks. Possible scenarios include:
Courier 1 3 2 – Share Files Images And More People
An information worker's sensitive data is moved by using the SMB protocol. SMB Encryption offers an end-to-end privacy and integrity assurance between the file server and the client, regardless of the networks traversed, such as wide area network (WAN) connections that are maintained by non-Microsoft providers.
SMB 3.0 enables file servers to provide continuously available storage for server applications, such as SQL Server or Hyper-V. Enabling SMB Encryption provides an opportunity to protect that information from snooping attacks. SMB Encryption is simpler to use than the dedicated hardware solutions that are required for most storage area networks (SANs).
Important
You should note that there is a notable performance operating cost with any end-to-end encryption protection when compared to non-encrypted.
Enable SMB Encryption
You can enable SMB Encryption for the entire file server or only for specific file shares. Use one of the following procedures to enable SMB Encryption:
Enable SMB Encryption with Windows PowerShell
To enable SMB Encryption for an individual file share, type the following script on the server:
To enable SMB Encryption for the entire file server, type the following script on the server:
To create a new SMB file share with SMB Encryption enabled, type the following script:
Enable SMB Encryption with Server Manager
In Server Manager, open File and Storage Services.
Select Shares to open the Shares management page.
Right-click the share on which you want to enable SMB Encryption, and then select Properties.
On the Settings page of the share, select Encrypt data access. Remote file access to this share is encrypted.
Considerations for deploying SMB Encryption
By default, when SMB Encryption is enabled for a file share or server, only SMB 3.0 clients are allowed to access the specified file shares. This enforces the administrator's intent of safeguarding the data for all clients that access the shares. However, in some circumstances, an administrator may want to allow unencrypted access for clients that do not support SMB 3.0 (for example, during a transition period when mixed client operating system versions are being used). To allow unencrypted access for clients that do not support SMB 3.0, type the following script in Windows PowerShell:
The secure dialect negotiation capability described in the next section prevents a man-in-the-middle attack from downgrading a connection from SMB 3.0 to SMB 2.0 (which would use unencrypted access). However, it does not prevent a downgrade to SMB 1.0, which would also result in unencrypted access. To guarantee that SMB 3.0 clients always use SMB Encryption to access encrypted shares, you must disable the SMB 1.0 server. (For instructions, see the section Disabling SMB 1.0.) If the –RejectUnencryptedAccess setting is left at its default setting of $true, only encryption-capable SMB 3.0 clients are allowed to access the file shares (SMB 1.0 clients will also be rejected).
Note
SMB Encryption uses the Advanced Encryption Standard (AES)-CCM algorithm to encrypt and decrypt the data. AES-CCM also provides data integrity validation (signing) for encrypted file shares, regardless of the SMB signing settings. If you want to enable SMB signing without encryption, you can continue to do this. For more information, see The Basics of SMB Signing.
You may encounter issues when you attempt to access the file share or server if your organization uses wide area network (WAN) acceleration appliances.
With a default configuration (where there is no unencrypted access allowed to encrypted file shares), if clients that do not support SMB 3.0 attempt to access an encrypted file share, Event ID 1003 is logged to the Microsoft-Windows-SmbServer/Operational event log, and the client will receive an Access denied error message.
SMB Encryption and the Encrypting File System (EFS) in the NTFS file system are unrelated, and SMB Encryption does not require or depend on using EFS.
SMB Encryption and the BitLocker Drive Encryption are unrelated, and SMB Encryption does not require or depend on using BitLocker Drive Encryption.
Secure dialect negotiation
SMB 3.0 is capable of detecting man-in-the-middle attacks that attempt to downgrade the SMB 2.0 or SMB 3.0 protocol or the capabilities that the client and server negotiate. When such an attack is detected by the client or the server, the connection is disconnected and event ID 1005 is logged in the Microsoft-Windows-SmbServer/Operational event log. Secure dialect negotiation cannot detect or prevent downgrades from SMB 2.0 or 3.0 to SMB 1.0. Because of this, and to take advantage of the full capabilities of SMB Encryption, we strongly recommend that you disable the SMB 1.0 server. For more information, see Disabling SMB 1.0.
The secure dialect negotiation capability that is described in the next section prevents a man-in-the-middle attack from downgrading a connection from SMB 3 to SMB 2 (which would use unencrypted access); however, it does not prevent downgrades to SMB 1, which would also result in unencrypted access. For more information on potential issues with earlier non-Windows implementations of SMB, see the Microsoft Knowledge Base.
New signing algorithm
SMB 3.0 uses a more recent encryption algorithm for signing: Advanced Encryption Standard (AES)-cipher-based message authentication code (CMAC). SMB 2.0 used the older HMAC-SHA256 encryption algorithm. AES-CMAC and AES-CCM can significantly accelerate data encryption on most modern CPUs that have AES instruction support. For more information, see The Basics of SMB Signing.
Disabling SMB 1.0
Courier 1 3 2 – Share Files Images And More Efficient
The legacy computer browser service and Remote Administration Protocol features in SMB 1.0 are now separate, and they can be eliminated. These features are still enabled by default, but if you do not have older SMB clients, such as computers running Windows Server 2003 or Windows XP, you can remove the SMB 1.0 features to increase security and potentially reduce patching.
Courier 1 3 2 – Share Files Images And More Often
Note
SMB 2.0 was introduced in Windows Server 2008 and Windows Vista. Older clients, such as computers running Windows Server 2003 or Windows XP, do not support SMB 2.0; and therefore, they will not be able to access file shares or print shares if the SMB 1.0 server is disabled. In addition, some non-Microsoft SMB clients may not be able to access SMB 2.0 file shares or print shares (for example, printers with “scan-to-share” functionality).
Before you start disabling SMB 1.0, you'll need to find out if your SMB clients are currently connected to the server running SMB 1.0. To do this, enter the following cmdlet in Windows PowerShell:
Note
You should run this script repeatedly over the course of a week (multiple times each day) to build an audit trail. You could also run this as a scheduled task.
To disable SMB 1.0, enter the following script in Windows PowerShell:
Note
If an SMB client connection is denied because the server running SMB 1.0 has been disabled, event ID 1001 will be logged in the Microsoft-Windows-SmbServer/Operational event log.
More information
Here are some additional resources about SMB and related technologies in Windows Server 2012.