SOFiE - Safe Online File Exchange

The SOFiE application is designed for the safe exchange of files of any size and type. It offers a top-level of security for sending and receiving files, both within your company and when communicating with external partners. The protection and security of data in the SOFiE application achieve a level that cannot be reached by regular use of email, FTP servers, or public cloud services. At the same time, the application provides a simple and comfortable interface for users. In other words, SOFiE is the best and safe way to exchange files online, including sensitive information, and sets a new standard for security and convenience in digital communication.

Example of the SOFiE application usage inside a company

Why do you need the SOFiE application?

You need an easy way to send or receive files that are too large for email.
You want maximum assurance that the files you receive are safe and do not contain viruses or other malicious code.
You cannot afford to upload your files with sensitive data to the cloud, where you would lose full control over them.
Your users desire a simple web interface that is easy to use.
You require detailed logs with an audit of all transfers, actions, and events.

If one or more of these points describe your needs, the SOFiE application is the right solution for you.

Full Control Over Data

Unlike publicly available data sharing services, SOFiE allows you to maintain full control over your uploaded data and files. The application can be deployed in your own environment on your own infrastructure. This way, you do not face the risk of entrusting your sensitive files to a third party.

The Application Includes Detailed Activity Auditing

SOFiE contains a detailed audit log of all actions and processes within the application, including user logins, sending, and receiving files. These logs can be sent to a central syslog or SIEM.

Compliant with NÚKIB recommendations

SOFiE includes security technologies and processes that help fulfill the recommendations for administrators.

Release Notes

Integration of SOFiE and Sandbox

SOFiE and FORTISANDBOX FortiSandbox datasheet SOFiE and SANDBLAST Sandblast datasheet

Main features

Integrated file protection using anti-virus engines and Sandboxes, which detect even Zero-Day threats.

Clientless solution - users need only a web browser (no plugins or other software required for clients).

Adjustable file lifetime (automatic removal of files based on a user's or administrator's setting).

Support for encrypting files in the application store - "encryption at rest".

The application includes an API for integration into third-party applications.

Support for one-time and regular data integrity checks to detect possible file corruption.

Problems with e-mail attachments

Attachment size problem

Most e-mail servers limit the size of attachments to less than a 50 MB (often even 5 MB or 10 MB). E-mail communication is therefore not suitable for exchange of large files, which often exceed these size limits for attachments.

Attachment blocking problem

The security nowadays often requires using highly restrictive policies for attachments allowed in e-mails. Such policies for example block executable files, documents containing macros and even archives containing such files.

Solution

The SOFiE application enables you to safely send and receive files, which are problematic in e-mail communication.

SOFiE

Safe Online File Exchange

Anonymous
users

Logs and alerts

Active directory Single Sign-On

Antivirus

Internal users with login

Reporting and auditing

MFA authentication (FIDO2, TOTP)

Sandbox

Defined administrator roles

Backup and external storage

SSL / TLS certificates

API (other integration options)

Security

Support for file encryption in storage „encryption at rest".
Data transfers are encrypted using HTTPS / TLS by default.
Option for multi-factor authentication (MFA - FIDO2 and TOTP).
Integration of single sign-on (SSO) with ADFS and OpenID Connect providers.
Support for one-time and regular data integrity checks.
Support for password policies, including prevention of the use of known leaked passwords.
Spam protection (CAPTCHA).
Login restrictions from configurable IP address ranges.
Logging of all system activities.
Option to export logs to remote syslog for external processing (SIEM support).
Antivirus scanning of files.
Optional file inspection using sandboxing engine (prevention of zero-day malware).
Option to convert files into a safe form - Content Disarm and Reconstruction (CDR).

Penetration tests

The security of the application is repeatedly verified through penetration tests conducted by NETHEMBA corporation.

Platform and deployment

The SOFiE application can be deployed:
1. locally in the customer's environment (ON-PREMISE)
  - Installation as a virtual machine (VMware, Hyper-V, KVM, Xen.)
  - Installation on a physical server (RHEL, CentOS, Rocky Linux).
2. in a cloud environment
Thanks to this flexibility, the application can be deployed and operated in a way that suits the specific needs and environment of each customer.

Supported platforms

NEW VERSION - SOFiE 2.3

Content Disarm and Reconstruction - support for converting compatible documents/files into a safe form (clean PDF without active elements).
Support for OpenID Connect (OIDC) for user login to the application. This allows for integration with Azure AD or Google.
Option to block access to the application based on various source attributes (IP, reverse record, geolocation, User-Agent header).
Option for generating random passwords for packages directly in the form.
Support for offline installation (in an environment completely without the Internet).

Release notes