SOFiE - Safe Online File Exchange

The SOFiE application is designed for the safe exchange of files of any size and type. It offers a top-level of security for sending and receiving files, both within your company and when communicating with external partners. The protection and security of data in the SOFiE application achieve a level that cannot be reached by regular use of email, FTP servers, or public cloud services. At the same time, the application provides a simple and comfortable interface for users. In other words, SOFiE is the best and safe way to exchange files online, including sensitive information, and sets a new standard for security and convenience in digital communication.

Example of the SOFiE application usage inside a company

Why do you need the SOFiE application?

You need an easy way to send or receive files that are too large for email.
You want maximum assurance that the files you receive are safe and do not contain viruses or other malicious code.
You cannot afford to upload your files with sensitive data to the cloud, where you would lose full control over them.
Your users desire a simple web interface that is easy to use.
You require detailed logs with an audit of all transfers, actions, and events.

If one or more of these points describe your needs, the SOFiE application is the right solution for you.

Full Control Over Data

Unlike publicly available data sharing services, SOFiE allows you to maintain full control over your uploaded data and files. The application can be deployed in your own environment on your own infrastructure. This way, you do not face the risk of entrusting your sensitive files to a third party.

The Application Includes Detailed Activity Auditing

SOFiE contains a detailed audit log of all actions and processes within the application, including user logins, sending, and receiving files. These logs can be sent to a central syslog or SIEM.

Compliant with NÚKIB recommendations

SOFiE includes security technologies and processes that help fulfill the recommendations for administrators.

Release Notes

Integration of SOFiE and Sandbox

SOFiE and FORTISANDBOX FortiSandbox datasheet SOFiE and SANDBLAST Sandblast datasheet

Main features

Integrated file protection using anti-virus engines and Sandboxes, which detect even Zero-Day threats.

Clientless solution - users need only a web browser (no plugins or other software required for clients).

Adjustable file lifetime (automatic removal of files based on a user's or administrator's setting).

Support for encrypting files in the application store - "encryption at rest".

The application includes an API for integration into third-party applications.

Support for one-time and regular data integrity checks to detect possible file corruption.

Problems with e-mail attachments

Attachment size problem

Most e-mail servers limit the size of attachments to less than a 50 MB (often even 5 MB or 10 MB). E-mail communication is therefore not suitable for exchange of large files, which often exceed these size limits for attachments.

Attachment blocking problem

The security nowadays often requires using highly restrictive policies for attachments allowed in e-mails. Such policies for example block executable files, documents containing macros and even archives containing such files.

Solution

The SOFiE application enables you to safely send and receive files, which are problematic in e-mail communication.

SOFiE

Safe Online File Exchange

Anonymous
users

Logs and alerts

Active directory Single Sign-On

Antivirus

Internal users with login

Reporting and auditing

MFA authentication (FIDO2, TOTP)

Sandbox

Defined administrator roles

Backup and external storage

SSL / TLS certificates

API (other integration options)

Security

Support for file encryption in storage „encryption at rest".
Data transfers are encrypted using HTTPS / TLS by default.
Option for multi-factor authentication (MFA - FIDO2 and TOTP).
Integration of single sign-on (SSO) with ADFS and OpenID Connect providers.
Support for one-time and regular data integrity checks.
Support for password policies, including prevention of the use of known leaked passwords.
Spam protection (CAPTCHA).
Login restrictions from configurable IP address ranges.
Logging of all system activities.
Option to export logs to remote syslog for external processing (SIEM support).
Antivirus scanning of files.
Optional file inspection using sandboxing engine (prevention of zero-day malware).
Option to convert files into a safe form - Content Disarm and Reconstruction (CDR).

Penetration tests

The security of the application is repeatedly verified through penetration tests conducted by NETHEMBA corporation.

Platform and deployment

The SOFiE application can be deployed:
1. locally in the customer's environment (ON-PREMISE)
  - Installation as a virtual machine (VMware, Hyper-V, KVM, Xen.)
  - Installation on a physical server (RHEL, CentOS, Rocky Linux).
2. in a cloud environment
Thanks to this flexibility, the application can be deployed and operated in a way that suits the specific needs and environment of each customer.

Supported platforms

NEW VERSION - SOFiE 2.4

Support for folders in packages: Tree structure of folders and files, easy creation, deletion, renaming, and moving within the package detail, including newly configurable views for better clarity.
Organization of users and permissions using groups: Grouping users into groups with automatic mapping via AD/ADFS/OIDC and permission settings based on these groups.
Safe access to packages via SFTP: Downloading and uploading files using the SFTP protocol. Support for SSH keys for safe user authentication. (SFTP requires an additional license.)
New API v2: Extended API with new features, including user and package management, enabling better automation and integration with other systems.
Bulk actions for users: Ability to run actions on multiple packages or multiple files within a package.
Limits for maximum nesting depth (e.g., archive within archive) and maximum number of nested objects (files in an archive).
Sandbox filters: It's possible to set the system to send only selected file types for sandbox analysis; sending all files is not required.

Release notes