Glossary

Active Directory (AD)

A directory service (a superset of LDAP) developed by Microsoft for Windows domain networks, used for managing permissions and access to networked resources.

Admin

A user with management privileges for a specific Virtual Site within Syncplify Server!.

Binding

A network endpoint (IP address and port) that Syncplify Server! listens on to accept connections for a specific protocol or service.

Certificate Signing Request (CSR)

A specially formatted encrypted message sent from an applicant (e.g., a server) to a Certificate Authority (CA) to request the issuance of a digital certificate. A CSR contains information such as the domain name, organization name, and public key. It is typically generated on the machine or VM where the certificate will be used to ensure the integrity of the key pair.

CIDR (Classless Inter-Domain Routing)

A method for allocating IP addresses and routing Internet Protocol packets. CIDR notation (e.g., 192.168.0.0/24) specifies an IP address range using a combination of an IP address and a prefix length, allowing for more efficient and flexible allocation than traditional class-based addressing.

Cipher Suite

A set of cryptographic algorithms used to secure network connections through protocols like SSL/TLS.

CORS (Cross-Origin Resource Sharing)

A security mechanism that allows web applications running on one domain to access resources from a different domain.

DMZ (Demilitarized Zone)

A physical or logical subnetwork that separates an internal local area network (LAN) from untrusted external networks, typically the internet. It adds an additional layer of security to an organization's local network.

Event Handling

The process of triggering scripts to act upon specific occurrences or actions within the server, such as file uploads or user logins.

FTP (File Transfer Protocol)

A standard network protocol used for transferring files between a client and server on a computer network.

HAProxy Protocol

A network protocol designed to preserve a client's original IP address when traffic passes through a proxy or load balancer. This protocol allows servers to receive important client information that would otherwise be lost due to the proxy's IP address replacing the client's. IMPORTANT: Not all proxies and load balancers use this protocol; make sure you know whether or not yours does.

High Availability (HA)

A system design approach that ensures a certain level of operational performance, typically uptime, for a higher than normal period.

HTTP (Hypertext Transfer Protocol)

The foundation of data communication on the World Wide Web. Syncplify Server!'s WebClient! uses this protocol for its binding.

JWT (JSON Web Token)

A compact, URL-safe means of representing claims to be transferred between two parties, typically used for authorization purposes.

Listener

A process or thread that waits for and accepts incoming network connections on a specified binding (IP address and port).

Load Balancer

A device or software application that distributes network or application traffic across multiple servers to ensure no single server becomes overwhelmed.

Log/Logging

The process of recording events, messages, or errors generated by software or hardware. Logs are essential for monitoring, troubleshooting, and auditing system activity.

PKI (Public Key Infrastructure)

A framework of software, policies, and procedures used to create, manage, distribute, use, store, and revoke digital certificates. PKI enables secure communications by associating public keys with the entities such keys belong to. PKI Authentication is a specific application of PKI where key-pairs or digital certificates are used to authenticate users or devices. While PKI provides the infrastructure for managing keys and certificates, PKI authentication focuses on using these keys/certificates for identity verification and secure access.

Protocol Handler

An isolated subroutine within a Syncplify Server! Worker process responsible for managing a specific protocol over a single binding. Each Virtual Site (i.e., each Worker process) can and typically does implement multiple protocol handlers for various bindings like SSH, SFTP, FTPS, HTTPS, etc. This level of in-process isolation guarantees that even in the extremely unlikely event that one protocol handler may crash, your Virtual Site will keep running and serve all other remaining protocols seamlessly.

R2FS (Reverse Remote File System)

A specialized virtual file system where the storage server initiates an outbound connection from the protected subnet to the file-transfer server in the DMZ. Once connected, it reverses its operational mode to function as a traditional storage server. This approach eliminates the need for inbound ports on the protected subnet's firewall, significantly reducing the potential attack surface. This component is based on protected intellectual property of Syncplify, Inc.

REST API

Representational State Transfer Application Programming Interface; a set of rules and conventions for building and interacting with web services.

SCP (Secure Copy Protocol)

A network protocol that supports file transfers between hosts on a network. Somewhat antiquated and (because of flawed client-side implementations) not as safe as SFTP. When possible, always prefer SFTP instead.

Session

A temporary and interactive information exchange between two or more communicating devices, or between a user and a system, typically established for the duration of a login or connection.

SFTP (SSH File Transfer Protocol)

A secure file transfer protocol that runs over the SSH protocol. The gold standard for secure file transfers.

SNI (Server Name Indication)

An extension to the TLS protocol that allows a server to host multiple TLS certificates for different domains on the same IP address and port.

SSH (Secure Shell)

A cryptographic network protocol for operating network services securely over an unsecured network.

SSL (Secure Sockets Layer)

A deprecated cryptographic protocol, predecessor to TLS.

SuperAdmin

A user with the highest level of administrative privileges in Syncplify Server!, capable of managing all Virtual Sites and global configurations.

TLS (Transport Layer Security)

A cryptographic protocol designed to provide communications security over a computer network.

Virtual File System (VFS)

A file system abstraction layer that allows access to various storage systems through a unified interface.

Virtual Site

A logically isolated instance of Syncplify Server!'s Worker process, with its own bindings, protocol handlers, configuration, and user base.

WebClient!

A web-based secure file transfer interface that provides Syncplify Server! users with a comprehensive set of tools for managing and sharing files. It offers features such as file upload, download, and organization within a browser-based environment. WebClient! incorporates robust security measures and allows for highly granular access controls. This enables users to securely share files and folders with specific individuals or groups. This interface eliminates (in many cases) the need for additional client software, making data accessible in a user-friendly manner while maintaining and enforcing enterprise-grade security standards.

Worker Process

A Syncplify Server! system service that operates as an independent process within the operating system, implementing a single Virtual Site. This separation, enforced by the OS, helps prevent lateral movement between Virtual Sites in the event of an attack.