DiskBoss Logo
Flexense Data Management Software

Secure File Copy

DiskBoss Server provides secure file copy operations allowing one to copy files from one server to another without using network shares while encrypting transferred data blocks using the AES-256 encryption algorithm. The user is provided with the ability to encrypt and/or compress transferred data blocks, transfer selected types of files or categories of files, exclude specific directories from the file copy operation and tune the performance of the file copy process for user-specific needs and hardware configurations.

Secure File Copy

In order to perform a secure file copy operation, the user needs to install DiskBoss Server on the destination server and DiskBoss Ultimate or DiskBoss Server on the source server. For each secure file copy operation, the user can specify an unlimited number of source directories or files, the host name or an IP address of the destination DiskBoss Server and a directory on the destination server to copy files to.

Secure File Copy Options

In order to enable encryption and/or compression of transferred data blocks for a secure file copy operation, open the secure file copy command dialog, select the 'Options' tab and enable all the required file transfer options. When the user enables the AES-256 encryption algorithm, DiskBoss dynamically generates a random encryption key for each transferred file. When the user enables the verification of copied files, DiskBoss verifies all transferred data blocks using the SHA256 data signature algorithm.

Secure File Copy Commands

DiskBoss Server provides the user with the ability to configure an unlimited number of secure file copy commands with each one copying files from one or more input directories on the source server to a directory on the destination DiskBoss Server. In addition, DiskBoss allows one to configure multiple secure file copy operations copying files to multiple different destination DiskBoss Servers.

Secure File Copy Commands

In order to add a secure file copy command, press the right mouse button over the commands view, select the 'Add New - Secure File Copy Command' menu item and specify a unique command name.

Secure File Copy Inputs

On the secure file copy command inputs dialog, add one or more source directories or files to be copied to the destination DiskBoss Server. By default, DiskBoss Server will copy the specified source directories sequentially, but in order to increase the speed of the secure file copy operation, the user is provided with the ability scan directories and/or copy files in parallel using a user-specified number of parallel file copy threads. Once finished adding source files and directories, press the 'Next' button.

On the secure file copy 'General' tab, enter the host name or an IP address of the destination DiskBoss Server to copy files to. In addition, the user needs to specify the DiskBoss user name and password to login to the destination DiskBoss Server (default is admin/admin). Optionally, in the case the destination DiskBoss Server is configured to use a custom TCP/IP port (default is 8094), the user needs to configure an appropriate TCP/IP port number. Finally, the user needs to specify a directory on the destination DiskBoss Server to copy files to.

Secure File Copy

In order to transfer files, the source DiskBoss Server will connect to the destination DiskBoss Server using the TCP/IP protocol and the configured TCP/IP port should be open in the destination server's firewall. Control messages sent from the source DiskBoss Server to the destination server are always encrypted using the AES-256 encryption algorithm with dynamically generated random encryption keys unique for each DiskBoss Server. Also, the user is provided with the ability to encrypt all transferred files using the AES-256 encryption algorithm with a dynamically generated random encryption key for each transferred file.

Secure File Copy Enable Transfer

By default, due to security reasons, server-to-server file transfers are disabled and the user is required to explicitly enable server-to-server file transfers on the destination DiskBoss Server. In order to enable server-to-server file transfers, connect to the destination DiskBoss Server using the DiskBoss client GUI application, press the 'Options' button located on the main toolbar, select the 'General' tab, enable the 'Server-To-Server File Transfers' option and press the 'Save' button.

Secure File Copy Options

DiskBoss Server provides a large number of secure file copy options allowing one to customize the secure file copy operation for user specific needs. In order to customize secure file copy options, select the secure file copy command, press the right mouse button, select the 'Edit Command' menu item and select the 'Options' tab.

Secure File Copy Options
  • Show Copy Progress - this option enables the progress bar for the secure file copy operation. By default, in order to increase the performance of the secure file copy operation, the file copy progress bar is disabled. The potential performance impact depends on the number of copied files. For large file systems containing millions of files it is recommended to disable the file copy progress bar.
  • Copy File Attributes - this option enables copy of file attributes. If this option is disabled, files created in the destination directory will have default file attributes.
  • Copy File Timestamps - this option enables copy of the creation, last modification and last access dates for all copied files. If this option is disabled, files copied to the destination directory will have all timestamps set to the time of the file copy operation.
  • Compress Transferred Data Blocks - this option enables compression of transferred files. Depending on the speed of the network and the type of transferred files, it may be possible to increase the speed of the secure file copy operation and/or reduce the amount of transferred data. For example, text files and uncompressed bitmap images are highly compressible and when transferred with the compression option enabled the actual amount of transferred data may be significantly less than the size of uncompressed files thus increasing the performance of the secure file copy operation. On the other hand, JPEG images and compressed archive files are already compressed and therefore the actual amount of transferred data will be almost the same, but DiskBoss Server will need to use more CPU resources while trying to compress uncompressible files. Another point that should be considered is the speed of the network. When files are transferred over a fast network, the resulting impact may be not significant, but if files are transferred over a slow network, where the network speed is the major bottleneck, the resulting impact may be very significant.
  • Encrypt Transferred Data Blocks - this option enables encryption of transferred files using the AES-256 encryption algorithm with a dynamically generated random encryption key for each transferred file.
  • Verify Transferred Data Blocks - this option enables verification of all transferred data blocks using the SHA-256 data signature algorithm and retransmission of all corrupted data blocks. When this option is disabled, DiskBoss Server verifies transferred data blocks using a simple CRC32 checksum, which is good enough for reliable networks, but if the user needs to transfer important files through an unreliable network, it is recommended to enable verification of transferred data blocks using the SHA-256 data signature algorithm with subsequent retransmission of all corrupted blocks of data.

Secure File Copy Advanced Options

DiskBoss Server is optimized for modern multi-CPU/multi-core platforms, Gigabit Ethernet networks and RAID storage arrays. The user is provided with a large number of customization options allowing one to customize the behavior and performance of secure file copy operations for user-specific needs and hardware configurations.

Secure File Copy Advanced Options
  • File Overwrite Mode - this option provides the following three file overwrite modes: always overwrite, overwrite if the source file is newer and skip. In the 'Always Overwrite' mode, DiskBoss copies all source files to the destination directory overwriting all previously existed files. In the 'Overwrite If Source Is Newer' file overwrite mode, DiskBoss checks the last modification date for each file already existing in the destination directory and overwrites the destination file only when the source file is newer. In the 'Skip' file overwrite mode, DiskBoss just skips all source files already existing in the destination directory.
  • Performance Mode - this option provides the ability to intentionally slow down the secure file copy operation in order to minimize the performance impact on running production applications. In the 'Full Speed' performance mode, DiskBoss will try to copy files as fast as possible. In the 'Medium Speed' performance mode, DiskBoss will try to perform the secure file copy operation at 50% of the maximum possible speed. In the 'Low Speed' performance mode DiskBoss will try to perform the file copy operation at 20% of the maximum possible speed.
  • Dir Scan Threads - this option controls how many parallel directory scanning threads are used to scan the specified source directories. By default, DiskBoss scans directories using a single directory scanning thread and it is recommended to increase the number of parallel directory scanning threads only when copying millions of files from a number of high-latency network shares.
  • File Copy Threads - this option controls how many parallel file copy threads are used to copy files to the destination DiskBoss Server. In order to reach the maximum possible speed when copying files over a Gigabit network connection, it is required to use 2-4 parallel file copy threads. Moreover, when copying millions of files over a high-latency network, in order to mitigate the network latency, it is recommended to configure the secure file copy operation to use 4-8 parallel file copy threads.

Secure File Copy Rules

DiskBoss secure file copy operations provide the ability to copy files matching user-specified rules. For example, the user is provided with the ability to copy all types of document files with the file size more than X MB that were modification during the last month. Multiple different types of file matching rules may be used to precisely select files to be copied.

Secure File Copy Rules

In order to add one or more file matching rules to a secure file copy command, open the command options dialog, select the 'Rules' tab, press the 'Add' button, select a rule type and enter all required parameters. During the file copy process, DiskBoss will select files using the specified file matching rules and copy files matching the rules to the destination directory.

Secure File Copy Negative Rules

In addition to positive file matching rules allowing one to copy specific types of files, the user is provided with negative file matching rules capable of excluding files by the file type, size, last modification date, etc. For example, in order to exclude all types of images from the file copy process, add a file matching rule to process files 'Not Categorized as Images' to the secure file copy command.

Secure File Copy Exclude Directories

Sometimes, it may be required to exclude one or more subdirectories from a secure file copy operation. In order to exclude one or more directories, open the secure file copy options dialog, select the 'Exclude' tab and add directories that should be excluded from the secure file copy process.

Secure File Copy Exclude Directories

In addition to the ability to exclude individual directories, DiskBoss provides a number of exclude directories macro commands allowing one to exclude multiple directories using a single macro command.

  • $BEGINS <Text String> - excludes directories beginning with the specified string.
  • $CONTAINS <Text String> - excludes directories containing the specified string.
  • $ENDS <Text String> - excludes all directories ending with the specified string.
  • $REGEX <Regular Expression> - excludes directories matching the specified regular expression.

For example, the exclude macro command '$CONTAINS Temporary Files' will exclude all directories with 'Temporary Files' at any place in the full directory path and the exclude macro command '$REGEX \.(TMP|TEMP)$' will exclude directories ending with '.TMP' or '.TEMP'.

Secure File Copy Command Line Utility

In addition to the DiskBoss GUI application, DiskBoss Ultimate and DiskBoss Server provide a command line utility allowing one to perform secure file copy operations from a source server with DiskBoss Ultimate or DiskBoss Server to a destination DiskBoss Server. The DiskBoss command line utility is located in the '<Install Dir>\bin' directory.

Secure File Copy Command Line Utility
Command Line Syntax:

diskboss -scopy -dir <Source Directory> -host <Host Name> -dest <Directory>

Executes a secure file copy operation with the specified command line parameters.

diskboss -execute <Preconfigured Secure File Copy Command>

Executes a preconfigured secure file copy operation.

Required Parameters:

-dir <Source> -host <Destination Host> -dest <Destination Directory>

At least one source file or directory, destination server host name or an IP address and a destination directory should be specified. In order to ensure proper parsing of command line arguments, directories and file names containing space characters should be double quoted.

Optional Parameters:

-compress

This option enables compression of transferred data blocks.

-encrypt

This option enables encryption of transferred data blocks using the AES-256 encryption algorithm with a dynamically generated random encryption key for each transferred file.

-verify

This option enables verification of all transferred data blocks using the SHA-256 data signature algorithm and retransmission of corrupted data blocks.

-streams <Parallel File Copy Streams>

This parameter specifies the number of simultaneous file copy streams.

-time

This parameter enables copy of the creation, last modification and last access dates for all copied files. If this parameter is not specified, all files copied to the destination directory will have timestamps set to the time of the copy operation.

-overwrite_mode <File Overwrite Mode>

This option specifies the file overwrite mode, which may be set to one of the following values:

  • overwrite - in this mode DiskBoss always overwrites existing destination files
  • new - in this mode DiskBoss overwrites destination files if the source file is newer
  • skip - in this mode DiskBoss skips all files already existing in the destination directory

-port <Port Number>

This parameter specifies the destination DiskBoss Server TCP/IP port number to connect to. If this parameter is not specified, DiskBoss will try to connect to the default TCP/IP port 8094. The port should be open in the destination server's firewall.

-user <DiskBoss Server User Name>

This parameter specifies the user name to login to the destination DiskBoss Server. If this parameter is not specified, DiskBoss will use the default (admin) user name.

-password <DiskBoss Server Password>

This parameter specifies the password to login to the destination DiskBoss Server. If this parameter is not specified, DiskBoss will use the default (admin) password.

-v

This command shows the product's major version, minor version, revision and build date.

-help

This command shows the command line usage information.