We recently reviewed the future of managed file transfer, which got us thinking about one of the oldest file transfer protocols in existence: FTP. Will a protocol originally written in 1971 still have value and utility as the web evolves? Let’s review.
How prevalent are FTP servers today?
We’re starting off with a bit of a trick question, as in reality, “FTP” and “FTP servers” have become synonymous with “file transfer server” for many users. But for our purposes, we want to know how many people are actually using FTP itself.
Reviewing Google Trends data for FTP, we see a very slight decline in search volume for “FTP” over the past few years, which tends to support the idea that the general user still thinks of file transfer as “FTP.”
However, when we look at more detailed protocol analysis of internet traffic, FTP generally appears at the bottom of the list.
While the data above only represents a tiny fraction of all web traffic, it’s very likely that the prevalence of SSH and HTTPS traffic in these findings tells us that most networks have (rightfully) moved to these more secure data transmission methods. So does that mean that the FTP protocol is dead and buried? Not quite.
How popular is FTPS?
FTPS, which uses the FTP protocol but secures its traffic through an SSH tunnel, is still quite popular due to to its legacy compatibility with systems that were originally built to communicate with FTP. While we weren’t able to find any data on FTPS vs. SFTP usage, using Google Trends data as a proxy it appears that SFTP is much more popular and increasing in popularity in the past few years.
Does FTP have a future?
As a heavily used protocol, likely not. It will probably live on in common conversation when used as a synonym for “file transfer” for “file transfer server”, as well as home and other networks that have enough trust where encryption can be bypassed (although even this is not best practice). So it’s likely that FTP as an actively used protocol is quite close to deprecation. FTPS will likely continue as a legacy compatibility tool, but SFTP clearly owns the dominant file transfer protocol share outside of HTTPS.
What will replace FTP?
Beyond the obvious SFTP and HTTPS, file transfer has already consolidated around three secure file transfer methods:
- “All-In-One” secure file transfer servers: For manual file transfer operations, all-in-one tools like Cerberus by Redwood will likely remain the standard, as they provide multi-protocol support for a number of current transfer protocols
- Hosted file transfer: Organizations supporting large numbers of casual or non-technical users will likely gravitate toward hosted file transfer options like cloud FTP providers, which simplify the process of posting and sharing files without having to set up a specific secure file transfer server
- Automated tools: For high-volume data processing, MFT servers like JSCAPE by Redwood will like become the standard due to their flexibility, wide protocol support and ability to automate via UI- or API-based tools
Do any new file transfer protocols exist?
Yes. The IETF has been working on a new transport protocol technology named QUIC, with the goal of delivering always-secure transport with minimal latency and improved transfer speeds. Once this standard is ready, there’s a good chance that it becomes the final nail in FTP’s coffin.