The Tumbleweed FTP Analyzer is a Java-based network sniffer application that allows organizations to capture and analyze secure vs. unsecure file transfers and sessions taking place within an organization. The new free tool helps organizations find the FTP servers that pose a security risk to the organization, generating a two-page executive-level report as well as a detailed log.

The executive report identifies: Overall volume of secure and unsecure file transfer traffic Secure and unsecure file transfer traffic over time Top 10 largest unsecured files transferred Top 10 busiest FTP servers

"Regulatory compliance mandates, such as the Sarbanes-Oxley Act and the Health Insurance Portability and Accountability Act (HIPAA), require companies to document business processes," said L. Frank Kenney, Research Director for Gartner. "One frequently overlooked process is data movement - specifically data movement using the File Transfer Protocol (FTP). FTP by itself does not provide mechanisms for management, monitoring, security or process control. Any device that can detect, monitor and analyze FTP usage can help organizations identify their unmanaged FTP - an important first step in securing and managing file transmissions."

According to the Privacy Rights Clearinghouse, over 82 million Americans have had their personal identities put at risk by data loss incidents since February, 2005. But companies are not required to report loss which compromises company secrets, insider information or other corporate assets unrelated to personal identities. The use of unmanaged FTP to share sensitive data continues to put organizations at risk. Internet FTP usage is widespread, often insecure, and leaves company data exposed and vulnerable. In many instances, organizations are unaware of the FTP traffic taking place within their IT environments. Without a monitoring system in place, organizations have no visibility into the volume and type of FTP traffic traversing their networks. Over time, many organizations find that they have fostered an environment with a large number of "rogue" FTP servers.

"Organizations are discovering that they are at significant risk from departmental FTP servers that are often deployed outside of IT by different business units, in most cases for legitimate use but with little to no security in place," said John Thielens, CTO of Tumbleweed Communications. "The Tumbleweed FTP Analyzer helps identify these rogue FTP servers, and monitors the volume of unsecure traffic sent in and out of the organization."

The new FTP Analyzer delivers features including:

Monitoring of Port 21 FTP traffic to analyze the flow of secure and unsecure FTP traffic Scheduling functionality allows users to create a "set and forget it" schedule of monitoring Reporting and analysis provide users with easy-to-read, non-technical executive level reports 30-day license provides users with ample time to analyze their network traffic