What's New in MOVEit Transfer Cloud 2020.1

We will be upgrading the hosted MOVEit Cloud services on November 15 to run MOVEit Transfer 2020.1

ADFS 4.0 and 5.0 Support

We tested Windows Server 2019 AD FS (also referred to as "ADFS 5.0") and Windows Server 2016 AD FS (also referred to as "ADFS 4.0") with MOVEit Transfer. For details, see the MOVEit Transfer Administrator Guide.

Tip You can leverage ADFS as an external authentication source. Additionally, within a Single Sign-on model, you can use ADFS as a trusted identity provider.

Mobile and Desktop Single Sign-on

You can now use enterprise credentials or custom identity providers (IdP) for friction-free sign-on to MOVEit Mobile and MOVEit Client by authorized users. For details on how to configure SAML message passing with a trusted identity provider, see the Administrator Guide.

MOVEit Mobile Single Sign-on

If Single Sign-on (SSO) is enabled for your organization, an SSO link displays. From there, users can choose an Identity Provider (IdP) (assuming more than one is configured for their organization).

Specify Server

Single Sign-on Option

MOVEit Client Single Sign-on

Single Sign-on Option (MOVEit Client)

RESTful API Improvements

The following new capabilities were added for the 2020.1 release of MOVEit Transfer.




Log and audit log data access

Return logs current user can view

Return specific log data



Password aging policies

Create and apply password aging policies to user classes.


User expiration policies

Create and apply user expiration policies to user classes.


Log retention settings

Specify how long system and org logs are kept


Report Import

Import custom report definitions.


Fixed Issues

This section outlines issues tracked and fixed by the MOVEit product team for the 2020.1 release. Not all changes suggested by customers or uncovered in usability testing are tracked as issues or defects. See the What's New section for a broader view of these improvements.



Fixed Issue


Download Wizard

Fixed case where using Azure Blobs for the MOVEit Transfer filestore and opting for MOVEit Transfer encryption could result in download failures (or validation check failures) when downloading large (> 10,000,000 byte) files.


Legacy Uploader

Fixed issue where if using the legacy uploader (pre 2019.2), MOVEit Transfer could block a file upload based on X-Forwarded-For header leveraged to identify proxy traffic.

5287 (10525)


Fixed customer-reported-issue found when using MOVEit Transfer MFA with MOVEit Gateway.



Fixed SSRF vulnerability where an authorized admin user could view recently-downloaded filenames.



Fixed X-FRAME-OPTIONS setting to ensure security best practices when handling HTML frames.

8683 (382921)


Fixed a security error that could allow an authorized user to view another user's default directory, under certain unusual circumstances.



Fixed issue where downloading a saved report file using the WebUI could result in a partial copy of the file (and fail file validation).



Fixed issue where GroupAdmins could grant Folder Sharing permissions to a Regular User, but at a later time the UI did not provide controls to remove the privilege.



Fixed issue where typing in Create User As a Clone of field failed to auto complete with a list of current users to clone from.


Admin Guide

Fixed issues and updated Settings > Security Policies > Password topic in Administrator Guide.

4159 (12239)


Fixed case where file not downloaded when at the same time the platform allowed filenames comprised of quotation mark characters.



Resolved file information disclosure that could be possible when certain folder inheritance settings were met.


Ad Hoc Message/security

Fixed case where script tags need to be removed from Ad Hoc messages.



Fixed issue where blank log entry is written after blank client key is uploaded.

Client Compatibility

Supported Web Browsers (end-user)

  • Chrome (Windows/*nix/Mac OS X)
  • Mozilla Firefox (Windows, Mac and *nix)
  • Microsoft Edge (Windows 10)
  • Internet Explorer 11 (Windows)
  • Safari (Mac only)

    Note: Use Internet Explorer 11 with IE's compatibility view settings switched to off. Clear the checkbox in IE: (Gear > Compatibility View Settings)

If you use the ActiveX Wizard from IE to zip files at upload time, IE protected mode can block certain Windows component services (such as those needed for zip) and fail the upload. See this knowledge base article on the MOVEit Transfer Community site for detailed workarounds.

MOVEit Mobile App

MOVEit Mobile App 2.0 is available for the following devices:

  • iOS (Apple devices). Available for download in the Apple App Store.
  • Android (Android OS devices). Available for download from Google Play.

MOVEit Desktop Client

All current versions of the MOVEit Desktop client are supported. Older versions will work with limited feature capabilities. Download the latest versions from the MOVEit Products page.

Outlook Plug-in (Ad Hoc)

  • Outlook Client:

    Outlook 2016 (English, German, French, Japanese, Simplified Chinese, Spanish and Traditional Chinese)

    Outlook 2013 (English, German, French, Japanese, Simplified Chinese, Spanish and Traditional Chinese)

    Outlook 2010 (32-bit and 64-bit English, German, French, Japanese, Simplified Chinese, Spanish and Traditional Chinese)

  • Mail or Exchange Server:

    Ad Hoc Transfer Plug-in for Outlook is compatible with a variety of mail servers, such as Exchange Server 2013, Exchange Server 2010 (32-bit and 64-bit English and German), or Progress IMail 11 (using SMTP). When Outlook & Exchange are used together, Cached Exchange Mode is supported but is not required.

  • Operating System:

    Microsoft Windows 10, Microsoft Windows 8, Windows 7 (32-bit and 64-bit English, German, French, Chinese Simplified, Chinese Traditional, Japanese)

SFTP, SSH, HTTPS, and More...

Because MOVEit conforms to HTTP, FTP, SSL and SSH standards, most clients that conform to IETF's RFCs for these protocol standards will work.

MOVEit Transfer Server is compatible with clients that adhere to FTP, HTTPS, SFTP, and SSH protocol industry standards

See also: MOVEit Clients.

Supported AS2/AS3 Clients

MOVEit supports any AS2 client that has been "Drummond" or "eBusinessReady" certified; the software MOVEit uses to handle incoming AS2 files and MDNs has itself been certified "eBusinessReady" under a program now managed by Drummond.

AS3 clients are just FTP/SSL clients as far as MOVEit is concerned. MOVEit Automation handles the encryption/decryption, signing and verification of AS files in either case.

Desktop Automation

MOVEit EZ is a Windows desktop client that automatically and securely moves files between MOVEit and a user's local machine or remote server. End-users or applications copy files to a designated folder on their local machine, and they are taken to MOVEit. Files that are uploaded for that user to MOVEit are automatically downloaded and placed on their local machine.

Note: ALL MOVEit EZ clients will need to be updated to MOVEit EZ V.6.5 or later to work with MOVEit V.6.5 or later. Because of problems with older MOVEit EZs unique handling of MOVEit folders, MOVEit will now prevent sign-ons from pre-6.5 versions of MOVEit EZ and will display a message to the end-user telling them to upgrade to MOVEit EZ 6.5 or later.

MOVEit EZ normally runs as an icon in the tray of an end-user, but it is often also installed as a service. During file transfers, it will pop open status balloons like the one pictured below to let the end-user know it is working. When new files have arrived, the MOVEit EZ icon will change (similar to an email client) to let the end-user know something new has arrived.

MOVEit EZ supports the concept of guaranteed delivery, which means that it will only accept files that pass a cryptographic integrity check, will resume incomplete transfers, and will retry failed transfers.

More information on MOVEit EZ is available on the MOVEit EZ web site. Thirty day, self-installing evaluations can be obtained from this page. Site licensing and customized redistribution options (including custom application name and icons) are also available.

Batch File Transfers Involving MOVEit

Many administrators like to use ".bat" scripts for FTP transfers.

Batch files (*bat) are limited by ftp.exe. ftp.exe cannot perform passive FTP transfers, which are often necessary if transferring through firewalls or secure FTP transfers for sensitive transmissions over the Internet or other untrusted networks, which is recommended.

MOVEit normally accepts only secure connections, so ftp.exe itself cannot be used to FTP files to and from MOVEit. As an alternative, use MOVEit Freely a free and secure alternative for ftp.exe (In other words, "ftps.exe"). If you would prefer to use FTP over SSH transmissions, free scriptable clients are available for almost every version of UNIX as well as most Windows operating systems from OpenSSH.

To avoid several common firewall issues with the FTP/SSL protocol, MOVEit also offers a free HTTPS-based command-line utility called MOVEit Xfer that accepts the same syntax and commands as MOVEit Freely and Microsoft ftp.exe client. Available in both Windows and Java 1.4.2+ versions, this scriptable utility provides single-port secure file transfer on a wide variety of platforms including UNIX, Linux, Windows, Macintosh and some mainframes.

Copies of MOVEit Xfer and MOVEit Freely are available from the MOVEit support site or from the MOVEit Freely information site.

Programmatic Control of MOVEit Transfer with MOVEit APIs

MOVEit Transfer offers comprehensive programming interfaces for .NET, JAVA, and REST application developers.




Connect systems and clients to MOVEit Transfer using simple HTTP calls.

Language and platform independent, the REST API can be your best choice to converge information systems, circumvent the unending need for client-server dependency maintenance, and span any combination of environments (including IoT, mobile, and much more).

The MOVEit Transfer REST API runs at https://<your-transfer-server>/api/v1/.

—Where <your-transfer-server> is the host where your MOVEit Transfer Server is running.


MOVEit .NET API consists of Dynamically Linked Libraries with client calls which lets developers build applications and scripts to exchange secure files with MOVEit servers as well as administer folder settings, folder permissions, users and group membership.

Java API

MOVEit Java API is a Java class which lets developers build applications and scripts to exchange secure files with MOVEit servers, as well as administer folder settings, folder permissions, users, and group membership.

As these products are separately licensed from MOVEit, you may contact the MOVEit or Progress Software sales directly for more information about either of the MOVEit API products.

Scheduled and Audited File Transfers Involving MOVEit with MOVEit Automation

MOVEit Automation is an enterprise file transfer manager capable of simultaneous file transfers to and from hundreds of Windows file systems, FTP/FTPS/SFTP servers, mail servers, web servers, MOVEit servers, and AS1/AS2/AS3 partners.

Included are a full-featured task scheduler, guaranteed delivery, instant (event-driven) transfers, multiple sources/destinations in a single task, the ability to run custom VBScripts against processed files in a fault-tolerant sandbox, and custom event log or email notification support (or both). Security features include secure channels for remote control/configuration and AES encryption of configuration information, including remote host credentials.

For more information, see the MOVEit Automation documentation.

Known Issues

MOVEit Transfer Cloud 2020.1 has no known issues at the time this document was published.

Copyright Notice

© 2020 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.

These materials and all Progress© software products are copyrighted and all rights are reserved by Progress Software Corporation. The information in these materials is subject to change without notice, and Progress Software Corporation assumes no responsibility for any errors that may appear therein. The references in these materials to specific platforms supported are subject to change.

Corticon, DataDirect (and design), DataDirect Cloud, DataDirect Connect, DataDirect Connect64, DataDirect XML Converters, DataDirect XQuery, DataRPM, Defrag This, Deliver More Than Expected, Icenium, Ipswitch, iMacros, Kendo UI, Kinvey, MessageWay, MOVEit, NativeChat, NativeScript, OpenEdge, Powered by Progress, Progress, Progress Software Developers Network, SequeLink, Sitefinity (and Design), Sitefinity, SpeedScript, Stylus Studio, TeamPulse, Telerik, Telerik (and Design), Test Studio, WebSpeed, WhatsConfigured, WhatsConnected, WhatsUp, and WS_FTP are registered trademarks of Progress Software Corporation or one of its affiliates or subsidiaries in the U.S. and/or other countries. Analytics360, AppServer, BusinessEdge, DataDirect Autonomous REST Connector, DataDirect Spy, SupportLink, DevCraft, Fiddler, iMail, JustAssembly, JustDecompile, JustMock, NativeScript Sidekick, OpenAccess, ProDataSet, Progress Results, Progress Software, ProVision, PSE Pro, SmartBrowser, SmartComponent, SmartDataBrowser, SmartDataObjects, SmartDataView, SmartDialog, SmartFolder, SmartFrame, SmartObjects, SmartPanel, SmartQuery, SmartViewer, SmartWindow, and WebClient are trademarks or service marks of Progress Software Corporation and/or its subsidiaries or affiliates in the U.S. and other countries. Java is a registered trademark of Oracle and/or its affiliates. Any other marks contained herein may be trademarks of their respective owners.

This document was published on Tuesday, October 27, 2020 at 10:19