Windows Server - Secure FTP
Asked By Whiteford
16-Jun-10 06:43 AM
Hi,
We currently use a windows 2003 FTP server fro clients to upload huge files
to. We have a new client that needs to upload files securely, can anyone
recommend a secure way to upload files? I know there are many types of
secure FTP apps, but which one?
ISA Server 2004
(1)
Secure FTP
(1)
Application
(1)
Filter
(1)
Phillip Windell
(1)
SMTP
(1)
FTP
(1)
Microsoft
(1)
Grant Taylor replied to Whiteford
In general (a 10,000 foot view) you have a couple of options, one being
FTPS or FTP over SSL, the other being SFTP or SSH file copy (a.k.a.
SCP). There are servers for both on Windows, none of which (that I am
aware of) are from Microsoft.
Generally, SFTP has won out in favor over FTPS.
I'd suggest playing around with SFTP and see if there are any options
that you like. If not, fall back and look at the options for FTPS.
Another option would be to do the uploads via HTTPS.
Grant. . . .
Phillip Windell replied to Grant Taylor
Additional note for everyone:
Some firewalls will not work with either SFTP or FTPS due to their built-in
FTP Application Filter cannot process the traffic because of the encryption.
Some may have workarounds,...some may not,...some workarounds may be very
firewalls include Application Filters for SFTP and FTPS.
FTP by it nature needs a Application Filter to handle the dynamic nature of
the way ports are handled in the communication session. FTP is one of the
*few* protocols like this. HTTP, HTTPS, DNS, SMTP and most other protocols
are not like that.
Here are some details surrounding this from the perspective of Microsoft ISA
How the FTP protocol Challenges Firewall Security
http://www.isaserver.org/articles/How_the_FTP_protocol_Challenges_Firewall_Security.html
Solving the Secure FTP [SFTP] dilemma with ISA Server 2004 and 2006
http://blogs.isaserver.org/pouseele/2006/10/08/solving-the-secure-ftp-dilemma-with-isa-server-2004-and-2006/
--
Phillip Windell
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Grant Taylor replied to Phillip Windell
Please explain the problem that some firewalls have with SFTP (a.k.a.
SCP). Short of brain dead filtering by port, I do not see how firewalls
are going have problems with SFTP like they can with FTP(S).
Grant. . . .
ISA Server 2004 on Domain Controller Windows Server I have installed ISA Server 2004 on Domain Controller running Windowas Server 2003 SP2 standard edition. Since, ISA Server 2004 blocks everything after installation, I am having
ISA Server 2004 EE and Windows Server 2003 SP2 (ADAM component) Windows Server Dear ISA Server 2004 EE users, I would like to draw your attention to a recent issue regarding ISA
Cannot access SMTP server published via ISA server 2004 Windows Server Hi, I'm trying to resolve a situation where an Exchange server is published (for incoming SMTP) via ISA Server 2004, but SMTP connections from the outside world are refused. Any help would be appreciated
Isa server VPN Connectivity Windows Server Hi, I am trying to troubleshot VPN connections. We have a ISA Server 2004. Sometimes the users are not able to connect to our VPN server (ISA Server 2004). Since ping is disabled - how can I get users to troubleshot from their
Problem with MSDE2000 on ISA Server 2004 (HP Appliance) Windows Server I have an HP DL320 Appliance with WIN2003SP1 and ISA Server 2004 SP2. I can't use MSDE Logging, because when I configure the "Firewall Logging Properties I receive this message: Add / Remove Programs applet, select Microsoft ISA Server 2004 and click Change. Then, in the Microsoft ISA Server 2004 Installation Wizard use