Microsoft Windows Server Discussions
 
ISA Server 2004
(1)
SMTP
(1)
FTP
(1)
Firewalls
(1)
Protocols
(1)
Pouseele
(1)
Windows
(1)
SFTP
(1)

Secure FTP

Asked By Whiteford
16-Jun-10 06:43 AM
Reply
Hi,

We currently use a windows 2003 FTP server fro clients to upload huge files
to.  We have a new client that needs to upload files securely, can anyone
recommend a secure way to upload files?  I know there are many types of
secure FTP apps, but which one?

On 06/16/10 05:43, Whiteford wrote:In general (a 10,000 foot view) you have a

Grant Taylor replied to Whiteford
16-Jun-10 10:15 AM
Reply
In general (a 10,000 foot view) you have a couple of options, one being
FTPS or FTP over SSL, the other being SFTP or SSH file copy (a.k.a.
SCP).  There are servers for both on Windows, none of which (that I am
aware of) are from Microsoft.

Generally, SFTP has won out in favor over FTPS.

I'd suggest playing around with SFTP and see if there are any options
that you like.  If not, fall back and look at the options for FTPS.

Another option would be to do the uploads via HTTPS.



Grant. . . .

Additional note for everyone:Some firewalls will not work with either SFTP or

Phillip Windell replied to Grant Taylor
16-Jun-10 10:54 AM
Reply
Additional note for everyone:

Some firewalls will not work with either SFTP or FTPS due to their built-in
FTP Application Filter cannot process the traffic because of the encryption.
Some may have workarounds,...some may not,...some workarounds may be very
firewalls include Application Filters for SFTP and FTPS.

FTP by it nature needs a Application Filter to handle the dynamic nature of
the way ports are handled in the communication session.  FTP is one of the
*few* protocols like this.  HTTP, HTTPS, DNS, SMTP and most other protocols
are not like that.

Here are some details surrounding this from the perspective of Microsoft ISA

How the FTP protocol Challenges Firewall Security
http://www.isaserver.org/articles/How_the_FTP_protocol_Challenges_Firewall_Security.html

Solving the Secure FTP [SFTP] dilemma with ISA Server 2004 and 2006
http://blogs.isaserver.org/pouseele/2006/10/08/solving-the-secure-ftp-dilemma-with-isa-server-2004-and-2006/


--
Phillip Windell

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------

On 06/16/10 09:54, Phillip Windell wrote:Please explain the problem that some

Grant Taylor replied to Phillip Windell
16-Jun-10 01:41 PM
Reply
Please explain the problem that some firewalls have with SFTP (a.k.a.
SCP).  Short of brain dead filtering by port, I do not see how firewalls
are going have problems with SFTP like they can with FTP(S).



Grant. . . .
Previous Discussion:  Windows Server 2008: where is Active Directory Users and Computers?
Post Question To EggHeadCafe