Q

Designing an architecture for FTP file transfer

I am in the process of designing the architecture for FTP file transfers between my company and our business partners. We are using PGP for encryption and scripts to automate the entire process. The FTP server will reside in the DMZ. Should the scripts reside on the FTP server? Should I install PGP on the same server or inside the network? Should the PGP keys reside on an internal server?
I wouldn't leave the private key anywhere in the DMZ and I would take a long hard look at any scripts that you may plan to leave there. Is FTP your only option for accomplishing this task? FTP is one of the most hacked applications. I would use a more secure protocol if possible. There are companies like vandyke.com that make secure FTP products, or there are other options like SSH.


More Information

  • Learn strategies and tactics you can employ to protect your network.

  • Discover how to employ a defense-in-depth strategy to secure an Internet-connected computing environment

  • Learn about the IPv6 protocol and how it will affect your network's security.

  • This was first published in August 2005

    Dig deeper on Client security

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close