Problem solve Get help with specific problems with your technologies, process and projects.

Designing an architecture for FTP file transfer

I am in the process of designing the architecture for FTP file transfers between my company and our business partners. We are using PGP for encryption and scripts to automate the entire process. The FTP server will reside in the DMZ. Should the scripts reside on the FTP server? Should I install PGP on the same server or inside the network? Should the PGP keys reside on an internal server?
I wouldn't leave the private key anywhere in the DMZ and I would take a long hard look at any scripts that you may plan to leave there. Is FTP your only option for accomplishing this task? FTP is one of the most hacked applications. I would use a more secure protocol if possible. There are companies like that make secure FTP products, or there are other options like SSH.

More Information

  • Learn strategies and tactics you can employ to protect your network.

  • Discover how to employ a defense-in-depth strategy to secure an Internet-connected computing environment

  • Learn about the IPv6 protocol and how it will affect your network's security.

  • This was last published in August 2005

    Dig Deeper on Endpoint protection and client security