coeurdcom
asked on
Setting up Secure FTP with Server 2003
Is there a way, without setting up a third party account, to have a secure FTP with Server 2003? I have done a quick search of Tech Net, and it looks like limiting access with a valid user account is no problem, although they make it clear that the files are not encrypted. I need to have a cost effective (preferably free) way to establish a secure, encrypted, HIPAA compliant FTP system.
Thanks for any suggestions!
Thanks for any suggestions!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the info! I was hoping, though, that microsoft may have built something into Win2k3. Any ideas?
no - there isn't a sftp or ftps module in iis. you could of course use https and browser-based upload/download, but that isn't the same thing.
another option is to encapsulate - use normal ftp, but enforce use of vpn software to access the server. that way unencrypted ftp can still be used, but the packets themselves are encrypted. windows servers by default support ipsec and pptp.
ASKER
So I've been looking into using Server 2008, looks like IIS7 has some FTP over SSL/SSH options. Anyone know anything about these?
Not really what you are looking for but run a Linux VM which will give you SFTP ability for free without buying any new hardware. You can port forward 22 so it would be seemless to your users.
With regard to security chroot the accounts you create, enable SELinux and/or Bastille, and whatever other security lockdowns you need to be inline with your security requirements.
With regard to security chroot the accounts you create, enable SELinux and/or Bastille, and whatever other security lockdowns you need to be inline with your security requirements.
http://www.siteground.com/
I know you are looking for free but for this amount its cheap and the security lies with the provider(which has top level security)