[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

What is the alternative way to securely transferring files over the internet ?

Posted on 2011-03-15
6
Medium Priority
?
586 Views
Last Modified: 2012-06-27
Hi All,

I wonder what could be the possibilities for sharing files securely on Windows server environment for the remote office users if you are not allowed to use any free web services (Drop box, rapidshare.com, etc...) and must be securely published to the Windows Client users ?

What I have in mind are the following technologies:
1.      Manually sending the files with DVD media by postal service.
2.      Publishing sFTP through TMG 2010?
3.      Windows Remote Desktop Services (RDS is the new replacement terms for Terminal Server service in Windows Server 200
4.      Any possible Juniper SSL VPN features?

The group policy to attach/map the current local drive to the Terminal Server environment is not allowing everyone to have shared network drive attached to via the MSTSC.

FYI: at the moment I'm using Juniper SSL VPN to access terminal server environment.
0
Comment
Question by:jjoz
  • 3
  • 2
6 Comments
 
LVL 7

Assisted Solution

by:eugene20022002
eugene20022002 earned 1332 total points
ID: 35145015
Perhaps you can use a purposely built website , host it internally and publish it through TMG 2010 . Set it up with HTTPS . You can get a free certificate at http://cert.startcom.org/

You can perhaps try something like this or something similar as a base or test site. http://www.freeaspupload.net/

Your other option would also just be to simply use sftp as you suggested.
0
 
LVL 1

Author Comment

by:jjoz
ID: 35145753
Thank you for your reply mate, yes I was thinking if it is possible to publish the FTP site set by IIS and then secure it using the user certificate to upload and download files which is residing in the fileservers. ?
0
 
LVL 16

Assisted Solution

by:AlexPace
AlexPace earned 668 total points
ID: 35146385
Remember that FTP uses two ports.  With FTPS (FTP over SSL) you can encrypt just the control channel, just the data channel, or both channels depending on your needs and the capabilities of the server.

Another option is SFTP which is a different binary protocol secured with SSH.  This has the advantage of being easier on your firewall because it only uses one port instead of two.  IIS can't do SFTP but you can buy one or go the free and open source route.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 1

Author Comment

by:jjoz
ID: 35146675
ah ok, but of course using the Opensource sFTP, how about the TMG 2010 (acting as the firewall in between) ? can it publish the sftp ports ?
0
 
LVL 7

Accepted Solution

by:
eugene20022002 earned 1332 total points
ID: 35147413
My would still try to keep it simple by setting up a website. Port 80 is easy for access. No complicated SFTP protocols etc. You will just need to install a certificate into your iis website that should be easy for TMG to publish.

Other methods in my opinion will work but may be more complicated to setup.
0
 
LVL 1

Author Comment

by:jjoz
ID: 35148305
thanks eugene, but in this case I also want to simplify the user access by issuing user generated cert. from the AD-CA provider.

how can the user upload the file back to the file server ?
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question