Solved

Business Class FTP Storage

Posted on 2011-09-28
10
400 Views
Last Modified: 2012-05-12
A client had asked us to send them a file that was too large for email.  so my boss asked me to do some research as to some "SECURE" FTP providers.  I mentioned Dropbox but apparently anyone who offeres free service can't be trusted to them.  

So do you have any suggestions?
0
Comment
Question by:MsAileenS
  • 4
  • 3
  • 3
10 Comments
 
LVL 1

Expert Comment

by:JWong007
ID: 36720343
You can use Filezilla Server to create a FTPS server (TLS).  Here's the link for the installation files:

http://filezilla-project.org/download.php?type=server
0
 
LVL 1

Expert Comment

by:JWong007
ID: 36720362
I also found Core FTP Server.  This server supports SFTP.  Here's the link:

http://download.cnet.com/Core-FTP-Server/3000-2160_4-10783460.html
0
 

Author Comment

by:MsAileenS
ID: 36720367
What can I tell them abou the security, I think that is the main concern
0
 
LVL 1

Expert Comment

by:JWong007
ID: 36720415
FTPS over TLS is: Two separate methods were developed to invoke client security for use with FTP clients: Explicit or Implicit. The explicit method is a legacy compatible implementation where FTPS aware clients can invoke security with an FTPS aware server without breaking overall FTP functionality with non-FTPS aware clients. The implicit method requires that all clients of the FTPS server be aware that SSL is to be used on the session, and thus is incompatible with non-FTPS-aware clients.
   http://en.wikipedia.org/wiki/FTPS

SFTP is: the SSH File Transfer Protocol (also Secret File Transfer Protocol, Secure FTP, or SFTP) is a network protocol that provides file access, file transfer, and file management functionality over any reliable data stream.
   http://en.wikipedia.org/wiki/SSH_file_transfer_protocol

SFTP is much more secure that FTPS
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36720440
FTPS is secured by SSL (TLS) which is the same familiar method used to keep online web transactions safe.  If you have every bought anything online you have used this method.  You can use it to encrypt the login credentials, the actual data, or both.

SFTP is secured  by SSH which is the same method used for unix remote login sessions.  This is just as safe as FTPS but has the advantage of only using a single port for both control and data so it is easier for your firewall administrator to configure.  The down side of this approach is that there are not as many clients that can do SFTP as there are that can do FTPS.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:MsAileenS
ID: 36720466
Can some of these products do both SFTP and FTPS?  And for security purposes it would be best if hosted my own FTP storage, right?  And I saw the FileZilla has a server and a client install so you can host it yourself
0
 
LVL 16

Accepted Solution

by:
AlexPace earned 500 total points
ID: 36720481
I would disagree that SFTP is much more secure than FTPS.  

Trivia: The character Trinity is shown using a legit well known SSH exploit in the movie Matrix Reloaded.

That said, I might choose SFTP over FTPS because it is easier to support... fewer moving parts... but the stream is binary so it is hard to debug if something goes wrong  ... much easier to debug a problem in FTPS which is good since you are more likely to have a problem with FTPS.

You can use FileZilla it is good software.  Some bosses have a problem with using free software supported by a bulletin board forum so if yours is like that you can consider Robo-FTP Server.  It does both FTPS and SFTP and you get a year of support for your $400.  

The 30 day free trial of Robo-FTP Server is super easy to get going in SFTP mode because it can generate its own SSH keys.

1. Download from here: http://www.robo-ftp.com/download/
2. Install the software then run the "Server Console" ... click thru the 30day eval stuff at the beginning.
3. Click the "Install" button to start it as a Windows Service under the default Network Service account
4. Click the "SFTP Server" menu, switch to Server Keys tab, create both keys then click "Apply" button
5. Switch back to "General Settings" tab, choose root folder then click "Start SFTP" button
6. Click the "Users" menu, click "New" button, type user name, select SFTP
7. Click "SFTP Logon Details" and set password and user's home folder then click "OK" then "Apply"

Now you have an SFTP server!   If sending these files is a one-time deal you might be done with it before the 30-day trial expires.
0
 

Author Comment

by:MsAileenS
ID: 36720540
Well money isn't the problem, its security so as long as I can spell it out for them I should be good!  Now the Robo-FTP server should be on a server at my location (like my file server or something), not like just my PC and then is there a client install so I can have users here use it to store and send files to customers?  this would be great if its an agent that can be installed on an existing file server (unless using a file server isn't recommended, I can find another server)  
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36720580
With Robo-FTP or any of these servers you can put it on a regular server on your network but you've got to poke a little hole in your firewall to allow it.  Otherwise you put it out on the DMZ in your extranet.  Do they even still call it an extranet?

Anyway, as far as poking a hole in your firewall goes this is another reason to use SFTP instead of FTPS because you only need to open (or forward) a single port.  The default SFTP port is number 22.

If you want to really get super freaky about the security you can have the users log in with a client key (sftp) or a client certificate (ftps) instead of a password.  Some banks (not most) do this...  some even PGP encrypt the files in addition to sending them over the encrypted transport.
0
 

Author Comment

by:MsAileenS
ID: 36720645
Well thank you so much!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Not many admins are aware that GPOs can be activated and deactivated time-based. Time to change that :)
Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now