I have set up a PC with an FTP client in our DMZ, but to meet PCI compliance rules it appears that I need to set up a ‘DMZ Gateway’ so that :-
a) the files to be transferred to the remote server are not stored on our FTP client and
b) the FTP client does not have access to the files stored on the main network (apart from using the DMZ Gateway)
We are currently using CuteFTP Pro, but I don’t believe this product offers the functionality that we require. GlobalScape do their EFT software, which does come (at quite an additional cost) with this functionality – see http://www.globalscape.com/eft/dmz_gateway.aspx
Our FTP usage is pretty minimal, so I’d rather not have to incur the cost of the EFT software if possible. Is there other more ‘cost effective’ software that we could use to achieve this?