Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 269
  • Last Modified:

Publishing a Share on a different network through UAG

Hiya,

This is a very undetailed question as I don't have all the specs of our UAG Server but basically our UAG server acts as web gateway/portal for Company A to get to Terminal Servers on Company B

At the moment we have icons published on the web gateway which allow users to click in these to open connections to Terminal Servers on Company B

Someone has asked us if it is possible to publish an icon which basically opens a shared folder or non shared folder on Company B.

Many Thanks
0
rhiancohen
Asked:
rhiancohen
1 Solution
 
BembiCEOCommented:
Let me answer as unspecific as you asked.... (there are a lot of aspects).
Publishing a file system through a firewall is usually what you don't want to do. But in fact, possible, in theory.

In practice you would more think about a vpn solution. A firewall (and especially TMG / UAG) is more to protect the internal world against the external world, and to open ports for file access in a firewall is what every security specialist would force to cry loud out of the window.  

While remote access (terminal server session) can be limited to some dedicated ports, file access need some ports which are better to kept closed, at least to the outside world. One of the reasons why terminal server and vpn where developed as a more secure and reliable solution for remote workers.

The point of question is whom you trust and whom not. The outside world you never should trust. For trustfull workers you can control the access also to the file system via vpn tunnels and / or terminal server connection.

If there is really the need for file access to the outside world, the you can expose any folder via FTP  and pass the FTP traffic through the firewall.

Conclusion: Forget direct file access passing a firewall, always thing about services, which can expose files via services which can be exposed more save through a firewall.
0
 
rhiancohenAuthor Commented:
Yes makes perfect sense. Our UAG Admin already expressed his concerns about opening any ports for file access.

We are going to go the FTP route and see how we get on with that.

Thanks for your help with what was a very vague question.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now