We have an FTP server on the DMZ of our firewall.
External access is available from selected FTP clients on the Internet.
Internal access is available from FTP clients on the Internal network.
My questions are these:
Is it possible to enable greater Internal Access to the FTP Server host without compromising security? For example could the file system of the FTP Server Host (a Windows Box) be shared by Windows clients on the Internal network? If this is not the best (most secure?) way of accessing the server, what alternatives are there and what are their Pros and Cons? In essence, what is the normal way that connectivity is maintained between servers on the DMZ and internal networks?