• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 65
  • Last Modified:

Windows 2012 and 2008 IIS - need secure FTP

I have read that Windows 2012 and 2008 IIS do not natively support SFTP. They support FTPS or FTP over. What would be the best options for securing FTP file transfers? Maybe using HTTPS?

DLH
0
DLH DLH
Asked:
DLH DLH
  • 2
1 Solution
 
William MillerInventory/IT ConsultantCommented:
FTPS secures via SSL, which can be very similar in terms of security. The primary difference between the two (functionality aside) is that with SSL (or FTPS in your case) you would need a digital certificate as part of the authorization. This normally requires a Certificate Authority to accomplish. You can use a self-signed Certificate as well, but that's really only useful for inter-office transfers.

Here is a great article for configuring FTPS on Windows Server:

https://social.technet.microsoft.com/wiki/contents/articles/39941.how-to-configure-ftps-with-public-certificate-in-iis.aspx

If you don't want to use FTPS, then you could turn to a third party SFTP software such as OpenSSH. A guide on doing this can be located here:

https://winscp.net/eng/docs/guide_windows_openssh_server

If you want to stick to standard FTP, then you're potentially leaving yourself vulnerable. Network-related threats are a real issue in today's age and FTP increases your Attack Surface (Basically this is the sum of potential points of vulnerability within your network).
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Just one thing to add to the previous expert.  I've had good luck in the past using Bitvise for SFTP.  It's just one more option in the third party SFTP realm.  Patches have been timely (especially security patches), configuration in the current version is fairly easy, and it can use active directory users easily enough.

The big thing to be aware of, however, is that users will need to use a SFTP client, which is certainly not as ubiquitous as http/https/ftp clients.  Which solution you use to transfer the files may well be greatly influence by that consideration.  (And on that note, WinSCP (William Miller already linked above) has a good client side SFTP client.)
0
 
DLH DLHAuthor Commented:
Thank You both. Sounds like similar information I had been reading. it always helps to get answers from experts so I can assist in formulating a solution.

DLH
0
 
William MillerInventory/IT ConsultantCommented:
No problem at all! Glad to be of help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now