(S)FTP Poller

Secure, Reliable, Managed, File Transfer

Network Integration - Internal

There are two basic ways to implement the FTP Poller in a network. The simplest is to integrate it as part of your internal network behind the firewall. (See also DMZ integration)

nim intmod 02

In this example the FTP Poller sits inside the user network. It can then “reach” out to access remote sites. The FTP Poller initiates and controls all transfers, either pushing files out or pulling files in, external systems cannot access the FTP Poller.

This is the same as how a normal user accesses the Internet and is therefore just as secure - no service is exposed to the outside world and therefore no unauthorised access can take place.

The FTP Poller enhances security in a number of ways, centralising operation, removing logins and passwords from users, providing a central single point of management and a secure audit trail. It can also enhance security as its possible to lock down access to the FTP Poller to specific devices inside the network, reducing the opportunity for unwanted activity.

This can be inflexible though. If there are multiple co-operating sites and none have a DMZ then there would be no way for any site to safely access any other. This can be resolved by having a centralised Internet based FTP server acting as a hub.

This design maintains your security by locating the system behind the firewall. You could implement an FTP Server on the FTP Poller, however you would need to open your firewall to allow inbound access. This is not recommended as it brings external, potentially hostile traffic, into your internal network.