Re: SFTP & ISA 2004...
- From: "Henk Steunenberg \(Ms\)" <stjesp@xxxxxxxxxxx>
- Date: Thu, 24 Nov 2005 12:15:16 -0000
Hello Paul,
Neither ISA 2000 nor ISA 2004 can support FTPS because:
1: ISA needs to "follow the conversation" between an FTP client and
server so
that it can adjust the traffic policies to accommodate new connections as
defined
by the protocol commands between the client and server.
2: The FTP Application filter is the one responsible for accomplishing
#1
3: Outbound SSL connections (regardless of application protocol) are
invisible to ISA (as they should be; there's an implicit trust between SSL
client /
server communications)
4: Server published SSL connections are also invisible to ISA
Since #1, #3 and #4 are in direct conflict, you can't use FTPS across ISA.
(The above clarification has been provided by Jim Harrisson)
But there is some documentation on the isaserver.org website that suggests
that it
can be done, but our official stance is the above.
http://www.isaserver.org/articles/How_the_FTP_protocol_Challenges_Firewall_Security.
html
Regards,
Henk Steunenberg
"Paul S." <Paul S.@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:762CA094-2DEE-4629-AD9A-6C7B58DA1EAF@xxxxxxxxxxxxxxxx
> What is the best way to secure FTP on my ISA server for my Internet
> clients?
> Can I use SFTP or SCP? If so how can I implement this?
>
> Thanks in advance!
.
- Prev by Date: Re: ISA - Domain Member
- Next by Date: ISA as Cacheing only server?
- Previous by thread: Re: ISA - Domain Member
- Next by thread: ISA as Cacheing only server?
- Index(es):
Relevant Pages
|
