an introduction to ftp\ftps\sftp and the alternative
TRANSCRIPT
Enterprise File Sharing & Collaboration
An Introduction to FTP\FTPS\SFTP and the Alternative
Thru, Inc.
Thru Confidential
Agenda
What is FTP\FTPS\SFTP?
What hardware is required?
What drives FTP replacement?
When is Thru a better option?
Thru Confidential
File Transport Protocol (FTP) is a way of transferring files between computers.
FTP is one of the original programs for accessing information on the internet.
Developed in 1971 as part of the U.S. Department of Defense's ARPANET protocols and thus predates both TCP and Internet Protocol (IP).
FTP Definition and Origin
Thru Confidential
Modes of FTP
Active mode- In active mode FTP the client connects from a random unprivileged port to the FTP server's command port. Then, the client starts listening to port “N” and sends the FTP command PORT “N” to the FTP server. The server will then connect back to the client's specified data port from its local data port.
Thru Confidential
Modes of FTP
Passive mode- In passive mode FTP, the client initiates both connections to the server. When opening an FTP connection, the client opens two random unprivileged ports locally (P > 1023 and “N”). The first port contacts the server but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1023) and sends “P” back to the client in response to the PASV command. The client then initiates the connection from port “N” to port “P” on the server to transfer data.
Thru Confidential
FTPS and SFTP
FTPS - Is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.
SFTP - “SSH File Transfer Protocol”
is often mistakenly used to specify some kind of Secure FTP, by which people most often mean FTPS.
is a binary protocol in which all commands are packed to binary messages and sent to the server, which replies with binary reply packets.
Thru Confidential
FTPS and SFTP Pro’s
• Widely known and used
• The communication can be read
and understood by the human
• Provides services for server-to-
server file transfer
• SSL/TLS has good
authentication mechanisms
(X.509 certificate features)
• FTP and SSL/TLS support is
built into many internet
communication frameworks.
• Has good standards background
which strictly defines all aspects
of operations
• Has only one connection
• The connection is always secured
• The directory listing is uniform
and machine-readable
• The protocol includes operations
for permission and attribute
manipulation, file locking and
more functionality
FTPS SFTP
Thru Confidential
FTPS and SFTP Con’s
• Doesn’t have a uniform directory
listing format
• Requires a secondary DATA
channel
• Doesn’t define a standard for file
name character sets (encodings)
• Not all FTP servers support
SSL/TLS
• Doesn’t have a standard way to
get and change file and directory
attributes
• The communication is binary and
can’t be logged “as is” for human
reading
• SSH keys are harder to manage
and validate
• No built-in SSH/SFTP support in
.NET frameworks
FTPS SFTP
Thru Confidential
Hardware
FTP\SFTP Server - A computer on the internet that offers FTP\SFTP access.
FTP\SFTP Utility
Command line (OS native)
FTP\SFTP Client
Browser
Thru Confidential
FTP Replacement
Security - Risk of having FTP port open in firewalls.
Native FTP does not have encryption.
FTP is unreliable.
When sending files the sender has no way to verify whether the recipient received or downloaded the file. If an error occurs the sender will not be notified.
FTP lacks management tools - It does not allow senders to automatically expire or delete files.
Files sit on the FTP server until IT admins delete it.
Thru Confidential
FTP Replacement
FTP Is Cumbersome-
To send a file to a new contact, a new FTP account needs to be set up. Since users do not have access to the FTP server and managing FTP is far from user friendly, they need to rely on the help of an IT administrator to create new accounts, retrieve forgotten passwords and remove accounts for those who no longer require access.
FTP Offers No Auditing-
The lack of an audit trail means companies can’t keep track of who sent what and to whom it was sent.
Thru Confidential
The Better Option
Security - Thru uses port 443 which is a standard Internet port open to all firewalls.
Port 443 is HTTPS and encrypted for point to point communication.
Auditing – Easily track and audit all activities in the file system such as uploads and downloads.
File Management – With Thru, easily manage files for your organization with capabilities such as:
File retention
Blocking of certain extensions
File renaming
Thru Confidential
The Better Option
Ease of Management – Having multiple FTP servers can be cumbersome and difficult to manage.
No need for FTP client.
Thru's Secure DropBox™ removes the need to have IT set up personal FTP connections with user name and passwords.
Thru users only need to know the email address of the recipient to send data securely.
For more information about Thru, visit www.thruinc.comor contact [email protected]