cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Best Encryption standard

TGF_Cisco
Beginner
Beginner

We are in charge of providing a solution for secure transfer of data between two systems used in our organisation.

This solution requires that from the time the data is encrypted from the time the file is created and securely sent over internet into an FTPs server.

and we use an open FTP server and probably not the best  place to place incoming files..

any ideas how we can go about it..          

4 REPLIES 4

hobbe
Rising star
Rising star

Hi

You state that the file has to be encrypted from what time ?

Well there is no such thing as "securely sent over the internet to an ftp server"

Ftp is in itself cleartext so you will be able to sniff username and password, you are also able to do MITM attacks and so on. What do you mean with an "OPEN Ftp server" ?

If you want to send the file to a FTP server then you need to secure that transfer with a encrypted tunnel of some sort. (VPN)

If you are able to change the solution to SFTP instead of FTP then that would provide the encrypted tunnel for you.

A word of warning, stear clear of FTPS it is not firewall friendly.

Good luck

Hope This Helps

So we are talking about financial transactions that need to be securely tranfered. This FTPS is what the company that we have chosen has to offer, so we dont have a choice and no they dont provide a vpn solution.

File has to be created and encrypted , sent across to their FTPs server.

how can this be done securely?

Hi

There seems to be a confusion regarding the type of transfer

FTP = File transfer protocol

This is unencrypted and it not possible to properly secure the transfer with this protocol.

FTPS

FTP over SSL This is just normal FTP encrypted with SSL/TLS with all the drawbacks that comes with that solution.

This is a firewall unfriendly solution.

SFTP

SSH File Transfer protocol

This is "secure" from the start and firewall friendly.

I have done several of these solutions before and as a general point when you raise the concerns you have they tend to listen and make a solution available.

So if they have FTP server as you state in your first post ,then there is no way to do this in a secure manor.

The best you can do is encrypt the file itself but that is at best a questionable solution.

If the Server is FTPS as you stat in your second post then the protocol in itself is encrypted and you are "secure" but you will have to open much more ports than you would like to open in the firewalls.

One thing you could do to circumvent the problem is that you are getting a SFTP server on your end and let them come and get the file there.

Good luck

HTH

Collin Clark
Advisor
Advisor

We've always handled it by using ipswitch moveit


Sent from Cisco Technical Support Android App

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: