topic Re: Secure FTP from a single domain only in General Topics

Secure FTP from a single domain only

StevenTurner — Wed, 23 Mar 2022 23:01:13 GMT

I have an inbound SFTP, I need to secure access to from only a single domain, say *.mydomail.com/. I have tried with a URL category in the security policy. This does not seem to work. The source is in AWS, so to much of a hassle to manage a source ip list to allow. The source owner says he is AWS-US-EAST-1 zone. However the source IPs he listed are in Palo Alto EDL Hosting service, AWS US East Amazon AppFlow IPv4.

link to list below:

https://saasedl.paloaltonetworks.com/feeds.html

SFTP Source list provided:

https://ip-ranges.amazonaws.com/ip-ranges.json

Any suggestions?

Re: Secure FTP from a single domain only

StevenTurner — Fri, 25 Mar 2022 19:00:21 GMT

I'm guessing as no one has replied this is not possible? If that is correct, please saw so and I'll go another route.

Thanks,

Re: Secure FTP from a single domain only

Adrian_Jensen — Fri, 25 Mar 2022 19:24:48 GMT

Since it is SFTP, there is no URL involved, so you can't filter with that. You would need to have a specific resolvable FQDN for the source server(s) (you can't have wildcard FQDNs) or an IP list of the source servers.