How To Best Control Access to SFTP Server in DMZ

cancel
Showing results for 
Search instead for 
Did you mean: 

How To Best Control Access to SFTP Server in DMZ

L1 Bithead

I have an interesting problem. There is a requirement for moblie devices (Throughout the Us and Canda) to access an SFTP Server from the Internet and upload files to it. No other devices are allowed access, from the Internet, to the SFTP server. The mobile devices will not have stat IPs but dynamic ones. The will of course not be part of our Windos Domain so our Userid Agents will not be able to get the UserId associated with the IP. Since I do not know the IP or UserId of the incoming device I am not sure how to limit, using the Palo Alto, only these devices access to the server. Any ideas or has someone ran across this and already solved it.

 

I know I could put security on the SFTP server and require sign-in but trying to have multilayers of secuirty if possible.

 

Thanks, Doug 

2 ACCEPTED SOLUTIONS

Accepted Solutions

L4 Transporter

Use Global Protect 🙂

 

regards,

Gerardo

View solution in original post

Cyber Elite
Cyber Elite

+1 @glastra1

 

GlobalProtect seems like your only option to securely limit access to this server

Tom Piens
PANgurus - (co)managed services and consultancy

View solution in original post

2 REPLIES 2

L4 Transporter

Use Global Protect 🙂

 

regards,

Gerardo

Cyber Elite
Cyber Elite

+1 @glastra1

 

GlobalProtect seems like your only option to securely limit access to this server

Tom Piens
PANgurus - (co)managed services and consultancy
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!