I have some users who need to connect to 5 ftp servers using filezilla (ftp and sftp). I want to restrict ftp and sftp access only to those 5 sites using a security policy.
Your advice is greatly appreciated.
You can select Application as FTP, so that it will allow/block FTP traffic for a specific set of people. But, there is no specific App available for SFTP. SSH File Transfer Protocol (also Secure File Transfer Protocol, or SFTP) is a protocol which uses SSH to transfer a file. Hence it should work on TCP port 22.
Add to it,
SFTP is not like FTP over SSH, rather a new protocol designed from the ground. Hence the PAN will identify it as SSH traffic, but if you decrypt the same traffic, it will be identified as an SSH-tunnel.
There is a feature request already submitted to develop a new app for SFTP (rather SSH or SSH-tunnel).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!