How to restrict FTP and SFTP access using a security policy

Reply
Highlighted
L0 Member

How to restrict FTP and SFTP access using a security policy

Hi,

I have some users who need to connect to 5 ftp servers using filezilla (ftp and sftp). I want to restrict ftp and sftp access only to those 5 sites using a security policy.

Your advice is greatly appreciated.

Thank you.

Tags (3)
Highlighted
L7 Applicator

Hello SilvaS,

You can select Application as FTP, so that it will allow/block FTP traffic for a specific set of people. But, there is no specific App available for SFTP. SSH File Transfer Protocol (also Secure File Transfer Protocol, or SFTP) is a protocol which uses SSH to transfer a file. Hence it should work on TCP port 22.

Thanks

Highlighted
L7 Applicator

Add to it,

SFTP is not like FTP over SSH, rather a new protocol designed from the ground. Hence the PAN will identify it as SSH traffic, but if you decrypt the same traffic, it will be identified as an SSH-tunnel.


There is a feature request already submitted to develop a new app for SFTP (rather SSH or SSH-tunnel).

Thanks

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!