How to restrict FTP and SFTP access using a security policy

Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to restrict FTP and SFTP access using a security policy

L0 Member


I have some users who need to connect to 5 ftp servers using filezilla (ftp and sftp). I want to restrict ftp and sftp access only to those 5 sites using a security policy.

Your advice is greatly appreciated.

Thank you.


L7 Applicator

Hello SilvaS,

You can select Application as FTP, so that it will allow/block FTP traffic for a specific set of people. But, there is no specific App available for SFTP. SSH File Transfer Protocol (also Secure File Transfer Protocol, or SFTP) is a protocol which uses SSH to transfer a file. Hence it should work on TCP port 22.


L7 Applicator

Add to it,

SFTP is not like FTP over SSH, rather a new protocol designed from the ground. Hence the PAN will identify it as SSH traffic, but if you decrypt the same traffic, it will be identified as an SSH-tunnel.

There is a feature request already submitted to develop a new app for SFTP (rather SSH or SSH-tunnel).


Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!