I am trying to achieve my requirement however, unable to achieve it. Please review my requirement below and suggest your thoughts if there are any possible way to accomplish.
I want to block SSH traffic and at the same time i need to allow SFTP traffic for our users. I have referred to some KB Article and that states in order to allow the SFTP traffic we need to allow SSH application. So if in this case Normal SSH Traffic also will get allowed. So please share your thoughts for the same.
Also i can see that, there is a feature request for creating a separate App ID for SFTP (Link Mentioned below). Can i know the status on that as well.
Awaiting for your response !!
Hi @SahulH ,
Yes there is indeed an open feature request for this (to differentiate SFTP from SSH in APP-ID).
Please reach out to your local SE and have him add your vote to the FR:
FR ID: 2555
Hi @kiwi ,
Thanks for your response on my query, Also i want to know is there of any way to accomplish the necessary requirement in our Current scenario without having a separate App ID for SFTP. To block SSH and allow only SFTP traffic. Do let us know on this as well.
Thanks in advance !!
Since SFTP is just FTP over SSH, it implicitly is just SSH. So without deeper inspection of the packets by the AppID enigne there is no way to a SSH terminal over SFTP.
Agreed! SFTP is just an FTP feature traversing over SSH. They are essentially the same protocol. You would have to have some crazy man-in-the-middle encrypt/decrypt to even attempt this. This sounds a lot like security engineer over-reach or misunderstanding of protocols.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!