I think that is a good way to handle it. It depends on whether you are referring to data security or network security. Network wise I think you are fine, but to secure the data you need secure ftp. I suggest the new Cute Secure FTP server. It is user friendly, and can issue certs on its one, or import your own. www.globalscape.com
-----Original Message-----
From: Rick Brown [mailto:firewally2002@yahoo.com]
Sent: Wednesday, May 29, 2002 5:29 PM
To: firewalls@lists.gnac.net
Subject: FTP Security
I need to set up an internal server to FTP files out
to customers and the customers FTP files to me. I
have a firewall rule that allows my internal server to
FTP out to only certain IPs. For incoming FTPs,
customers are only allowed to FTP to a public FTP
server in our DMZ and then our internal server picks
the files up from the DMZ and brings them in. Is this
a good way of doing it? What are the risks? I'd
appreciate any thoughts. Thanks.
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
_______________________________________________
Firewalls mailing list
Firewalls@lists.gnac.net
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls