Cerberus FTP Server – SFTP, FTP/S, HTTPS Server for Windows or the Cloud › Forums › General › Suggestions › Gateway/Proxy for a DMZ/production architecture?
- This topic is empty.
August 6, 2012 at 5:00 pm #30264
Currently we are looking to tighten security on our network, which means we need to move our SFTP server from the DMZ domain to our secure production domain.
Is one of the following possible:
> Build a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ?
I can suggest a comparable product but am not sure if this is allowed in the forums.
> Recommend a Windows compatible third party software solution that can integrate with Cerberus?
Again, really like the product.August 8, 2012 at 2:46 pm #36505imported_SerinParticipant
I know what you mean when you are asking for a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ.
We don’t currently have anything like that but I’m starting to work on some designs for how we could accomplish it. I can’t recommend a third party solution because we honestly haven’t tested any with Cerberus. If you happen to come across one that you can integrate with Cerberus, then feel free to recommend it here.
I’m sorry I can’t be of more help, but you have got me thinking about developing something.August 9, 2012 at 6:39 pm #36506
Thanks Serin!April 3, 2013 at 8:59 pm #36507 Just pinging to see if there was any update, as our network config project is getting closer on our radar. Thanks.April 11, 2013 at 7:13 pm #36508imported_SerinParticipant Hello,
I’m sorry, but we haven’t made any progress towards this. It would be a nice feature, but we’re a bit overloaded on feature requests and I’m not sure when we will be able to consider something like this.April 17, 2014 at 3:06 pm #36509
That’s understandable. Thanks for the update.April 25, 2014 at 2:43 am #36510alaskanParticipant Well since this doesn’t exist yet as a feature, unfortunately, can someone recommend a way to put something like this in place with Cerberus? I would really prefer to use Cerberus but having it sit in a dmz OR putting it in the domain as domain joined and forwarding ports seems very security risky.
And if I might ask how do most folks setup Cerberus? Do you just install it to a domain joined computer and then forward the port from your firewall?
Put it in a dmz and somehow get the files from it to your domain computers with some other product or just have a domain joined computer in your dmz?
Both of these seem to be to much of a security risk for us and i’m just trying to understand how folks are using the product.
Thanks in advance……September 24, 2015 at 6:06 pm #36511alaskanParticipant
So is this still something that isnt going to happen anytime soon or might we see this in release version 8?
The gateway is a HUGE HUGE thing for us… I’ve asked what others use and no one has responded so im wondering if folks are just putting cerberus on a domain joined system and sticking it out on the internet?December 19, 2018 at 3:22 pm #36512jordanautomationsParticipant
I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus.March 1, 2019 at 10:58 pm #36513kaluaabyssParticipantjordanautomations wrote:
I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus.
I’ve configured a Citrix ADC as a reverse proxy for HTTPS and SFTP connections. It works fine except that I don’t currently have a way for the IP Manager to understand the source IP of SFTP connections. HTTPS handles this with a header (X-Forwarded-For).March 25, 2019 at 4:31 pm #36514pacmanParticipant
Please visit here for our new forums: bit.ly/CFTPCommunity
- You must be logged in to reply to this topic.