Cerberus FTP Server – SFTP, FTP/S, HTTPS Server for Windows or the Cloud › Forums › General › Suggestions › Gateway/Proxy for a DMZ/production architecture?
- This topic is empty.
-
AuthorPosts
-
August 6, 2012 at 5:00 pm #30264
a_cerberus_user
ParticipantHello, Currently we are looking to tighten security on our network, which means we need to move our SFTP server from the DMZ domain to our secure production domain.
Is one of the following possible:
> Build a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ?
I can suggest a comparable product but am not sure if this is allowed in the forums.
> Recommend a Windows compatible third party software solution that can integrate with Cerberus?
Again, really like the product.
August 8, 2012 at 2:46 pm #36505imported_Serin
ParticipantHello, I know what you mean when you are asking for a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ.
We don’t currently have anything like that but I’m starting to work on some designs for how we could accomplish it. I can’t recommend a third party solution because we honestly haven’t tested any with Cerberus. If you happen to come across one that you can integrate with Cerberus, then feel free to recommend it here.
I’m sorry I can’t be of more help, but you have got me thinking about developing something.
August 9, 2012 at 6:39 pm #36506a_cerberus_user
ParticipantThanks Serin! April 3, 2013 at 8:59 pm #36507a_cerberus_user
ParticipantJust pinging to see if there was any update, as our network config project is getting closer on our radar. Thanks. April 11, 2013 at 7:13 pm #36508imported_Serin
ParticipantHello, I’m sorry, but we haven’t made any progress towards this. It would be a nice feature, but we’re a bit overloaded on feature requests and I’m not sure when we will be able to consider something like this.
April 17, 2014 at 3:06 pm #36509a_cerberus_user
ParticipantThat’s understandable. Thanks for the update. April 25, 2014 at 2:43 am #36510alaskan
ParticipantWell since this doesn’t exist yet as a feature, unfortunately, can someone recommend a way to put something like this in place with Cerberus? I would really prefer to use Cerberus but having it sit in a dmz OR putting it in the domain as domain joined and forwarding ports seems very security risky. And if I might ask how do most folks setup Cerberus? Do you just install it to a domain joined computer and then forward the port from your firewall?
Put it in a dmz and somehow get the files from it to your domain computers with some other product or just have a domain joined computer in your dmz?
Both of these seem to be to much of a security risk for us and i’m just trying to understand how folks are using the product.
Thanks in advance……
September 24, 2015 at 6:06 pm #36511alaskan
ParticipantSo is this still something that isnt going to happen anytime soon or might we see this in release version 8? The gateway is a HUGE HUGE thing for us… I’ve asked what others use and no one has responded so im wondering if folks are just putting cerberus on a domain joined system and sticking it out on the internet?
December 19, 2018 at 3:22 pm #36512jordanautomations
ParticipantI know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus. March 1, 2019 at 10:58 pm #36513kaluaabyss
Participantjordanautomations wrote:
I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus.
I’ve configured a Citrix ADC as a reverse proxy for HTTPS and SFTP connections. It works fine except that I don’t currently have a way for the IP Manager to understand the source IP of SFTP connections. HTTPS handles this with a header (X-Forwarded-For).
https://www.cerberusftp.com/phpBB3/viewtopic.php?f=2&p=11519#p11519 March 25, 2019 at 4:31 pm #36514pacman
ParticipantPlease visit here for our new forums: bit.ly/CFTPCommunity -
AuthorPosts
- You must be logged in to reply to this topic.