Gateway/Proxy for a DMZ/production architecture?

Home Forums General Suggestions Gateway/Proxy for a DMZ/production architecture?

  • This topic is empty.
Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #30264
    a_cerberus_user
    Participant

    Hello,

    Currently we are looking to tighten security on our network, which means we need to move our SFTP server from the DMZ domain to our secure production domain.

    Is one of the following possible:

    > Build a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ?

    I can suggest a comparable product but am not sure if this is allowed in the forums. :)

    > Recommend a Windows compatible third party software solution that can integrate with Cerberus?

    Again, really like the product. 8)

    #36505
    imported_Serin
    Participant

    Hello,

    I know what you mean when you are asking for a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ.

    We don’t currently have anything like that but I’m starting to work on some designs for how we could accomplish it. I can’t recommend a third party solution because we honestly haven’t tested any with Cerberus. If you happen to come across one that you can integrate with Cerberus, then feel free to recommend it here.

    I’m sorry I can’t be of more help, but you have got me thinking about developing something.

    #36506
    a_cerberus_user
    Participant

    Thanks Serin!

    #36507
    a_cerberus_user
    Participant

    Just pinging to see if there was any update, as our network config project is getting closer on our radar. Thanks.

    #36508
    imported_Serin
    Participant

    Hello,

    I’m sorry, but we haven’t made any progress towards this. It would be a nice feature, but we’re a bit overloaded on feature requests and I’m not sure when we will be able to consider something like this.

    #36509
    a_cerberus_user
    Participant

    That’s understandable. Thanks for the update. :)

    #36510
    alaskan
    Participant

    Well since this doesn’t exist yet as a feature, unfortunately, can someone recommend a way to put something like this in place with Cerberus? I would really prefer to use Cerberus but having it sit in a dmz OR putting it in the domain as domain joined and forwarding ports seems very security risky.

    And if I might ask how do most folks setup Cerberus? Do you just install it to a domain joined computer and then forward the port from your firewall?

    Put it in a dmz and somehow get the files from it to your domain computers with some other product or just have a domain joined computer in your dmz?

    Both of these seem to be to much of a security risk for us and i’m just trying to understand how folks are using the product.

    Thanks in advance……

    #36511
    alaskan
    Participant

    So is this still something that isnt going to happen anytime soon or might we see this in release version 8?

    The gateway is a HUGE HUGE thing for us… I’ve asked what others use and no one has responded so im wondering if folks are just putting cerberus on a domain joined system and sticking it out on the internet?

    #36512
    jordanautomations
    Participant

    I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus.

    #36513
    kaluaabyss
    Participant

    jordanautomations wrote:


    I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus.

    I’ve configured a Citrix ADC as a reverse proxy for HTTPS and SFTP connections. It works fine except that I don’t currently have a way for the IP Manager to understand the source IP of SFTP connections. HTTPS handles this with a header (X-Forwarded-For).

    https://www.cerberusftp.com/phpBB3/viewtopic.php?f=2&p=11519#p11519

    #36514
    pacman
    Participant

    Please visit here for our new forums: bit.ly/CFTPCommunity

Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.
Close Cart

Shopping Cart