- This topic is empty.
-
Posts
-
Hello, Currently we are looking to tighten security on our network, which means we need to move our SFTP server from the DMZ domain to our secure production domain.
Is one of the following possible:
> Build a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ?
I can suggest a comparable product but am not sure if this is allowed in the forums.
> Recommend a Windows compatible third party software solution that can integrate with Cerberus?
Again, really like the product.
Hello, I know what you mean when you are asking for a Gateway/proxy add-on so that the data won’t be considered ‘at rest’ in the DMZ.
We don’t currently have anything like that but I’m starting to work on some designs for how we could accomplish it. I can’t recommend a third party solution because we honestly haven’t tested any with Cerberus. If you happen to come across one that you can integrate with Cerberus, then feel free to recommend it here.
I’m sorry I can’t be of more help, but you have got me thinking about developing something.
Just pinging to see if there was any update, as our network config project is getting closer on our radar. Thanks. Hello, I’m sorry, but we haven’t made any progress towards this. It would be a nice feature, but we’re a bit overloaded on feature requests and I’m not sure when we will be able to consider something like this.
Well since this doesn’t exist yet as a feature, unfortunately, can someone recommend a way to put something like this in place with Cerberus? I would really prefer to use Cerberus but having it sit in a dmz OR putting it in the domain as domain joined and forwarding ports seems very security risky. And if I might ask how do most folks setup Cerberus? Do you just install it to a domain joined computer and then forward the port from your firewall?
Put it in a dmz and somehow get the files from it to your domain computers with some other product or just have a domain joined computer in your dmz?
Both of these seem to be to much of a security risk for us and i’m just trying to understand how folks are using the product.
Thanks in advance……
So is this still something that isnt going to happen anytime soon or might we see this in release version 8? The gateway is a HUGE HUGE thing for us… I’ve asked what others use and no one has responded so im wondering if folks are just putting cerberus on a domain joined system and sticking it out on the internet?
I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus. jordanautomations wrote:
I know this is an old thread, but has anyone had any success with a proxy in front of cerberus? I’ve been tasked with implementing this type architecture and hoping to be able to find a solution that doesn’t involve replacing cerberus.
I’ve configured a Citrix ADC as a reverse proxy for HTTPS and SFTP connections. It works fine except that I don’t currently have a way for the IP Manager to understand the source IP of SFTP connections. HTTPS handles this with a header (X-Forwarded-For).
https://www.cerberusftp.com/phpBB3/viewtopic.php?f=2&p=11519#p11519
- You must be logged in to reply to this topic.