Functionality of Secure Shell (continued)

Secure File Transfer
Secure File Transfer Protocol (SFTP) is a subsystem of the Secure Shell protocol. In essence, it is a separate protocol layered over the Secure Shell protocol to handle file transfers. SFTP has several advantages over the non-secure FTP. First, SFTP encrypts both the username/password and the data being transferred. Second, it uses the same port as the Secure Shell server, eliminating the need to open another port on the firewall or router. Using SFTP also avoids the network address translation (NAT) issues that can often be a problem with regular FTP. An ideal use of SFTP is to fortify a server or servers outside the firewall or router accessible by remote users and/or partners (sometimes referred to as a secure extranet or DMZ).

Using SFTP to create a secure extranet for sharing files and documents with customers and partners balances the need for access with security requirements.Typical uses of a secure extranet include uploading of reports and other files, making an archive of data files accessible for download and providing a secure mechanism for remote administration file oriented tasks. Extranets with business partners have proven to be much more effective for companies than more traditional methods of communication like phone or fax. In fact, SFTP can automate many of these transactions so they take place without human intervention.

DMZ allows secure SFTP access to information assets by partners and internal users

A secure extranet is one of the safest ways to make specific data available to customers, partners and remote employees without exposing other critical company information to the public network. Using SFTP on your secure extranet machines effectively restricts access to authorized users and encrypts usernames, passwords and files sent to or from them.