October 31, 2011
To help explain the important role a reverse proxy gateway plays in an effective DMZ network security strategy, Linoma Software [now HelpSystems] has released its newest whitepaper DMZ Gateways: Secret Weapons for Data Security.
Both to minimize risk of data breach and to meet industry and state compliance regulations, companies continue to search for cost-effective and time-efficient ways to ensure secure file transfers between their organizations and their trading partners, vendors and customers. They’re also investigating managed file transfer options that can automate file transfers while providing thorough audit trails and robust administration.
A common approach companies use for secure file transfer is to deploy an SFTP or SFTP server in the "public" area of the company’s network called the DMZ (demilitarized zone) where authorized users can drop off or retrieve files. Those files, as well as user credentials and passwords, will often remain in the DMZ until an internal program or user copies them into the private network for processing.
Industry regulators and compliance auditors are becoming increasingly alarmed at this practice of staging files in the DMZ, however, because whether or not those files are encrypted, they remain susceptible to theft by savvy hackers.
Even when the company decides to move those file servers into the private network, exchanging files with partners may unintentionally be allowing unwanted access through open inbound ports.
Chief Architect Bob Luebbe, who authored the report, says this is where the gateway becomes an invaluable tool.
"A DMZ gateway allows you to move file servers and other public services out of the DMZ and into the private network," Luebbe said. "The gateway is a software solution installed on a server within the DMZ. Because it acts as a reverse proxy and a forward proxy to handle all of the secure file transfer activity, a company can keep its data safe in the private network without opening inbound ports."
Adding a gateway in front of a secure FTP server is a simple process, requiring no changes from trading partners.
"With a DMZ gateway, your company is that much closer to keeping the auditors and regulators happy," Luebbe said. "It is very complimentary to an overall effective managed file transfer solution."
GoAnywhere Gateway can be installed on most operating systems including Windows®, Linux®, UNIX®, AIX® and Solaris®. Pricing starts at $2,995. Click here to download a free trial.