Your browser does not allow storing cookies. We recommend enabling them.

Tectia

Integrating an Extranet Application with SFTP

SSH Tectia ConnectSecure can be integrated to an existing application through the SFTP API, for example to an application responsible for data warehouse feeds, extranet applications, Windows desktop applications, or third-party file transfer management applications. The counterpart can be SSH Tectia Server or another Secure Shell server.

In this scenario, an end user needs to be able to download files from servers that are located on the Internet. However, direct access from the user workstations to those servers is not possible because of security reasons. Thus, the end users use a web access control application located on the extranet (DMZ). This application manages access rights to individual servers and files.

When the end user has selected the files to download, the web application triggers file transfer through the API. SSH Tectia ConnectSecure then transfers the files to the extranet and the user is provided HTML links to the files.

Integration through SFTP API

Figure 5.3. Integration through SFTP API

With this solution, end users are not accessing external services directly and it is easy to manage the access rights from a centralized web server. External parties do not have to modify their systems but can rely on the trusted Secure Shell standard.


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more