Your browser does not allow storing cookies. We recommend enabling them.

Tectia

Recieving and Virus-checking Incoming Files

In this example, we create a secure gateway which processes incoming files in the de-militarized zone (DMZ) of a regional office, before allowing them into the corporate network.

In the DMZ, we have Tectia Server receiving data files from partners and external users. Users upload files to the SSH server over the Internet. In the DMZ we have also Tectia MFT Events managing first the antivirus checking of the files, and transfer of clean files to a company-internal server. Data transfer events can be chained, so that the first event triggers another, for example a new file transfer.

Chained events for DMZ connections

Figure 4.11. Chained events for DMZ connections

In Event A: Tectia MFT Events polls the dropin folder on the SSH server for new files. When it detects new files it:

  1. Pulls the files from the SSH server to an incoming folder in the regional datacenter.

  2. Runs anti-virus check on the received files.

  3. Depending on the result:

    • If the file is clean, moves it to another folder.

    • If the file is contaminated, renames the file and sends an email notification to the administrator.

The configuration of the first event can be like this:

Antivirus on received files

Figure 4.12. Antivirus on received files

Event B: Once the virus check has been completed, a new event is triggered to transfer the clean files to an internal host to folder SafeFiles. The second event can also remove any contaminated files (renamed by the previous event), and send notifications to different administrators on success and on failure results.

The configuration of the second event can be like this:

Transfering clean files to internal server

Figure 4.13. Transfering clean files to internal server


 

 
What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.



    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH



    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now