Recieving and Virus-checking Incoming Files

In this example, we create a secure gateway which processes incoming files in the de-militarized zone (DMZ) of a regional office, before allowing them into the corporate network.

In the DMZ, we have Tectia Server receiving data files from partners and external users. Users upload files to the SSH server over the Internet. In the DMZ we have also Tectia MFT Events managing first the antivirus checking of the files, and transfer of clean files to a company-internal server. Data transfer events can be chained, so that the first event triggers another, for example a new file transfer.

Chained events for DMZ connections

Figure 4.11. Chained events for DMZ connections

In Event A: Tectia MFT Events polls the dropin folder on the SSH server for new files. When it detects new files it:

  1. Pulls the files from the SSH server to an incoming folder in the regional datacenter.

  2. Runs anti-virus check on the received files.

  3. Depending on the result:

    • If the file is clean, moves it to another folder.

    • If the file is contaminated, renames the file and sends an email notification to the administrator.

The configuration of the first event can be like this:

Antivirus on received files

Figure 4.12. Antivirus on received files

Event B: Once the virus check has been completed, a new event is triggered to transfer the clean files to an internal host to folder SafeFiles. The second event can also remove any contaminated files (renamed by the previous event), and send notifications to different administrators on success and on failure results.

The configuration of the second event can be like this:

Transfering clean files to internal server

Figure 4.13. Transfering clean files to internal server