With the FTP Gateway service implemented on the Barracuda NextGen Firewall F-Series, users can access an FTP server through a secure gateway. Additionally, due to policies and extensive logging capabilities, your network is protected against threats emerging from incoming and outgoing FTP traffic, such as exposure of sensible data or data being directed to the wrong recipient or destination.
Implementing the FTP Gateway service on the Barracuda NextGen Firewall F-Series
The FTP Gateway service provides a range of useful features and lets the administrator define user-specific profiles with permissions and restrictions for FTP access. You can configure profiles for users, IP addresses, and groups with local and external authentication schemes and assign them permissions and restrictions according to company requirements.
The FTP-virus scanning option provides network protection allowing interaction with a virus scanning engine.
FTP gateway configuration
On the FTP-GW Settings page in the FTP Gateway service configuration, you can configure the network settings for the FTP Gateway service and specify data transfer policies and logging. For instructions on how to set up the FTP Gateway service on the F-Series, see: How to Configure the FTP Gateway. On this page, you can also activate the virus scanning option for files that are sent and received via FTP file transfer. You can use a local virus scanner if configured on the F-Series Firewall, such as Avira or ClamAV (requires a Malware Protection license, see Virus Scanner), or you can use a remote virus scanner.
User and network authentication
You can configure authentication settings for users and networks that should be allowed or denied FTP access. The F-Series FTP Gateway service supports local user authentication and external authentication schemes, such as MS Active Directory, LDAP, Radius, RSA SecurID, TacPlus, or MSNT. You can also configure welcome messages to be displayed to users when they are connected to the FTP gateway. For more information, see: How to Configure Authentication and Access Rights.
Restrictions and permissions
The FTP Gateway service lets you configure user-specific profiles containing restrictions and permissions (e.g.: access, performing actions such as altering, deleting and downloading files, time restrictions, etc.). If a connection matches a user-specific profile, it is subject to the settings of the profile. If a connection does not match any user-specific profile, it is handled with default restrictions and permissions that are also configurable in a separate section. For more information, see: How to Configure Authentication and Access Rights.