Hello All,
Just started a new company and noticed a security hole in our network. Our FTP server (Windows 2003) is placed in our LAN with 2 ip's (Public and private). The Cisco ASA is doing a Nat static mapping from public to private ip. Internal clients access the FTP thru a SMB shared, which compromises our network if the FTP gets hacked. Ideal solution, is move the FTP to the DMZ, but I don't want internal clients being able to access it thru a SMB shared, but rather the way external clients will access it (Browser / FTP Client. Any suggestions or links? Thank you for your assistance!
Just started a new company and noticed a security hole in our network. Our FTP server (Windows 2003) is placed in our LAN with 2 ip's (Public and private). The Cisco ASA is doing a Nat static mapping from public to private ip. Internal clients access the FTP thru a SMB shared, which compromises our network if the FTP gets hacked. Ideal solution, is move the FTP to the DMZ, but I don't want internal clients being able to access it thru a SMB shared, but rather the way external clients will access it (Browser / FTP Client. Any suggestions or links? Thank you for your assistance!
