INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Opening a firewall port temporarily.

Opening a firewall port temporarily.

(OP)
Hello,

This is my first post but I've been a long time visitor. I just started a new job last week as a project coordinator and I have an issue on my plate that I need to solve.
I work for a global company that has many different facilities all over the world with with thousands upon thousands of users. The task is to lock down FTP traffic (port 21) for all users and try to add rules and such depending on the software or sites our users use so they can get out to transfer files when needed. What I found though was that this isn't really feasible because our members deal with thousands of other customers which all have different sites and software they use at any given time, and it is dynamically different on any given day.
One thought that I had was to have our users go out to like our intranet site and actually "open up" the port for a given amount of time (say an hour) by sending some active form that would open it up for them with the correct information. After the hour is up it would go back into a closed state. Could this be possible with the right programming/hardware?
Sorry, I do not really know yet what kind of firewalls we use to open/block. I assume it would be Cisco. I just started meeting with the firewall team and I haven't gathered this info quite yet. I am just hoping this works because it would save a lot of headaches.

Thanks

RE: Opening a firewall port temporarily.

I am not sure that I am fully understanding your problem from the description, other than you have a conflicting need of sharing files amongst remote locations and desire for security. For starters, regular (unsecured) FTP is a poor choice in that it transmits everything in plain text, including authentication results. There is secured FTP which is better. Second, with FTP you have the issue of sandboxing anything that is uploaded until it has been verified as being safe.

Based upon your post, I would recommend that you try to redefine the problem. Instead of focusing on a possible solution, e.g. FTP, focus on the specific goals, for example, opening as few ports as possible while allowing users to transfer file. You may find that there is a better method.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close