I am in a situation where I must access data via FTP on a regular basis (for argument's sake, updated every 10 minutes). No other protocol is available for this operation. This data needs to be put onto a network share. I do not want to connect directly from an important network share to another server via FTP. The data itself and the username/password are not sensitive from my perspective as they are provided by the server organisation. I am more concerned about Man-in-the-Middle Attacks, Code or File injections and network reconnaissance.
I have two proposed solution. Any feedback or pointing to literature about these solutions would be appreciated as well as a straight answer:
- Local: Have a server partitioned from the network to handle data transfer. Perform checks (automated such as virus scans, manual such as user file inspection or both) before moving it on to the network. Prevent dedicated server from being able to access the network.
- Commerical: Use an MFT Product. Many of these products claim to provide additional security on top of FTP. I am struggling to find 3rd party information/analysis of these products however.
Thanks