Secure file transfer: VPN vs SFTP

1

We have a client who needs to transfer small, secure data files between customer sites and a central server. They wanted us to develop an application for them that would make use of a VPN to send the files, but after looking into it it seems that SFTP might be the easiest way to accomplish this. I found a lot of information on both, but in this situation is there any reason to go with a VPN over SFTP? (Extra security, faster etc.). It seems to me that it would be an awful lot of unneccessary trouble to set up a VPN in this case.

Thanks

mjacqu6

Posted 2014-03-12T16:31:03.573

Reputation: 11

From the sounds of it you already have your mind made up to go with SFTP. It is a secure method of transferring data and will serve you well. It terms of speed it depends on the files you are transferring and the VPN you would set up/buy/create. – Matthew Williams – 2014-03-12T16:36:26.463

I think SFTP or rsync is a good way to do this. Another ready to use tool is btsync, but it depends on what you need. – SPRBRN – 2014-03-12T16:38:07.440

I don't necessarily have my mind made up. From what I've read, SFTP seems easier/cheaper to implement in this case. I was just wondering if there would be any reason that we should use VPN for this or if both would essentially provide the same security. – mjacqu6 – 2014-03-12T16:43:42.387

@mjacqu6 | The ease of implementation and security level would, to a great extent, depend how skilled you are. SFTP is, in my opinion, the easiest to implement and the security is based on personal opinion and what you are prepared to implement. Bare in mind implementing VPN isn't the end. You would need to implement a transfer method like NFS. You should probably test out both and come back to use with any specific problems. – Matthew Williams – 2014-03-12T16:50:25.987

Answers

1

If you use a VPN then you can use any file transfer method you like, for example NFS mount or Windows share so long as unencrypted tranferring is allowed in the LAN segments. If designed well you should have no problem with sftp.

n4th4nr1ch

Posted 2014-03-12T16:31:03.573

Reputation: 111

0

Your tittle is a bit misleading :) because ftp/sftp are file transfer protocols, while vpn isn't, they're not the same thing, so we can really compare theam.

Why does your client want to use a vpn? is it only for security reasons?

If I understand correctly, your question can be presented like this:

Client sites ------> VPN---ftp----> Central server

Vs.

Client sites---sftp--->Central server

or prehaps do you mean

I would saying doing a lot of file transfers via a vpn will just be an extra layer that slows down the transfer. Additionally, you will have to pay for the traffic of that vpn.

Also, If the vpn you use is not reliable enough, you might also end up with a lot of downtime for that vpn, thus suspending the entire process even though both endpoints are up and running.

If the VPN endpoint is the same machine as the FTP server, then FTP over VPN is as secure as SFTP. In any other circumstance, SFTP would be likely more secure.

You can still do sftp over vpn if you wish, but it's useless. Also, do not forget that A VPN only provides encryption between your computer(client sites)) and the VPN endpoint so part of the connection will un-encrypted, attackers can intercept the connection, so using sftp since the beginning is better.

user206904

Posted 2014-03-12T16:31:03.573

Reputation: 1

Asked: 2014-03-12T16:31:03.573

Viewed: 3 547 times

Active: 2019-11-13T22:06:31.407