How to Choose & Setup Your SFTP Gateway

How to Choose & Setup Your SFTP Gateway

SFTP gateways can be a crucial element in data protection. If keeping your business data secure while in transit and at rest is what you need, read on.

AWS Builder Community Hub

What is an SFTP gateway? SFTP gateways extend legacy applications to use low-cost cloud storage while managing security and compliance. Additionally, these gateways can support data orchestration between legacy and cloud systems for hybrid on-premise and cloud infrastructure.

What Is an SFTP Gateway?

An SFTP gateway, as the name suggests, serves as a middle ground between SFTP servers and cloud storage that allows seamless integration between the two. With a gateway, users leveraging SFTP can transfer high-speed, high-volume data securely through SFTP in an environment-agnostic manner such that organizations can manage secure communication between multiple cloud or on-premise systems.

A productive way to think about an SFTP gateway is to understand the difference between SFTP servers and cloud servers.

An SFTP server is the central repository or access point for SFTP. Since secure file transfer is modeled off of FTP, one of the oldest forms of file transfer, it uses a client/server structure for storing, transferring, and manipulating files. The FTP client/server model is as follows: for each file transfer, there is a server device that holds files, and there are one or more client devices that connect to the server to download or upload files. That server, then, becomes the central point where users access files. It also serves as the place where many security measures are enforced, including at-rest encryption, firewalls, etc.

Cloud servers, on the other hand, don’t work like SFTP servers. Whereas a secure FTP server gives users file transfer capabilities, cloud environments are more like distributed computing and storage services. Consumer cloud environments will often offer more essential features than a typical server regarding user experience and accessibility. Additionally, enterprise cloud systems support more than just storage; they often also include high-performance file management, computing workloads, and analytics.

Both are valuable, however, and SFTP can play a role in bulk file transfers and migrating from on-prem servers and cloud environments. Therefore, a gateway orchestrates transfers through a variety of contexts, including the following:

  1. From internal legacy systems (including Secure FTP servers) to new internal cloud environments or servers.
  2. From Internal legacy systems to external cloud environments (like AWS S3 or Microsoft Azure blobs), data lakes, or storage.
  3. From external cloud systems to internal cloud or legacy systems.

What’s vital about gateways is that they can efficiently automate and streamline the workflows between these different systems without breaking file structures or applications. Orchestration through gateways is bi-directional, meaning that transfers can move between massive systems seamlessly based on the company’s needs, regardless of whether it is a vanilla Secure FTP server or a specific cloud instance.

Modernizing Enterprise SFTP

How Do SFTP Gateways Work with AWS and Azure?

Secure FTP is a way to transfer and manage files on remote systems. Gateways facilitate seamless transfer between internal and public cloud instances on Amazon AWS and Microsoft Azure.

In either product case, we see the critical concept of an orchestration service:

  1. Amazon AWS has more minor services and products that facilitate secure SFTP transfers between an S3 instance and external connections. Third-party AWS gateways can automatically sync SFTP directories to an S3 bucket and back again, depending on your file transfer needs. With orchestration, however, this kind of transfer can quickly become a freeway of data moving in and out of AWS S3 buckets.
  2. Microsoft Azure also includes orchestration features to support data pipelines between external, internal, and legacy systems. Specifically, with a gateway, you can move data from a “secure-by-default”-configured server that will then sync with Azure blob storage.

One of the limitations of these solutions is that they are third party and configured to work exclusively with SFTP and the cloud server. It would then be up to you to configure the solution to work with your internal orchestration and file transfer operations.

The Kiteworks® Secure MFT Server

SFTP still has a critical place in computing more broadly. It is relatively ubiquitous and straightforward to roll out, and it can support batch processing and transfers for many files and move them quickly and securely through a network.

Accellion offers a robust and complete orchestration engine that can drive data pipelines between legacy and internal on-premise and cloud systems. That means moving data from SFTP servers, Dropbox accounts, OneDrive accounts, Google Drive accounts, or any other ERP or CRM solution through the Kiteworks platform to a different cloud platform. In other words, a flexible SFTP gateway.

Why is this important for your business? If your enterprise operations leverage high-volume data transfers with high-performance applications, you cannot allow those applications to break when you migrate to other systems. Furthermore, managing hybrid environments and platforms can become a challenge if there isn’t a backbone to support their interoperability.

An SFTP gateway like the Kiteworks Secure MFT Server manages workflows and multi-threaded file transfers on a foundation of SFTP. It doesn’t matter if you start with a Box and transfer to an external SharePoint site for business operations before transferring that data again to an S3 instance for long-term storage. With gateways, you can facilitate these kinds of transfers all day.

Furthermore, you can use all the features and tools of the Kiteworks platform to control workflows through your gateways better. These tools include the following:

  1. Compliant Systems: Our SFTP server is compliant, or can support compliance, with major regulations like HIPAA, FedRAMP, PCI, FIPS 140-2, GDPR, etc. SFTP security and compliance here mean AES-256 encryption for data at rest, TLS 1.2 encryption for data in transit, content firewalls for centralized security and logging, and hardened appliances.
  2. Dedicated Cloud Storage: The Kiteworks platform provides clients with dedicated server space, which means you don’t share cloud space with other clients. We do this to give everyone that extra level of security and peace of mind.
  3. Streamlined Implementation and Use: Once we configure and implement your server, you can use it immediately with simplified automation tools, code-free forms, visual editing, and more.
  4. Data Access and Visibility: With our CISO Dashboards, you can get a comprehensive view of your data: where it is, who has accessed it, and how it is being used. These analytics are critical for governance, compliance, and optimization and can help you support more effective automation.
  5. Audit Logging: Our solutions come with built-in SIEM capabilities and blockchain technology to support fine-grained auditing controls and immutable audit chains.

To learn more about the importance of SFTP for enterprise data management, read our eBook on Modernizing Enterprise SFTP. Make sure you sign up for our newsletter to stay on top of Accellion products, events, and news.

Modernizing Enterprise SFTP

*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Kiteworks authored by Vince Lau. Read the original post at: