I have a problem to create the following policy for ftp access. Not the ftp access via http, but the passive ftp access via ftp client.
My current policy can only allow or prohibit the access from individual IP addresses to all FTP Servers.
I want to create a policy for ftp access only by certain users on certain servers. For all other users the ftp access should be forbidden.
you may look at rfc959 (FTP Protocol description). Native FTP does not support inline authentication, it is always done between the FTP Server and the endpoint (from my point of information).
You can use FTP authentication with MWG, this is also possible using the command line FTP from windows. The user has to connect to the FTP Server in another way. Here is an example:
ftp> open proxy.mycompany.com 1234
Connected to proxy.mycompany.com
220 FTP proxy ready
User (proxy.mycompany.com: (none)): User667@www.destinationftpserver.info
331-FTP Server ready.
331 Password required for User667.
Hope this helps,
Ok, thanks for your advice i understand the behaver. But I search for a way to restrict the ftp access to dedicated servers. Any idea?
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC