SFTP Poller Solutions

The SFTP Poller from Layer3 Systems Limited can be sized to match any budget, from low cost occasional use to High Availabilty Cluster solutions that provide Enterprise level fault tolerant non stop support for many thousands of file transfers per day. Typical customers use our technology to move a range of files, from small sub megabyte spread sheets to sub terabyte HD Video, often within mission critical environments.

Network Integration
- Internal

There are two basic ways to implement the SFTP Poller in a network. The simplest is to integrate it as part of your internal network behind the firewall. (See also DMZ integration)

In this example the SFTP Poller sits inside the user network. It can then “reach” out to access remote sites. The SFTP Poller initiates and controls all transfers, either pushing files out or pulling files in, external systems cannot access the SFTP Poller.

This is the same as how a normal user accesses the Internet and is therefore just as secure - no service is exposed to the outside world and therefore no unauthorised access can take place.

The SFTP Poller enhances security in a number of ways, centralising operation, removing logins and passwords from users, providing a central single point of management and a secure audit trail. It can also enhance security as its possible to lock down access to the SFTP Poller to specific devices inside the network, reducing the opportunity for unwanted activity.

This can be inflexible though. If there are multiple co-operating sites and none have a DMZ then there would be no way for any site to safely access any other. This can be resolved by having a centralised Internet based SFTP server acting as a hub.

This design maintains your security by locating the system behind the firewall. You could implement an SFTP Server on the SFTP Poller, however you would need to open your firewall to allow inbound access. This is not recommended as it brings external, potentially hostile traffic, into your internal network.


Network Integration

There are two basic ways to implement the SFTP Poller in a network. A more powerful and flexible technique is to locate the SFTP Poller within a separate network (DMZ) specifically setup for controlling external access.

In this example the SFTP Poller sits in the DMZ. The Poller can push files onto or or pull files from remote servers in the usual way. The poller may also access a standard SFTP service on a file server inside the internal network to pick up and drop off files. Alternatively network shares can be arranged so that the SFTP Poller is accessible internally.

Users on the internal network simply access the local server to drop off or pick up files. This gives a high degree of flexibility with a reasonable amount of security. The firewall ensures that the SFTP Poller in the DMZ can only access the SFTP service on the internal server.

This model gives the added benefit that the SFTP Poller can also act as an SFTP server. This makes it possible for other SFTP Pollers on remote sites (or any other external SFTP client) to access files available from this site. The SFTP Poller provides the service of moving files between the internal network server and the public facing DMZ based SFTP Poller/SFTP Server. Further security can be implemented in the firewall to ensure that only specific external devices can access the SFTP Poller thus protecting the system from unwanted access.  This maintains good security whilst enhancing flexibility and cooperative working with other companies.


A   43 Pendle Road,
Streatham, London
SW16 6RT 

Layer 3

Layer3 Systems © 2020