Product Knowledge Base

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Next »

Goal

To transfer files from one network to another where file transfer to and from each network is exclusively allowed via a demilitarized zone (DMZ).

Preconditions

  1. A JADE client on each network is required. Alternatively, a JobScheduler with YADE JITL Jobs could be used.
    • To send files over the Internet via a DMZ using a jump server it is required to install the JADE client on the DMZ/jump server before starting the file transfer.
  2. JADE Configuration file 
    • Configuration file with JADE profiles for each JADE client.
  3. Firewall configuration
    • Firewalls on both DMZs have to allow direct file transfer between the DMZs.

File transfer

Starting the file transfer

The file transfer can be started by using

  1. the JADE Client CLI jade4dmz command
  2. the JADE JITL job Jade4DMZ_Copy_To_Internet

The JADE client is started with the jade4dmz command:

 jade4dmz.cmd|sh <configuration file name> <profile name>

Sending files via the Internet from one network with a DMZ to another network with a DMZ

The file transfer processes in the sending network are controlled and checked by a JADE client in the Network (furtheron JADE-1 and Network-1). These processes are shown in the diagram below.

  • File transfer between the DMZs is carried out from the sending DMZ, i.e. it is a "push" operation.
  • "Pull" transfer is not desired as it would involve folders in the sending DMZ being polled from the receiving network.

 

(1) Copy files to source DMZ

After checking and creating the respective temporary folders, the files to be transferred are copied by the controlling JADE-1 client in Network-1 from the source system to the temporary folder in DMZ-1.

(2), (3) Start JADE clients in DMZs per SSH

The controlling JADE-1 and JADE-2 clients start the JADE clients in their respective DMZs using SSH.

(4) Transfer files to target DMZ

The JADE client in DMZ-1 carries out the file transfer from DMZ-1 via the internet to DMZ-2.

(5) Delete files from source DMZ

After successful file transfer from DMZ-1 to DMZ-2, the JADE-1 client uses SFTP, FTP or FTPS to delete the transferred files from DMZ-1.

(6) Delete files on source system

If required, the files on Network-1 will be deleted by the JADE-1 client.

Receiving files via the Internet in a network with a DMZ

The file transfer processes in the receiving network are controlled and checked by a JADE client in the Network (furtheron called JADE-2 and Network-2). These processes are shown in the diagram below. 

After the files have been copied to the target DMZ the following steps take place after files have been transferred to the temporary folder in DMZ2:

(1) Copy files to target network

The controllling JADE client in the target network (JADE-2) copies the files from DMZ-2 to the local file system. This can be effected by using SFTP, FTP or FTPS.

(2) Delete files on local file system

The JADE-2 client deletes the copied files from DMZ2.

See also

 

  • No labels