Goal
To transfer files from one network to another where file transfer to and from each network is only allowed via a demilitarised zone (DMZ).
Preconditions
- A JADE client on each network. Alternatively, a JobScheduler with JITL Jobs could be used for this.
- Jade Client on the DMZs To send files over the Internet via a DMZ using a jump server it is neccessary to install the JADE client on the DMZ/jump server before starting the file transfer. More information about the installation and a download containing all the files needed can be found here: JADE client.
- Configuration file with JADE profiles
- Firewall Configuration Firewalls on both DMZs must allow direct file transfer between the DMZs
File transfer
Starting the file transfer
The file transfer can be started by using
- the local jade4dmz client
- the job Jade4DMZ_Copy_To_Internet
The jade4dmz client is to be started with:
jade4dmz.cmd|sh <configuration file name> <section name>
Sending files via the Internet from one network with a DMZ to another network with a DMZ
The file transfer processes in the sending network are controlled and checked by a JADE client in the network (JADE1).
These processes are shown in the diagram below.
File transfer between the DMZs is carried out from the sending DMZ - i.e. it is a "push" process.
"Pull" transfer is not be desirable as it would involve folders in the sending DMZ being polled from the receiving network.
(1) Copy data to source DMZ
After checking and creating the respective temp folders, the files to be transferred are copied by the controlling JADE client in Network 1 (JADE1) from the network file system to the temp folder in DMZ1. This is done using SFTP, FTP or FTPS.
(2), (3) Start JADE clients in DMZs per SSH
The controlling JADE clients (JADE1 and JADE2) start the JADE clients in their respective DMZs using SSH.
(4) Transfer data to target DMZ
The JADE client in DMZ1 carries out the file transfer from DMZ1 via the Internet to DMZ2. This can be done using SFTP, FTP, WebDav, etc.
(5) Delete data from source DMZ
After successful file transfer from DMZ1 to DMZ2, the JADE1 client uses SFTP, FTP or FTPS to delete the transferred files from DMZ1.
(6) Delete data on local
If required, the files on netork 1 will be deleted from the local file system by the JADE1 client.
Receiving files via the Internet in a network with a DMZ
The file transfer processes in the receiving network are also controlled and checked by a JADE client in the network (JADE2).
These processes are shown in the diagram below.
After data has been copied to the target DMZ:
The following steps take place after files have been transferred to the temp folder in DMZ2:
(1) Copy data to target network
The controllling JADE client in the target network (JADE2) copies the files from DMZ2 to the local file system. This can be done using SFTP, FTP or FTPS.
(2) Delete data on local
The JADE2 client deletes the copied files from DMZ2.
See also:
- How to send/receive files using DMZ as a jump server
- How to poll a server in the DMZ and execute a job chain for each file found
- JADE / SOSFTP FAQ#Operation