Packet inspection? Weird. You can, with FTPS, open up the control channel so the Firewall can monitor the control connection (port 21), which lets it dynamically assign ports that the server/client negotiate for the data connection (aka port 20). SFTP (SSH) is entirely encrypted and cannot have its activity monitored.
Scott On Mon, Jan 4, 2010 at 1:01 PM, Hal Merritt <[email protected]> wrote: > Trying to do some due diligence in planning some data transfers and getting > really confused. > > Many seem to be saying that all FTP traffic has to be encrypted to meet PCI > standards. And yet I cannot find any such statement in the PCI standards. > But I did find a requirement for firewall packet inspection which, I am > told, is impossible if the traffic is encrypted. Did I read that right? > > > NOTICE: This electronic mail message and any files transmitted with it are > intended > exclusively for the individual or entity to which it is addressed. The > message, > together with any attachment, may contain confidential and/or privileged > information. > Any unauthorized review, use, printing, saving, copying, disclosure or > distribution > is strictly prohibited. If you have received this message in error, please > immediately advise the sender by reply email and delete all copies. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
