Searching for a method to download/upload files to our servers in a secure and cheaper manner (Secure FTP licenses are very expensive, especially when you have many users downloading/uploading files), we have “re-discovered” one of the more useful (and unknown) components of Windows, Background Intelligent Transfer Service (BITS).
BITS transfers files between a client and a server asynchronously in the foreground or background, preserving the responsiveness of other network applications and resuming automatically the file transfers after networks disconnects or computers restarts. It works at IIS level and in fact you need to create a web site on your IIS and enable BITS service on it to get BITS running in your server. When you have done it, you can transfer your files across both protocols HTTP and HTTPS. The transfer speed is very similar to the one achieved by sFTP but without any vendor software (and the corresponding license cost).
The infrastructure design to build a secure environment that enables your users to download/upload files to your servers is very simple, you need to build a “batch” server where BITS will be implemented and enable communication to this server across port 443 from internet (where users download/upload files) and from your internal servers that will work with BITS too. In this case, both users and application servers will act as BITS clients downloading/uploading files to the BITS server (the Batch one).
Port 443 is opened in unidirectional mode but the files are transfered in both directions from Clients to Server and from Server to Clients.
Other option is to open port 445 between Batch server and Application servers (in unidirectional mode), then share a folder in the application server, map this folder on Batch one and convert it in a virtual directory in your BITS web application. In this way, when a user or server upload a file to the url https:\\bits.mycia.com\app1 it is moved automatically to the application server where app1 folder is shared, across port 445.
The next steps are, evidently, how enable BITS in our Batch servers and how download/upload files to them…Coming in this blog :-)
No hay comentarios:
Publicar un comentario