What is the File Transfer Protocol (FTP)?

The File Transfer Protocol (FTP) is a network protocol designed to efficiently transfer files from one computer to another. Files may be uploaded to or downloaded from the FTP server.

Read the Frost & Sullivan Report Request a Demo

What is the File Transfer Protocol (FTP)?

How Does File Transfer Protocol (FTP) Work?

FTP is unusual in that it opens two different TCP connections between the client and the server. One connection is responsible for transmitting control information between the client and server, while the other is used for the actual file transfer.

In most cases, an FTP connection begins with the client authenticating to the server. Once the client has authenticated, they have access to a command line interface that allows them to send various commands to the server. For example, GET can be used to download a file, while SEND is used for uploads. The client can also change directories and perform other actions on the server.

All of these commands are sent over the FTP command connection. Any data that is transferred between the client and the server — such as files that are uploaded or downloaded — moves over the data connection.

What is FTP Useful For?

FTP is designed to provide an efficient means for large-scale data transfer. While other protocols — such as email — will work for smaller files, FTP can provide efficient, high-performance data transfer for multi-gigabyte files. This efficient file transfer is useful for various purposes. For example, companies may use FTP as part of their core backup processes or to move large files between servers to and from their cloud-based infrastructure.

Security Challenges of FTP

Like many of the foundational protocols of the Internet, FTP was not originally designed to be secure. In fact, FTP sends usernames and passwords over the network in plaintext and does not encrypt data in transit.

This poses significant security risks to an organization making use of FTP. An attacker that is able to eavesdrop on FTP traffic can collect usernames and passwords that could allow them to access the FTP server and potentially other accounts. Additionally, the attacker may be able to steal sensitive data being transferred via FTP or modify the information in transit.

To address these security risks, the original FTP protocol has been updated or replaced with more secure variants. For example, FTPS wraps an FTP connection in SSL/TLS, which provides authentication, encryption, and integrity protections. Alternatively, SFTP is an equivalent protocol that uses the Secure Shell (SSH) protocol to safely transfer files over the Internet.

Types of File Transfer Protocol

FTP is a very useful protocol, enabling large volumes of data to be efficiently moved over the network. As a result, it has received updates and enhancements over the years to address its significant security issues. Some of the various types of FTP that exist include:

Anonymous FTP: Anonymous FTP does not require the user to authenticate to the FTP server to upload or download data and doesn’t use encryption. While this is sometimes used to provide access to publicly-available data, it has significant security risks if used for more sensitive information.
Password-Protected FTP: Password-protected FTP works similarly to anonymous FTP and also uses ports 20 and 21. It lacks encryption but does require users to authenticate to the FTP server.
FTP Secure (FTPS): FTPS adds encryption and authentication to the FTP protocol by wrapping connections with SSL/TLS. It defaults to using port 990 for its data connection.
FTP over Explicit SSL/TLS (FTPES): An FTPES begins as a normal FTP connection on port 21. However, it is then upgraded to an SSL/TLS encrypted connection.
Secure FTP (SFTP): SFTP is a distinct protocol from FTP but performs the same purpose. It runs on top of SSH and provides encrypted, authenticated file transfer just like the other secure FTP variants.

FTP Security with Check Point Solutions

Unmanaged and insecure FTP connections can pose a significant risk to an organization’s account and data security. These connections can leak user credentials and sensitive data to an attacker.

FTP — secure or otherwise — also poses threats to data loss prevention (DLP). As a bulk file transfer protocol, FTP is ideally suited to exfiltrating large volumes of sensitive data from the corporate network.

Check Point’s next-generation firewalls (NGFWs) have integrated FTP security functionality. One feature is stateful inspection, which allows FTP data connections only after observing an associated FTP control connection. Check Point NGFWs also include integrated data security controls and DLP for FTP and other protocols. Learn more about what to look for in an NGFW in this buyer’s guide.

FTP can be an invaluable protocol for an organization if it is used correctly and securely. Check Point NGFWs can help an organization manage FTP security risks and protect against attempted data exfiltration via FTP. To learn more about Check Point’s NGFWs and their benefits to your organization, sign up for a free demo today.

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK