SFTP vs. FTPS : Which One To Use?

image_pdfimage_print

SFTP Overview

SFTP (SSH File Transfer Protocol) is referred to as the extension of the SSH protocol which permits the transfer of files through a network.

FTPS Overview

FTPS is a protocol that utilizes a Secure Sockets Layer (SSL) certificate to provide security. The authentication of a protected FTP connection is conducted through the use of the following elements: SSL certificate, user ID, and password. Upon creation of an FTPS connection, the destination FTP server is reviewed through the FTP client software to verify the trust-ability of a server’s certificate.

Difference between SFTP and FTPS

SFTP vs. FTPS : Which One To Use?

Each user has unique requirements when it comes to selecting the most appropriate transfer protocol. However, using FTPS is recommended if a server requires accessibility from portable devices, such as PDAs and smartphones or operating systems which do not have SFTP/SSH clients and yet provide FTP support. Accordingly, SFTP is the way to go if you are seeking to develop a custom security solution.

As for the client side, the requirements are already determined by the server(s) with which they intend to connect. SFTP is the more favored choice when establishing a connection with internet servers due to the by-default support that it enjoys from UNIX and Linux servers.

On the other hand, you have free rein to choose both FTPS and SFTP in case of private host-to-host transfers. However, you would have to hunt for a free FTPS client and server software to use FTPS or buy a license for commercial usage.

Windows Server Fail-over Clustering / SQL Cluster Firewall Access Rules

image_pdfimage_print

Windows Server Clustering
TCP/UDP Port Description
TCP/UDP 53 User & Computer Authentication [DNS]
TCP/UDP 88 User & Computer Authentication [Kerberos]
UDP 123 Windows Time [NTP]
TCP 135 Cluster DCOM Traffic [RPC, EPM]
UDP 137 User & Computer Authentication [NetLogon, NetBIOS]
UDP 138 DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
TCP 139 DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
UDP 161 SNMP
TCP/UDP 162 SNMP Traps
TCP/UDP 389 User & Computer Authentication [LDAP]
TCP/UDP 445 User & Computer Authentication [SMB, SMB2, CIFS]
TCP/UDP 464 User & Computer Authentication [Kerberos Change/Set Password]
TCP 636 User & Computer Authentication [LDAP SSL]
TCP 3268 Microsoft Global Catalog
TCP 3269 Microsoft Global Catalog [SSL]
TCP/UDP 3343 Cluster Network Communication
TCP 5985 WinRM 2.0 [Remote PowerShell]
TCP 5986 WinRM 2.0 HTTPS [Remote PowerShell SECURE]
TCP/UDP 49152-65535 Dynamic TCP/UDP [CAN BE CHANGED]

SQL Server 
TCP/UDP Port Description
TCP 1433 SQL Server/Availability Group Listener [CAN BE CHANGED]
UDP 1434 SQL Server Browser
UDP 2382 SQL Server Analysis Services Browser
TCP 2383 SQL Server Analysis Services Listener
TCP 5022 SQL Server DBM/AG Endpoint [CAN BE CHANGED]
UDP 49152-65535 Dynamic TCP/UDP [CAN BE CHANGED]

Active Directory Traffic
Source IP Range : Server’s IP Range
Destination IP Range [Active Directory Servers]
TCP Ports 53,88,389,464,636,3268,3269
UDP Ports 53,88,389,464

Windows Server Fail-over Clustering Traffic
TCP Ports 135,139,445,1433,2383,3343,5022,5985,5986
UDP Ports 137,138,445,1434,2382,3343,49152-65535

Windows Time Traffic
TCP Ports N/A
UDP Ports 123

Client SQL Server Access Traffic
TCP Ports 1433,2383 (If default port used)
UDP Ports 1434,2382

For a comprehensive list of Services and their associated network port numbers, please refer the Microsoft Official Guide

[source: Microsoft]