FileXpress Gateway provides a secure way to manage file exchange. Secure authentication and encryption are used for all connections. Two possible configurations are shown below.
The simplest configuration has only two components. All FileXpress Gateway services are located on a single server, and files are transferred to and from this server. This configuration can be helpful for initial testing even if your final plans involve a more complex configuration.
A typical distributed configuration is shown below. This configuration supports secure file exchange with users outside your network. Files are transferred through a proxy in the DMZ to a file storage server behind the firewall. In this configuration, the FileXpress Gateway Administrator (which manages user and transfer configuration) also runs securely in the internal network.
- User workstation
Users log on to the web-based FileXpress Secure Shell Proxy Transfer Client using an email link or a URL you provide. It provides an easy drag-and-drop interface for transferring files.
- FileXpress Gateway Proxy
In all configurations, the FileXpress Gateway Proxy runs the following two services:
- FileXpress Transfer Server: Provides the Transfer Client web application and communicates with the FileXpress Gateway Administrator for user authentication and transfer site configuration information.
- FileXpress Secure Shell Proxy: Manages Secure Shell file transfers to and from the designated file storage location.
In the simpler configuration, the FileXpress Gateway Administrator also runs on this system, and files are uploaded and downloaded directly to and from this server.
In the distributed configuration, the FileXpress Gateway Proxy is not used for file storage. Instead, it acts as a gateway to a file server located behind the firewall. With this configuration, data streams continuously through the gateway, eliminating the need to save files on this server. This is more secure and more efficient than file transfer solutions that require the file to be stored and then forwarded.
- FileXpress Gateway Administrator
The Gateway Administrator service maintains user and transfer data and provides a web-based tool for provisioning users and configuring transfers. You can use it to provide access to external users (such as customers or business partners), as well as to allow access to remote employees (users with domain accounts in Active Directory who are working outside your firewall).
- File storage
In the simplest configuration, you upload and download files to and from the FileXpress Gateway Proxy. However, in most cases you will want to store files securely behind your firewall. You can configure FileXpress to transfer files to and from a designated file storage server. This can be a Windows system running the Reflection for Secure IT server (included with FileXpress Gateway) or any other SFTP-enabled SSH server.