File Transfer

You need a security dongle inserted in the server which configuration you want to change, RED or BLUE.

Prerequisites

Before you configure any transfer parameters:

Ensure a dongle is inserted in the server you want to modify.
Ensure NetWall BLUE and NetWall RED network addresses are configured.
Ensure the current license and personality are uploaded.

FTP

This should be configured in both sides BLUE and RED. Each of the sides have their own management UI.

You can define several FTP servers in NetWall UI to send files from BLUE to RED (or viceversa). To do so, just follow the instructions bellow.

Go to the management UI and insert user and password to login.

Click the File Transfer link, select the FTP label and then click on the Add FTP Share button.

Complete the following fields:

FTP Channel: You have to choose one channel number.

This FTP Channel have to be the same in both sides, BLUE and RED.

User: Username for FTP file transfer server
Password: Password for the FTP server
Server: Name or IP address for the FTP server
Share: Folder on FTP server. The value can be a folder name or a ‘/’, depending on how you set up file sharing on the FTP server.
- NetWall BLUE: Location on the BLUE zone server that contains the data to be transferred
- NetWall RED: Location on the RED zone server that will receive the transferred data
Encryption: NetWall supports FTPS File Transfers. Use the dropdown list to select FTP for unencrypted file transfer, FTPS (explicit) for FTPS encrypted file transfer using explicit mode and FTPS (implicit) for encrypted file transfer using implicit mode. When implicit mode is selected, Port will automatically change from 21 to 990.
Port: Deafult values for FTP protocol is 21 and 990 for FTPS implicit mode. User can manually change the Port.
Description (optional): Description of the FTP transfer.
Enabled: File transfer will be enabled if this checkbox is ticked.
Delete Files on Share after transfer: If this checkbox in ticked, files will be erased from the Share folder once the file transfer have been completed. This option will be present only in the sending side.
Preserve file timestamp: If this checkbox is ticked, files will preserve the timestamp once the transfer is completed.

Connection can be tested to check the configuration pressing Test button.

After filling in the fields, click on the Submit button to save configuration.

SFTP

This should be configured in both sides BLUE and RED. Each of the sides have their own management UI.

You can define several SFTP servers in NetWall UI to send files from BLUE to RED (or viceversa). To do so, just follow the instructions bellow.

Go to the management UI and insert user and password to login.

Click the File Transfer link, select the SFTP label and then click on the Add SFTP Share button.

Complete the following fields:

SFTP Channel: You have to choose one channel number.

This SFTP Channel have to be the same in both sides, BLUE and RED.

User: Username for SFTP file transfer server.
Auth: Select between password or Private Key depending on what is the preferred authentication method.
Password/Private Key: insert here the password or Private Key depending on the authentication method selected.
Server: Name or IP address for the SFTP server.
Port: Default port for SFTP file transfer is 22 but it can be changed by the user.
Share Path: Folder on SFTP server. The value can be a folder name or a ‘/’, depending on how you set up file sharing on the SFTP server.
- NetWall BLUE: Location on the BLUE zone server that contains the data to be transferred.
- NetWall RED: Location on the RED zone server that will receive the transferred data.
Description (optional): Description of the SFTP transfer.
Enabled: File transfer will be enabled if this checkbox is ticked.
Delete Files on Share after transfer: If this checkbox in ticked, files will be erased from the Share folder once the file transfer have been completed. This option will be present only in the sending side.

Connection can be tested to check the configuration pressing Test button.

After filling in the fields, click on the Submit button to save configuration.

This should be configured in both sides BLUE and RED. Each of the sides have their own management UI.

Go to the management UI and insert user and password to login.

Click the File Transfer select the Windows Share label and then click on the Edit button.

Complete the following:

User: Username for the Windows File Sharing server.

OPSWAT NetWall does not support cloud-based credentials

Password/Re-enter: Password for the Windows server.
Server: Name or IP address for the Windows server.
Share: Folder on Windows File Sharing. This value must be a folder name.
- NetWall BLUE: Location on the BLUE zone server that contains the data to be transferred
- NetWall RED: Location on the RED zone server that will receive the transferred data
Description (optional): Description of the Windows Share transfer.
Enabled: File transfer will be enabled if this checkbox is ticked.

Connection can be tested to check the configuration pressing Test button.

After filling in the fields, click on the Submit button to save configuration.

Once Configured, all the files trasferred using NetWall will be scanned for malicious activity by MetaDefender Core. This scan will be performed before the transfer is done. Please, if you want more details on MetaDefender Core management and operation, go to https://docs.opswat.com/mdcore

API Key

API key are required in order to enable API integration with other products.

How to generate an API Key

In NetWall BLUE, go to https://localhost:8008 to access built in MetaDefender Core UI and login.

From the sidebar menu go to User Management.
Click on admin user
Copy the API key (generate one if the box is empty). We will use it to configure NetWall BLUE side to configure the integration with MetaDefender Core

Configuring NetWall BLUE for MD Integration

In order to configure MetaDefender Core, fill out the necessary information on the NetWall BLUE configuration page:

URL: The url of the MetaDefender Core we will use to scan the files transferred (e.g http://localhost:8008).
API Key: Paste the API Key copied in the previous step, API Key.
Timeout [Sec. 1-600]: can be used to specify a timeout when waiting for results from MetaDefender Core.
Scan FIles: check this box to activate MetaDefender Core scan for trasferred files.
Test Connection: press this button to check if the connection with MetaDefender Core instance is OK.

Click Submit to save the changes. NetWall will now process files with MetaDefender Core.

Historical Data

NetWall will keep record of the files transferred from BLUE to RED. To consult the Historical data just click on the History tab within File Transfer section.

Please, notice that File Transfer Historical Data is not stored in backups. Check Backups for more information about that feature

Once the data is loaded it can be filtered in several ways.

Undelivered: Only shows undelivered transfers. File haven't been received by RED side.
Time filters: Daily, weekly and monthly filters can be applied. A date range can also be defined.
Search box can be used to search for specific files by typing text.

Please, notice that this information can be checked in both sides BLUE and RED.

Erasing Historical Data

Historical Data can be flushed using NetWall CLI. The command flush_file_history will remove historical data from the database and the WEBUI. It also will remove the current file transfer queue. After doing so the system will reboot.

To use NetWall CLI a monitor and a keyboard should be connected to each server, BLUE and RED. After introducing valid credentials (user/password), type the following commands:

NetWall> management

NetWall (mgmt)> flush_file_history

The system will request a double confirmation before removing the files and rebooting.

Last updated on

Was this page helpful?