FTP on SQL Server

  • Hi

    Need some documentation related to security issues on having FTP port open in SQL servers.

    What do you guys as DBA’s think of this? Is this a security issue? If so how do you handle this type of request?

    Any advice will be good

    Thanks:-)

  • Going to start with "It depends." Personally, if I can get a dedicated FTP server I 'd go that route. They really aren't that expensive to setup and putting an FTP server on your SQL Server box just provides more surface area to attack.

    If you are a small company with limited resources, then just be sure to let the stake holders know it adds additional security concerns to your SQL Server system.

  • Thanks,

    how about having a seperate server to handle all the FTP upload and download stuff and then SQL server access a shared folder on that server over the network?

  • Damian-167372 (11/14/2014)


    Thanks,

    how about having a seperate server to handel all the FTP upload and download stuff and then SQL server access a shared folder on that server over the network?

    Previous company, separate FTP server used "smoke and mirrors" to have the files actually delivered to a directory on our SQL Server system. This was an internal FTP server used exclusively by our group to transfer data downloads to our SQL Server system.

    What you are suggesting above is what I would go with not knowing more about your requirements.

  • enabling FTP also requires the application server features. It's bad practice to host web services on your SQL Server, segregate them always

    -----------------------------------------------------------------------------------------------------------

    "Ya can't make an omelette without breaking just a few eggs" 😉

  • We have a configuration where our SQL Server reads files that were FTPed to us. We have them on separate servers and I'd recommend the same thing to you. I would never want to have them on the same server.

    As for as SQL retrieving data from an FTP server, I see two approaches you can take. Both can be done in a stored procedure.

    1. You can have SQL Server read from a network share where the incoming files are saved. The requirement here is that the SQL Server (the network account used by the service) has to have permission to the particular network share.

    2. You could have SQL Server access the FTP server using the FTP protocol and do a GET to download the files to its own file system and process them from there. This approach has the added advantage of being able to process files from an external FTP server you don't control.

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply