file server

overview

iSilo™ implements a WebDAV file server, which is essentially a web server that allows file transfer in both directions using the standard WebDAV protocol. In order to be able to transfer files in both directions, such as transferring files to and from a desktop computer, the client computer must understand the WebDAV protocol. Most desktop operating systems have built-in capabilities for connecting to WebDAV servers for transferring files in both directions. This discussion will use the term computer to refer to the client device, as the assumption is that most users want to be able to transfer files to and from their desktop or notebook computers. However, client devices are not limited to desktop computers.

For purposes of basic security, the initial default has the server enabled only while in the File Server View dialog, but with no access limitations. This default limits the timeframes during which the server is open or vulnerable to access, but still keeps things easy enough for a new user to get started transferring files. Read the following section to better understand some of the security implications of having the file server active.

Although the WebDAV protocol is a standard, different WebDAV servers and clients may have implementations that differ from the standard in one or more ways that can sometimes make interoperability difficult. As such, it is possible that one or more WebDAV clients may not work with the iSilo™ WebDAV file server.

However, once you are successfully able to transfer files using the initial default settings, you are encouraged to add password protection to the server. But taking into consideration possible interoperability difficulties, it is altogether possible that although you may be able to successfully transfer files with no password protection, you might find that adding password protection makes it impossible to transfer files.

security

The main security implication of having the file server active is that files can be transferred from the device. With no access restrictions, anybody that can reach your device through the network with a web browser can download your entire set of files. Someone who has a WebDAV client would be able to delete or replace your files. If you have private, confidential, or sensitive documents, this is likely to be a major concern of yours.

iSilo™ provides a number of different options in the File Server View dialog for customizing when the server is active and what types of access restrictions to impose.

server lockdown

The most secure option is to never activate the server at all by doing the following: With the above settings, no one can use the server to copy files from the device. This also means that you can not connect to the server to copy files to the device. To get files to the device, you can download files from a web server where you have placed the files.

best security

The following settings probably provide the best level of security balanced against the need to transfer files to and from the device: With the above options, the server is active only when you explicitly go to the File Server View and anyone who attempts to access the server must be able to provide the correct user name and password in order to have access to the files through the server.

Because the above settings also limit access to the Public folder, it means that once you transfer files to the device, you should move those files to a folder outside of the Public folder. If you transfer files from the device, you must of course place the files in the Public folder first before you can copy them from the device using a web browser or WebDAV client, and then after copying the files, delete them from the Public folder. By limiting access to the Public folder, if anyone should be able to guess your user name and password, they would only be able to access files in the Public folder. This latter point implies that you should never leave any private files in the Public folder for any length of time beyond that needed to transfer them.

Setting the option to not allow web file listings prevents someone who does guess your user name and password from getting a listing of your files using a web browser. Although it would not prevent that person from downloading a file from the Public folder if the person knew the name of the file.

good security

For settings that allow a good amount of security while providing more convenience, you can set the options as follows: The only difference between these settings and the ones recommended for best security is that access is not limited to the Public folder in these settings. Thus, you do not need to copy files in and out of the Public folder for transfer. You can instead just copy files directly to the folders where you want them to go and copy directly from those same folders when copying files from the device to a computer.

basic security

For settings that provide basic security, you can set the options as follows: The above settings provide a basic level of security that also adds more convenience in that as long as you are not viewing a document, the server is active, eliminating the step of having to go to the File Server View in order to be able to transfer files. Requiring a user name and password provides the basic level of security.

no security

For settings that allow open access, you can set the options as follows: The above settings impose no access restrictions and would be useful if you are on an isolated network in which there are no security worries or if you intend for your device to act as a public file server.
back to contents
©1999-2018 DC & Co. All rights reserved.