Secure TFTP Proxy

Trivial File Transfer Protocol (a.k.a. TFTP) is not as trivial as its name suggests. Even though TFTP is a very simple, very basic file transfer protocol, it plays an important role in enabling management applications to manage the network device configurations. The majority of network devices provide mechanisms whereby they can be commanded to transfer their configuration files to/from a TFTP server, and a growing number of management applications have been developed, taking advantage of these mechanisms, to provide advanced configuration management services for large numbers of network devices.

The common industry practice where networks are partitioned into security zones using conventional firewalls creates a problem for these applications, requiring network administrators to choose between two equally unacceptable alternatives: prevent TFTP traffic from passing through the firewall, accepting the resulting loss of ability to transfer configuration files to/from the devices beyond, or allow TFTP traffic to pass through the firewall, accepting the associated security risks. These security risks, in the case of TFTP, are significant, given that TFTP does not require login, and uses UDP, which is relatively easy to spoof, as a transport protocol.

ZoneRanger resolves this dilemma by acting as a proxy TFTP server. Managed devices, acting as TFTP clients, are instructed to transfer files to and from the ZoneRanger, rather than communicating directly with the management applications, eliminating the need to open the firewall to TFTP traffic. The ZoneRanger can proxy TFTP requests through to the management applications, or can be configured to transfer files to/from an internal directory, or to/from directories on the servers where the management applications are installed.

The ZoneRanger TFTP proxy feature can be used together with the SNMP proxy feature to handle the situation where managed devices are instructed to transfer configuration files using an SNMP set request. When the ZoneRanger sees an SNMP set request that appears to be instructing a device to perform a configuration file transfer, it can modify the request, effectively redirecting the request to use the ZoneRanger’s TFTP server, then when the managed device initiates the request, will proxy the file transfer through to the originally requested TFTP server.

TFTP is part of a growing suite of management protocols supported by ZoneRanger. Other supported protocols include:

  • FTP
  • ICMP
  • NetFlow / sFlow
  • NTP
  • SNMP
  • Syslog
  • Telnet / SSH