![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 90%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,948 questions
We noticed that you rated an answer as not helpful. We value your feedback and want to help you further and share a detailed answer If the below response answered your query, please click "Accept as answer" as a token of appreciation.
Historical approach before native SFTP Support i.e., before Azure introduced native support for SFTP on Blob storage, the Azure community typically created SFTP servers by:
- Setting Up VMs: Creating VMs on Azure to host SFTP server software.
- Installing and Configuring SFTP Software: Installing and configuring SFTP server software on these VMs.
- Managing Firewalls: Configuring firewalls to allow inbound SFTP traffic.
- Maintaining Infrastructure: Regularly updating, patching, managing, and scaling the VMs and associated infrastructure.
You can refer to https://www.infoq.com/news/2022/11/sftp-azure-blob-storage/
Cost-Benefit Analysis
Option 1: Native SFTP Support on Azure Blob Storage
Pros:
- Low Maintenance: No need to manage VMs or firewalls.
- Scalability: Easily scalable without additional infrastructure.
- Security: Inherits Azure Blob Storage’s security features.
- Cost Saving: Enabling SFTP has an hourly cost.
Cons:
- Limited Customization: Less flexibility in configuring the SFTP server compared to a VM-based setup.
Option 2: Non-Native SFTP Server with 3rd Party Firewall
Pros:
- Customization: Full control over the SFTP server configuration.
- Integration: Can integrate with existing security infrastructure like Checkpoint firewall.
Cons:
- Higher Maintenance: Requires managing VMs, firewalls, and regular updates.
- Complexity: More complex to set up and maintain.
- Cost: Costs for VM instances, firewall management, and potential additional licensing fees for third-party software
Conclusion:
The native SFTP support on Azure Blob Storage is generally more cost-effective and easier to manage, making it suitable for most use cases. However, if your client requires specific configurations or integrations with existing security infrastructure, a non-native SFTP server with a Checkpoint firewall might be the better option.
Would you like more details on any specific aspect of these options?
(Non-Native SFTP), as suggested in the earlier response by Vikas
To create a non-native SFTP server with a Checkpoint firewall between the SFTP client and Blob storage, you need to follow below steps:
- Create a Virtual Machine (VM): Set up a VM on Azure.
- Install SFTP Server Software: Install an SFTP server software like OpenSSH, FileZilla, or WinSCP on the VM.
- Configure Firewall on VM: Allow inbound traffic on port 22 (or your chosen SFTP port) using the built-in Windows Firewall or a third-party firewall software.
- Set Up Network Security Group (NSG): Associate an NSG with the VM and allow inbound traffic on port 22 from the desired IP addresses or ranges.
- Configure Checkpoint Firewall: Allow inbound traffic on port 22 from the VM’s public IP address.
- Test the SFTP Server: Use an SFTP client like FileZilla or WinSCP to connect to the SFTP server using the VM’s public IP address and SFTP port.
Hope this helps! Please feel free to comment and tag me in your comments. and Accept Answer and hit Yes for "was this answer helpful" if this helps.