MOVEit Gateway provides a DMZ proxy function that enables deployments of MOVEit Transfer within secured networks (behind the firewall) to meet the advanced compliance requirements often associated with data protection regulations such as GDPR, HIPAA and PCI-DSS.
MOVEit Gateway provides a multi-layered security approach that enables deployments of MOVEit Transfer within secured networks (behind the firewall). This ensures that data storage, authentication and file transfer activities do not occur in the DMZ network segment. When external regulations or internal security and compliance policies require the highest levels of security for data transmissions beyond your internal network, MOVEit Gateway assures that:
MOVEit Gateway acts as a proxy between inbound connections from the public network and your internal trusted network. Deployed in the DMZ network, with MOVEit Transfer deployed behind the firewall in your secure network, it ensures that file transfer
tasks are protected behind multiple layers of security.
When the Gateway service is started, it creates a secure tunnel to handle all communications between itself and the MOVEit Transfer server. Client SFTP and FTP/S authentication requests are terminated at the Gateway and formulated into a similar request between the Gateway and the MOVEit Transfer server. The response from the MOVEit server is again decrypted and reformed into a similar response which is then encrypted and sent back to the client.
The same process is used for authentication and file transfer ensuring that all inbound connections are terminated, and all outbound connections originate at the Gateway and in the DMZ.