Forefront Server Security TechCenter >
Forefront Server Security Forums
>
Forefront Security for Office Communications Server
>
File Transfer Flow with Forefront for OCS
File Transfer Flow with Forefront for OCS
- Hi All,
I would like to ask if someone knows if a file transfer is done in a peer-to-peer way, even with ForeFront for OCS installed in the OCS pool.
What I was wondering, is that since the FSOCS must filter the files, if this will force that a file transfer would pass through the OCS server, instead of going peer-to-peer.
I ask this because in my environment, not all users are in the same network, and don't have connectivity between then, so they can't use file transfer feature in MOC.
If the FSOCS would force files to pass through the FE server, would solve me a big issue.
Thanks in advance!
Answers
- When Forefront Server for OCS is installed on your OCS FE Pool, all file transfers are proxied through the FE servers and are no longer peer-to-peer. As you implied, this is done so that Forefront can protect the file transfers to perform filtering and/or virus scanning.
That said, the file transfer will only be proxied through a single FE server (in the case where you have multiple FEs or multiple pools). In order for file-transfers to function, the FE servers need to be configured to allow inbound connections on TCP 6891-6900 (by default). This will allow Forefront to receive the file from the IM sender. Additionally, the FE server would need to be able to reach (outbound connection) the machine where the IM recipient is located.
Without knowing more about what your network limitations are, I'm not sure whether this is a "solution" for your file transfer scenario you're describing.
Hope that helps.
ShreyS [MSFT]
Forefront Server Security- Proposed As Answer byShreyS [MSFT] Thursday, March 19, 2009 12:12 PM
- Marked As Answer byJim MoliniMSFT, OwnerFriday, March 20, 2009 2:04 PM
All Replies
- When Forefront Server for OCS is installed on your OCS FE Pool, all file transfers are proxied through the FE servers and are no longer peer-to-peer. As you implied, this is done so that Forefront can protect the file transfers to perform filtering and/or virus scanning.
That said, the file transfer will only be proxied through a single FE server (in the case where you have multiple FEs or multiple pools). In order for file-transfers to function, the FE servers need to be configured to allow inbound connections on TCP 6891-6900 (by default). This will allow Forefront to receive the file from the IM sender. Additionally, the FE server would need to be able to reach (outbound connection) the machine where the IM recipient is located.
Without knowing more about what your network limitations are, I'm not sure whether this is a "solution" for your file transfer scenario you're describing.
Hope that helps.
ShreyS [MSFT]
Forefront Server Security- Proposed As Answer byShreyS [MSFT] Thursday, March 19, 2009 12:12 PM
- Marked As Answer byJim MoliniMSFT, OwnerFriday, March 20, 2009 2:04 PM
- Hi ShreyS,
It fully answers my question... If it works as you describe it will fit my scenario, and solve my file transfer problem.
Next step for me is implement and test it myself :-)
Thanks!
Paulo Trilho
