WebDav The Interoperable Protocol for file and data access


Published on

This is a white paper on the WebDav Protocol standard with instructions on how to implement a WebDav gateway for almost any cloud whether the underlying cloud supports the WebDav protocol or not.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

WebDav The Interoperable Protocol for file and data access

  1. 1. Storage Made Easy WebDav the interoperable protocol for file and data access WebDav is an acronym for Web Distributed Authoring andVersioning and can also be referred to as just plain old DAV. WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard. WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems. Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more. About WebDav The SME WebDav Gateway SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled.
  2. 2. Cloud File Server Cloud Control Gateway Connecting to WebDav Servers and Windows Shares SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol. Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension. Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav.
  3. 3. Cloud File Server Cloud Control GatewayThis has the following advantages: - Seamless integration with the IIS Manager - - A secondary protocol provides a security DMZ with regards to direct access to windows shares - IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server. - IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV. - IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites - WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures Advantages of WebDav for Windows File Sharing WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS. Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly . Why WebDav as a Cloud Connector
  4. 4. Cloud File Server Cloud Control GatewayCIFS is the standard way that windows users share files across corporate intranets and the Internet with a secureVPN connection. To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology.With Samba, the ports 139/tcp and 445/ tcp are exposed over a public IP Address. Once this is done such shares are accessible. The drawbacks of this are: - The CIFS protocol used by Windows file sharing does not provide data encryption - The protocol itself is quite chatty. - No level of security indirection CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support , be setup, and work with theVPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult. Why Not The Common Internet File System (CIFS) It is beyond the scope of this white paper to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service.This can be accessed at: http://technet.microsoft.com/en-us/library/cc778809%28v=ws.10%29.aspx In addition to this you should note the following best practices: Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder. Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these. Securing WebDav Servers
  5. 5. Investor Newsletter UK OFFICE Vehera Ltd First Floor Unit 1 Mulgrave Chambers 26-28 Mulgrave Road Sutton Surrey SM2 6LE TELEPHONE: +448006899094 ext. 1 for Sales US OFFICE One Reservoir Corporate Centre 4 Research Drive, Suite 402 Shelton, CT 06484 USA TELEPHONE: + EUROPEAN OFFICE Imbisbuehlstrasse 108 CH-8049 Zurich Switzerland TELEPHONE : +41 (0) 43 818 46 74 Enterprise File Share and Sync (EFSS) Cloud Control Gateway OTHER METHODS OF CONTACT Email: Sales@StorageMadeEasy.com Skype: StorageMadeEasy Website: Live Sales feature. Just click to chat UK HEAD OFFICE ADDRESS AND LOCATION