SlideShare a Scribd company logo

In a world of API's don't forget WebDav !

jimliddle
jimliddle

This paper gives an overview of WebDav, why it is useful, and how the SME Protocol Gateway enhances all storage propositions with WebDav support.

Technology
1 of 6
Download to read offline
STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 WWW.STORAGEMADEEASY.COM Storage Made Easy WebDav the interoperable protocol for file and data access
STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com About WebDav WebDav is an acronym for Web Distributed Authoring and Versioning and can also be referred to as just plain old DAV. WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard. WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems. Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more. The SME WebDav Gateway SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled. STORAGE MADE EASY ENABLES WEBDAV PROTOCOL WebDav the interoperable protocol for file and data access
STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Connecting to WebDav Servers and Windows Shares SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol. Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension. Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav. STORAGE MADE EASY ENABLES WEBDAV PROTOCOL
STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Cloud File Server Advantages of WebDav for Windows File Sharing This has the following advantages: - Seamless integration with the IIS Manager. - A secondary protocol provides a security DMZ with regards to direct access to windows shares. - IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server. - IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV. - IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites. - WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures. Why WebDav as a Cloud Connector WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS. Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly . STORAGE MADE EASY ENABLES WEBDAV PROTOCOL
STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Cloud File Server Why Not The Common Internet File System (CIFS) CIFS is the standard way that windows users share files across corporate intranets and the Internet with a secure VPN connection. To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology. With Samba, the ports 139/tcp and 445/tcp are exposed over a public IP Address. Once this is done such shares are accessible. The drawbacks of this are: - The CIFS protocol used by Windows file sharing does not provide data encryption - The protocol itself is quite chatty. - No level of security indirection CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support, be setup, and work with the VPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult. Securing WebDav Servers It is beyond the scope of this white paper to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service. This can be accessed at: http://technet.microsoft.com/en-us/library/cc778809%28v=ws.10%29.aspx In addition to this you should note the following best practices: Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder. Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these. STORAGE MADE EASY ENABLES WEBDAV PROTOCOL
STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Storage Made Easy UK OFFICE Vehera Ltd 26-28 Mulgrave Road First Floor Unit 1 Mulgrave Chambers Sutton. Surrey SM2 6LE. UK TELEPHONE: +448006899094 ext.1 for Sales US OFFICE 8 Wright Street. 1st Floor. Westport. Connecticut. 06880 USA TELEPHONE: +1.203.258.4902 EUROPEAN OFFICE Imbisbuehlstrasse 108 CH-8049 Zurich SWITZERLAND TELEPHONE : +41 (0) 43 818 46 74 Sales@StorageMadeEasy.com StorageMadeEasy Free hosted and enterprise free trial available from www.StorageMadeEasy.com

Recommended

Ceph Intro and Architectural Overview by Ross Turk
Ceph Intro and Architectural Overview by Ross TurkCeph Intro and Architectural Overview by Ross Turk
Ceph Intro and Architectural Overview by Ross Turk
buildacloud
 
Enterprise File Share and Sync with CleverSafe
Enterprise File Share and Sync with CleverSafeEnterprise File Share and Sync with CleverSafe
Enterprise File Share and Sync with CleverSafe
jimliddle
 
Enterprise Cloud Content Search
Enterprise Cloud Content SearchEnterprise Cloud Content Search
Enterprise Cloud Content Search
jimliddle
 
Using Microsoft Azure as cloud file server
Using Microsoft Azure as cloud file serverUsing Microsoft Azure as cloud file server
Using Microsoft Azure as cloud file server
jimliddle
 
Are your File Attachments out of control ?
Are your File Attachments out of control ?Are your File Attachments out of control ?
Are your File Attachments out of control ?
jimliddle
 
Storage Made Easy Cloud Control Gateway Overview
Storage Made Easy Cloud Control Gateway OverviewStorage Made Easy Cloud Control Gateway Overview
Storage Made Easy Cloud Control Gateway Overview
jimliddle
 
Turning Open Stack Swift Into A Rich Business Ready Cloud Service
Turning Open Stack Swift Into A Rich Business Ready Cloud ServiceTurning Open Stack Swift Into A Rich Business Ready Cloud Service
Turning Open Stack Swift Into A Rich Business Ready Cloud Service
jimliddle
 
How To pronounce XAP
How To pronounce XAPHow To pronounce XAP
How To pronounce XAP
jimliddle
 

Recommended

Ceph Intro and Architectural Overview by Ross Turk
Ceph Intro and Architectural Overview by Ross TurkCeph Intro and Architectural Overview by Ross Turk
Ceph Intro and Architectural Overview by Ross Turk
buildacloud
 
Enterprise File Share and Sync with CleverSafe
Enterprise File Share and Sync with CleverSafeEnterprise File Share and Sync with CleverSafe
Enterprise File Share and Sync with CleverSafe
jimliddle
 
Enterprise Cloud Content Search
Enterprise Cloud Content SearchEnterprise Cloud Content Search
Enterprise Cloud Content Search
jimliddle
 
Using Microsoft Azure as cloud file server
Using Microsoft Azure as cloud file serverUsing Microsoft Azure as cloud file server
Using Microsoft Azure as cloud file server
jimliddle
 
Are your File Attachments out of control ?
Are your File Attachments out of control ?Are your File Attachments out of control ?
Are your File Attachments out of control ?
jimliddle
 
Storage Made Easy Cloud Control Gateway Overview
Storage Made Easy Cloud Control Gateway OverviewStorage Made Easy Cloud Control Gateway Overview
Storage Made Easy Cloud Control Gateway Overview
jimliddle
 
Turning Open Stack Swift Into A Rich Business Ready Cloud Service
Turning Open Stack Swift Into A Rich Business Ready Cloud ServiceTurning Open Stack Swift Into A Rich Business Ready Cloud Service
Turning Open Stack Swift Into A Rich Business Ready Cloud Service
jimliddle
 
How To pronounce XAP
How To pronounce XAPHow To pronounce XAP
How To pronounce XAP
jimliddle
 
Cloud Crowd GigaSpaces Presentation
Cloud Crowd GigaSpaces PresentationCloud Crowd GigaSpaces Presentation
Cloud Crowd GigaSpaces Presentation
jimliddle
 
Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...
Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...
Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...
jimliddle
 
Cloud Crowd - Mobile Sync Cloud
Cloud Crowd - Mobile Sync CloudCloud Crowd - Mobile Sync Cloud
Cloud Crowd - Mobile Sync Cloud
jimliddle
 
Cloud Crowd - A web 2.0 Trading experience
Cloud Crowd - A web 2.0 Trading experienceCloud Crowd - A web 2.0 Trading experience
Cloud Crowd - A web 2.0 Trading experience
jimliddle
 
Building Hybrid Cloud Architectures with GigaSpaces XAP
Building Hybrid Cloud Architectures with GigaSpaces XAPBuilding Hybrid Cloud Architectures with GigaSpaces XAP
Building Hybrid Cloud Architectures with GigaSpaces XAP
jimliddle
 
Giga Spaces Data Grid / Data Caching Overview
Giga Spaces Data Grid / Data Caching OverviewGiga Spaces Data Grid / Data Caching Overview
Giga Spaces Data Grid / Data Caching Overview
jimliddle
 
GigaSpaces - Original iPhone Launch: SOA Infrastructure Case Study
GigaSpaces - Original iPhone Launch: SOA Infrastructure Case StudyGigaSpaces - Original iPhone Launch: SOA Infrastructure Case Study
GigaSpaces - Original iPhone Launch: SOA Infrastructure Case Study
jimliddle
 
GigaSpaces Advantage For Gaming Platforms
GigaSpaces Advantage For Gaming PlatformsGigaSpaces Advantage For Gaming Platforms
GigaSpaces Advantage For Gaming Platforms
jimliddle
 
Waters Grid & HPC Course
Waters Grid & HPC CourseWaters Grid & HPC Course
Waters Grid & HPC Course
jimliddle
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

More Related Content

More from jimliddle

More from jimliddle (9)

Cloud Crowd GigaSpaces Presentation
Cloud Crowd GigaSpaces PresentationCloud Crowd GigaSpaces Presentation
Cloud Crowd GigaSpaces Presentation
 
Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...
Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...
Cloud Crowd - Mandhir Gidda Razorfish " Building a Public / Private Hybrid Cl...
 
Cloud Crowd - Mobile Sync Cloud
Cloud Crowd - Mobile Sync CloudCloud Crowd - Mobile Sync Cloud
Cloud Crowd - Mobile Sync Cloud
 
Cloud Crowd - A web 2.0 Trading experience
Cloud Crowd - A web 2.0 Trading experienceCloud Crowd - A web 2.0 Trading experience
Cloud Crowd - A web 2.0 Trading experience
 
Building Hybrid Cloud Architectures with GigaSpaces XAP
Building Hybrid Cloud Architectures with GigaSpaces XAPBuilding Hybrid Cloud Architectures with GigaSpaces XAP
Building Hybrid Cloud Architectures with GigaSpaces XAP
 
Giga Spaces Data Grid / Data Caching Overview
Giga Spaces Data Grid / Data Caching OverviewGiga Spaces Data Grid / Data Caching Overview
Giga Spaces Data Grid / Data Caching Overview
 
GigaSpaces - Original iPhone Launch: SOA Infrastructure Case Study
GigaSpaces - Original iPhone Launch: SOA Infrastructure Case StudyGigaSpaces - Original iPhone Launch: SOA Infrastructure Case Study
GigaSpaces - Original iPhone Launch: SOA Infrastructure Case Study
 
GigaSpaces Advantage For Gaming Platforms
GigaSpaces Advantage For Gaming PlatformsGigaSpaces Advantage For Gaming Platforms
GigaSpaces Advantage For Gaming Platforms
 
Waters Grid & HPC Course
Waters Grid & HPC CourseWaters Grid & HPC Course
Waters Grid & HPC Course
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 

Recently uploaded (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 

In a world of API's don't forget WebDav !

  • 1. STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 WWW.STORAGEMADEEASY.COM Storage Made Easy WebDav the interoperable protocol for file and data access
  • 2. STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com About WebDav WebDav is an acronym for Web Distributed Authoring and Versioning and can also be referred to as just plain old DAV. WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard. WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems. Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more. The SME WebDav Gateway SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled. STORAGE MADE EASY ENABLES WEBDAV PROTOCOL WebDav the interoperable protocol for file and data access
  • 3. STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Connecting to WebDav Servers and Windows Shares SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol. Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension. Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav. STORAGE MADE EASY ENABLES WEBDAV PROTOCOL
  • 4. STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Cloud File Server Advantages of WebDav for Windows File Sharing This has the following advantages: - Seamless integration with the IIS Manager. - A secondary protocol provides a security DMZ with regards to direct access to windows shares. - IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server. - IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV. - IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites. - WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures. Why WebDav as a Cloud Connector WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS. Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly . STORAGE MADE EASY ENABLES WEBDAV PROTOCOL
  • 5. STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Cloud File Server Why Not The Common Internet File System (CIFS) CIFS is the standard way that windows users share files across corporate intranets and the Internet with a secure VPN connection. To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology. With Samba, the ports 139/tcp and 445/tcp are exposed over a public IP Address. Once this is done such shares are accessible. The drawbacks of this are: - The CIFS protocol used by Windows file sharing does not provide data encryption - The protocol itself is quite chatty. - No level of security indirection CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support, be setup, and work with the VPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult. Securing WebDav Servers It is beyond the scope of this white paper to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service. This can be accessed at: http://technet.microsoft.com/en-us/library/cc778809%28v=ws.10%29.aspx In addition to this you should note the following best practices: Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder. Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these. STORAGE MADE EASY ENABLES WEBDAV PROTOCOL
  • 6. STORAGE MADE EASY IS THE PRODUCT TRADING NAME OF VEHERA LTD REG NO: 07079346 http://www.storagemadeeasy.com Storage Made Easy UK OFFICE Vehera Ltd 26-28 Mulgrave Road First Floor Unit 1 Mulgrave Chambers Sutton. Surrey SM2 6LE. UK TELEPHONE: +448006899094 ext.1 for Sales US OFFICE 8 Wright Street. 1st Floor. Westport. Connecticut. 06880 USA TELEPHONE: +1.203.258.4902 EUROPEAN OFFICE Imbisbuehlstrasse 108 CH-8049 Zurich SWITZERLAND TELEPHONE : +41 (0) 43 818 46 74 Sales@StorageMadeEasy.com StorageMadeEasy Free hosted and enterprise free trial available from www.StorageMadeEasy.com