Agent Security
The Files.com On-Premise Agent integrates on-premise networks with the Files.com platform. Because the agent runs inside your corporate network, security design is central to how it works. The On-Premise Agent is the most secure way to connect your internal systems to Files.com, and it offers more protection than relying on FTP servers or third-party tools that weren't designed for this purpose.
Security Record
The On-Premise Agent has no known security vulnerabilities reported to date. Files.com conducts annual penetration testing to identify and address potential risks before they can be exploited.
Files.com also runs an active bug bounty program that pays independent security researchers to test our systems, including the On-Premise Agent, for vulnerabilities. The agent is in scope for that program and is continuously tested by outside security researchers.
Strict Access Controls
The agent enforces root folder path restrictions that you configure locally in a file you create and manage on the host. This configuration file cannot be modified or overridden by the Files.com cloud system.
The agent is limited to the paths you explicitly specify and cannot reach other parts of your network. Files.com only has access to what you allow.
No Open Ports, Encrypted Connectivity
Unlike FTP servers, the On-Premise Agent does not open any ports on your machine. Connectivity runs through an encrypted tunnel that the agent initiates as an outbound connection to Files.com's network. The agent uses public key cryptography to verify that it is connecting to the correct Files.com services.
Once the tunnel is established, only Files.com's production services responsible for real-time file access and automation tasks are permitted to communicate with the agent. Those production services are isolated from other environments at Files.com, including staging systems and employee workstations.
Clients Never Connect Directly To Your Agent
External requests to upload or download files are never made directly to your agent. All such requests are routed through Files.com's cloud infrastructure, which acts as a proxy.
Only Files.com has direct access to the encrypted tunnel to your agent, so your internal systems are never directly exposed to external users. FTP servers, by contrast, allow external clients to observe information about your network and servers.
Dual Logging
The On-Premise Agent writes two log streams. Operations are logged locally on the machine hosting the agent, and they are also logged to Files.com's cloud log infrastructure. The cloud logs can be forwarded to a SIEM (Security Information and Event Management) platform of your choice through our SIEM integration.
The local log file can be ingested into any logging or SIEM system you prefer, the same way you would manage any other local log file. This dual logging approach keeps all activity documented and available for review.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes