IT has discovered that FTP (File Transfer Protocol) is being accessed by an ETC device on the corporate network, and has been determined that it's the Conductor. Why is Conductor doing this and is there a way to stop it or make it more secure?
Conductor uses FTP for a handful of different reasons. On its primary NIC pointing to the ETC lighting network it uses FTP to transfer configuration backup files from some products, as well as serving firmware to other products if properly configured. On its secondary NIC, which is what connects to a corporate network (and then the internet), it does this for two different reasons:
- To check for product (not Conductor) software updates once per day, or upon a reboot of the unit. The list of products it checks for is similar to what is available in UpdaterAtor.
- To check for new Concert Device Packages once per day
The FTP connection is made to an ETC server and each of those occur randomly between 3:00-4:00am according to Conductor's local timeclock. The randomness is to prevent many Conductors around the world from checking for updates at the same time. NOTE: There is a currently a bug that results in the unsuccessful retrieval of Concert Device Packages, but Conductor will still attempt the FTP connection.
On Conductor there is no way to turn this feature off, or change it to a more secure protocol (SFTP), however an ACL (Access Control List) could be implemented on the corporate network switch to block FTP connections from Conductor. It is not recommended to block FTP in its entirety, as other programs (Concert and UpdaterAtor) also use FTP to retrieve new Device Packages and firmware, however, those are only done on-demand by a user. If IT does block Conductor's FTP access with an ACL, updates can be performed via USB and Concert Device packages can be added by accessing Conductor's file share on a computer connected to the ETC lighting network.