Hmm, I was also leaning towards Option C, but I'm not sure about the 'Any' source and destination addresses. Shouldn't we be more specific with the zones?
I think Option C looks promising. The policy allows traffic from the Trusted zone to the SFTP server in the DMZ zone, and it's using App-ID to identify the SFTP application.
Tiera
24 days agoRolande
8 days agoDorian
9 days agoErin
10 days agoKati
11 days agoCyndy
12 days agoClay
25 days agoCarri
26 days agoAvery
27 days ago