It’s a pain in the backside but sometimes you’ve got to make FTP available for file transfers. This usually means some sort of authentication is required. Here’s the problem: this means usernames and passwords are communicated unencrypted across the Internet.
The solution when using IIS7 is to enable FTPS aka SSL FTP. You might think of it as secure FTP. I went looking this up and spent ages looking for a solution and nothing was doing. If you check out FTP in the RTM release of W2008 you will see IIS6 backwards compatibility is required for FTP. Yuck! That means you need two consoles, the IIS7 one and the IIS6 one.
Hold on; MS did not leave us in the lurch. Confusingly (just like with Hyper-V), there is an update to IIS7 that will include native FTP functionality. It’s called "FTP Publishing Service for IIS7" or "FTP7" and you can get it from here:
There is also some online documentation.
This package adds FTP capabilities to your IIS7 server. It does not create a default FTP site but that’s easy to do. The docs are very clear and do it all step-by-step.
Now you can create an FTP site, associate a cert with it and require SSL access. This gives you your FTPS service. Now all you need to do is distribute FTPS clients and you’re sorted. The documentation shows you how to do this with a self-signed certificate.