Solved

Server security

Posted on 2004-04-16
2
165 Views
Last Modified: 2010-03-18
Hi guys,

I am using my Domain controller as my Exchange server and Web server. and also file server:))
I know that it is not the ideal way of doing things, but until now  i had only on server.

Now i have the second server and i want to distribute the load in a way that i have the best security that i can have.
I do not mean setting up firewalls , or other extra security tools.
but i would like to learn what would be the best way of distributing these services on two servers.

my new server is a good one, with two Xeon proccessor and 1 GB memory. Dell Power Edge 2600

thanks,


0
Comment
Question by:cakirfatih
2 Comments
 
LVL 1

Accepted Solution

by:
djxerx earned 300 total points
ID: 10847035
If security is your only concern, then you'd probably want to set up the web server on one computer on the slower computer, and make sure it is no longer a domain controller.  That way if it is compromised, your domain controller/email server/file server would not automatically be compromised.  

But you probably have other concerns aside from simply security, such as performance and ease of administration.  For smaller businesses I commonly designate one server as "file server" and the other as Exchange server.  Which to use the newer server for depends on the usage patterns.  But in my experience the Exchange server usually is more demanding of resources.  

Again, where you put your web site depends on the amount of usage.  But assuming it is light you might:
-- Put exchange and web server on one computer.  Then this would be the only server that is directly accessible from the internet.
-- Put the file server on the other server and make it domain controller.  

But if course it all depends on what your users are doing.
0
 
LVL 23

Assisted Solution

by:rhandels
rhandels earned 200 total points
ID: 10848425
djxerx's idea is a good one. But i'd go for another option.

Install Exchange on the older server and make sure it is not a DC and doesn't have any services running on it (like DHCP or DNS). Also, don't make it a DC, the Exchange server...

Install the new computer as the DC for the domain  with all network services like DNS, DHCP, maybe WINS and other stuff.

Last but not least, i would install the web server on a simple pc with enough memroy on board... It is never a good idea to combine an exchange server with a web server. If you don't have a spare pc, you could go for djxerx's option... But make sure to not set up the Exchange server as a DC and also, don't put networking services on it...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

28 Experts available now in Live!

Get 1:1 Help Now