Extranet and intranet

Posted on 2005-02-28
Medium Priority
Last Modified: 2013-12-04
I am going to set up an extranet and an intranet.  What physical connection if any, should either of these have with my lan.

I have a cable modem and a watchgaurd III 700

I want to use share point for the intranet and I use OWA with exchange for our mobile employees.  I would like the mobile employees to have access to sharepoint on some level.

Thanks Experts,
Question by:dtolo

Assisted Solution

graemeboro earned 600 total points
ID: 13420386
Ideally you should crreate a DMZ (De Miltarised Zone) for your intranet/extranet.  This will isolate traffic from passing through to your lan unless specificaly authorised. You could then place your servers in the DMZ or allow only certain traffic from the DMZ to the lan where required.

Expert Comment

ID: 13420414
Have a look at the following for info on DMZ with watchguard :-

LVL 16

Assisted Solution

JammyPak earned 400 total points
ID: 13422116
I would actually disagree slightly.....

The DMZ is meant to hold externally-facing systems. It is the place where you put systems that you know could get hacked, because you are giving the outside world access to them. This is where the extranet goes. The intranet is by definition internal. I would personally *not* put the Intranet into the DMZ, simply because companies typically have secure corporate data on the intranet, and it is much more vulnerable if it is in a DMZ (since the outside world has access to the DMZ). If the intranet is on the internal network, then it should be completely untouchable from the outside.

If the mobile emps need access to Sharepoint, I would want them to VPN into the LAN first. I wouldn't publish it to the 'web.

my two cents...!
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 24

Expert Comment

ID: 13422229
LVL 12

Accepted Solution

Phil_Agcaoili earned 1000 total points
ID: 13442229
Cablemodem and a company...interesting.

I'll add to JammyPak's comment, I would place an SSL appliance (Juniper, Nokia, Nortel, and Cisco have products)  or ISA server in your DMZ and keep your Exchange/OWA and Sahrepoint servers in your intranet.

The DMZ SSL device authentication is separate and unique than the Exchange/Sharepoint intranet authentication.

If the DMZ is breached, they won't have the intranet credentials to access Exchange/Sharepoint.

I-----FW-----i   (Exchange, Sharepoint, anything with HTTP/HTTPS/SSH access etc.) AD/NT Domain Authentication

SSL appliance (SecurID) with only HTTP/S/SSH access through the firewall to specific intranet systems

Author Comment

ID: 13443389
Thank you gentlemen!

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
OfficeMate Freezes on login or does not load after login credentials are input.
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
There may be issues when you are trying to access Outlook or send & receive emails or due to Outlook crash which leads to corrupt or damaged PST file. To eliminate the corruption from your PST file, you need to repair the corrupt Outlook PST file. U…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question