?
Solved

Extranet and intranet

Posted on 2005-02-28
6
Medium Priority
?
1,045 Views
Last Modified: 2013-12-04
I am going to set up an extranet and an intranet.  What physical connection if any, should either of these have with my lan.

I have a cable modem and a watchgaurd III 700

I want to use share point for the intranet and I use OWA with exchange for our mobile employees.  I would like the mobile employees to have access to sharepoint on some level.

Thanks Experts,
~David
0
Comment
Question by:dtolo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 4

Assisted Solution

by:graemeboro
graemeboro earned 600 total points
ID: 13420386
Ideally you should crreate a DMZ (De Miltarised Zone) for your intranet/extranet.  This will isolate traffic from passing through to your lan unless specificaly authorised. You could then place your servers in the DMZ or allow only certain traffic from the DMZ to the lan where required.
0
 
LVL 4

Expert Comment

by:graemeboro
ID: 13420414
Have a look at the following for info on DMZ with watchguard :-

http://www.avolio.com/columns/OptionalInterface.html
0
 
LVL 16

Assisted Solution

by:JammyPak
JammyPak earned 400 total points
ID: 13422116
I would actually disagree slightly.....

The DMZ is meant to hold externally-facing systems. It is the place where you put systems that you know could get hacked, because you are giving the outside world access to them. This is where the extranet goes. The intranet is by definition internal. I would personally *not* put the Intranet into the DMZ, simply because companies typically have secure corporate data on the intranet, and it is much more vulnerable if it is in a DMZ (since the outside world has access to the DMZ). If the intranet is on the internal network, then it should be completely untouchable from the outside.

If the mobile emps need access to Sharepoint, I would want them to VPN into the LAN first. I wouldn't publish it to the 'web.

my two cents...!
0
How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

 
LVL 24

Expert Comment

by:SunBow
ID: 13422229
agree
0
 
LVL 12

Accepted Solution

by:
Phil_Agcaoili earned 1000 total points
ID: 13442229
Cablemodem and a company...interesting.

I'll add to JammyPak's comment, I would place an SSL appliance (Juniper, Nokia, Nortel, and Cisco have products)  or ISA server in your DMZ and keep your Exchange/OWA and Sahrepoint servers in your intranet.

The DMZ SSL device authentication is separate and unique than the Exchange/Sharepoint intranet authentication.

If the DMZ is breached, they won't have the intranet credentials to access Exchange/Sharepoint.

I-----FW-----i   (Exchange, Sharepoint, anything with HTTP/HTTPS/SSH access etc.) AD/NT Domain Authentication
        |
        |
      DMZ

SSL appliance (SecurID) with only HTTP/S/SSH access through the firewall to specific intranet systems
0
 
LVL 2

Author Comment

by:dtolo
ID: 13443389
Thank you gentlemen!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month13 days, 21 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question