Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Question about setting up a firewall and accessing some documents

Posted on 2005-03-30
Medium Priority
Last Modified: 2013-11-16
Hello all.  We are trying to devise a plan for hosting a Web site in-house.  We have found a server we want to use and now we are going through the topology of setting up the firewall area.  We want to keep this apart from our internal network but here is an issue we have.  Currently we have an internal system that pulls up Word documents that exist on a network drive within the internal network.  Somehow we need to be able to pull these out to the Web site where users will be able to click on a image and pull up a word document.  However, we want this to be real time but I guess I would consider other options.  Any ideas all?
Question by:sbornstein2
1 Comment

Accepted Solution

simonenticott earned 100 total points
ID: 13670973

a couple of options spring to my mind-

if you want to keep the webserver away from the internal network you'll need to put it on a DMZ / optional port on your firewall which i guess you've done already.  Ultimately you don't want a path from the webserver to your internal network.

The first option would be to move your networked documents area to the webserver and setup a one way rule on the firewall to allow your internal network to access the webserver but not the other way around.  This assumes your documents area is a simple share and you can move it wholesale and just reshare it from the webserver and change the login scripts to map to the new area.  It should be invisible to your users.

A second and better, option would be to run a file copy / syncronise utility that copies any updated files over to the webserver every x minutes.  if you're careful when choosing a copy utility it'll only copy the updated files and this will minimise network traffic and enable you to run it quite frequesntly, say every few minutes or so which gets you to near realtime.

The second option is gonig to be safer for two reasons that come to mind, 1, if your webserver is breached all your documents become available and thats your 'master' copy of them.  Secondly, if one of your guys were working on a live document and someone on the web tried to open it, its conceivable that you'd end up with problems saving it or with possible corruption, though thats largely down to your web configuration.

Hope that helps or gives you some ideas,


Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question