Solved

Giving DUN users access IIS WEB server but not downstream SQL server.

Posted on 2006-07-06
3
202 Views
Last Modified: 2013-12-04
HI Brainies
I need to provide security protection to our system. ( All Microsoft software )
 I wish ....  DUN users to  connect to  a RAS server with IIS. This server gets its data for ASP pages from a SQL server. How do I allow these DUN users to only see web pages with no security issue with  them stuffing up the downstream SQL server.
 I assume also I cannot do all this on the one box from a security point.

Thanks in advance
Rodney
0
Comment
Question by:comerro1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 17066888
on your RAS server, assign a dedicated subnet for those DUN users with no default gateway assigned, so all the DUN users will only access this separated subnet (e.g. 192.168.1.x). the IIS web server of course needs to assigned a fixed IP on this subnet too. the IIS server may be a multihome host, which connects another subnet (e.g. 192.168.2.x) on where the SQL server stays.

the topology diagram may be as follows:

DUN users -> (PBX) -> RAS server <-> DUN subnet <-> IIS <-> SQL subnet <-> SQL server
                                                         192.168.1.x                    192.168.2.x

hope it helps,
bbao
0
 

Author Comment

by:comerro1
ID: 17069427
Hi Bbao
Do I load 2 ips on the 1 NIC or use 2 NICs in the RAS box?

Rodney
0
 
LVL 37

Accepted Solution

by:
bbao earned 500 total points
ID: 17070017
2 IPs on the same NIC shoud be OK but not recommended because 1) security considerations 2) compatibility.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question