I am running an SBS network everything is locked down tight, no traffic from wan to lan other than smtp, restricted traffic from lan to wan. FTP server on DMZ port, all users have user rights only.
An I.T company now wants to insyall a webserver that runs an online solution for us. It runs on Windows IIS. The problem is they want to open port 80 from the WAN to the LAN. Normally I would insist on putting it on a DMZ but they are against this as it would take too long and they have said they have the solution running like this on many large networks.
Can anyone advise and specifically direct me to a document or something that I can show my boss so as to prove the risks. Some other I.T experts have said it is crazy to open port 80 directly into your network and make you very vulnerable.