• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 580
  • Last Modified:

best setup for public IIS server on windows domain

I need to add  public web server , windows 2003 server with IIS and sql 2005. I have Cisco firewall with advanced IOS. Do I  make web server member server on domain, at firewall put in DMZ and forward port 80 traffic to server internal IP of web server? Developer also needs ftp access. Is it safe to foward port 21 to webserver is well with strong passwords?

What is safest way to set this scenario up? Thanks
0
AndykEE
Asked:
AndykEE
  • 2
  • 2
1 Solution
 
Don S.Commented:
Unless you need to authentica various user ID from your domain, I would NOT make it a member of your domain.  Also, if that is the case, I would put it in a DMZ zone off your firewall.  Port 21 is banged a lot by hackers.  Setting up a VPN through the firewall for the FTP access would be a lot more secure.
0
 
AndykEEAuthor Commented:
Server also has 2 nic cards, should I have one internal and one external? how to set this up.
0
 
AndykEEAuthor Commented:
so have it as standalone server, behind firewall in dmz, forwarding port 80 to internal ip. give vpn access to developers and set ftp only available to internal IP's?
0
 
Don S.Commented:
That sounds fairly secure to me.  Basically, the more ports you have open and the more it is connected to your internal LAN, the more vulnerable you are so we always try to limit that.  

Remember, the IP address you give it in the DMZ will be in a different range than your internal LAN address range.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now