Solved

best setup for public IIS server on windows domain

Posted on 2007-12-06
6
569 Views
Last Modified: 2012-06-27
I need to add  public web server , windows 2003 server with IIS and sql 2005. I have Cisco firewall with advanced IOS. Do I  make web server member server on domain, at firewall put in DMZ and forward port 80 traffic to server internal IP of web server? Developer also needs ftp access. Is it safe to foward port 21 to webserver is well with strong passwords?

What is safest way to set this scenario up? Thanks
0
Comment
Question by:AndykEE
  • 2
  • 2
6 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 20425384
Unless you need to authentica various user ID from your domain, I would NOT make it a member of your domain.  Also, if that is the case, I would put it in a DMZ zone off your firewall.  Port 21 is banged a lot by hackers.  Setting up a VPN through the firewall for the FTP access would be a lot more secure.
0
 

Author Comment

by:AndykEE
ID: 20425387
Server also has 2 nic cards, should I have one internal and one external? how to set this up.
0
 

Author Comment

by:AndykEE
ID: 20425467
so have it as standalone server, behind firewall in dmz, forwarding port 80 to internal ip. give vpn access to developers and set ftp only available to internal IP's?
0
 
LVL 18

Accepted Solution

by:
Don S. earned 500 total points
ID: 20428643
That sounds fairly secure to me.  Basically, the more ports you have open and the more it is connected to your internal LAN, the more vulnerable you are so we always try to limit that.  

Remember, the IP address you give it in the DMZ will be in a different range than your internal LAN address range.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question