Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

best setup for public IIS server on windows domain

Posted on 2007-12-06
6
Medium Priority
?
576 Views
Last Modified: 2012-06-27
I need to add  public web server , windows 2003 server with IIS and sql 2005. I have Cisco firewall with advanced IOS. Do I  make web server member server on domain, at firewall put in DMZ and forward port 80 traffic to server internal IP of web server? Developer also needs ftp access. Is it safe to foward port 21 to webserver is well with strong passwords?

What is safest way to set this scenario up? Thanks
0
Comment
Question by:AndykEE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 18

Expert Comment

by:Don S.
ID: 20425384
Unless you need to authentica various user ID from your domain, I would NOT make it a member of your domain.  Also, if that is the case, I would put it in a DMZ zone off your firewall.  Port 21 is banged a lot by hackers.  Setting up a VPN through the firewall for the FTP access would be a lot more secure.
0
 

Author Comment

by:AndykEE
ID: 20425387
Server also has 2 nic cards, should I have one internal and one external? how to set this up.
0
 

Author Comment

by:AndykEE
ID: 20425467
so have it as standalone server, behind firewall in dmz, forwarding port 80 to internal ip. give vpn access to developers and set ftp only available to internal IP's?
0
 
LVL 18

Accepted Solution

by:
Don S. earned 2000 total points
ID: 20428643
That sounds fairly secure to me.  Basically, the more ports you have open and the more it is connected to your internal LAN, the more vulnerable you are so we always try to limit that.  

Remember, the IP address you give it in the DMZ will be in a different range than your internal LAN address range.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Considering cloud tradeoffs and determining the right mix for your organization.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question