I have developed an asp application that runs on one of our servers (IIS, etc), to allow the user to search and view a deposited plan. An external consultant has the requirement to use this application to search for and view deposited plans, but we don't want to give him access to our server from home, due to security considerations.
The idea we came up with was to copy the deposited plan search application and images to an external HDD, then give this to the consultant while he's doing work for us.
However, I've never had to do this really. Is this possible, and if so,what would I need to do to the external HDD to make this possible?
1. With VPN, allow him to only go to the website internally only over port 80 or SSL (easy solution and problem solved)
2. With VPN, allow him to only go to a reverse proxy such as Squid. This way, his session is terminate at the proxy and your site is still secure.
Maybe I am wrong, but if you give him the application (with the configs, then aren't you giving him database connection strings as well?