Publishing a website on an internal server

I know this is not really recommended, but my boss wants a list of all the different ways we can publish a server including having the server in our internal domain.

Basically, if we are publishing straight from external -> ISA 2004 -> internal server running web services - how secure could we make this? and what would we need to do.
LVL 6
CaptainGibletsAsked:
Who is Participating?
 
rscottvanConnect With a Mentor Commented:
Actually, you could open only port 1433 from the DMZ to the internal SQL server.  This would be more secure than exposing an internal server to the internet.
0
 
rscottvanCommented:
The risk is that a server that is available from the internet also has access to internal systems.  If someone "owns" that box, they'll have a great launching point for all kinds of attacks on your other systems.

The only right way to do this is with a firewall dividing your network into separate security zones.  The webserver belongs in a "DMZ" which is a zone that is accessible from the internet, but has little or no access to the "Inside" zone, where your more trusted systems live.

A firewall with this capability is as little as a few hundred dollars.
0
 
CaptainGibletsAuthor Commented:
i understand this risks of showing an internal server to the world, however im wondering just how secure we can make it.

the reason being is that we have an sql server that the sharepoint server pulls information from, so moving the sharepoint server to a DMZ would mean that we would have to copy a full version of SQL (which isnt cheap) to publish data to a copy of sql express in the DMZ so the sharepoint server could still access the information.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.