Solved

Publishing a website on an internal server

Posted on 2010-11-30
3
364 Views
Last Modified: 2012-05-10
I know this is not really recommended, but my boss wants a list of all the different ways we can publish a server including having the server in our internal domain.

Basically, if we are publishing straight from external -> ISA 2004 -> internal server running web services - how secure could we make this? and what would we need to do.
0
Comment
Question by:CaptainGiblets
  • 2
3 Comments
 
LVL 10

Expert Comment

by:rscottvan
ID: 34239312
The risk is that a server that is available from the internet also has access to internal systems.  If someone "owns" that box, they'll have a great launching point for all kinds of attacks on your other systems.

The only right way to do this is with a firewall dividing your network into separate security zones.  The webserver belongs in a "DMZ" which is a zone that is accessible from the internet, but has little or no access to the "Inside" zone, where your more trusted systems live.

A firewall with this capability is as little as a few hundred dollars.
0
 
LVL 6

Author Comment

by:CaptainGiblets
ID: 34239350
i understand this risks of showing an internal server to the world, however im wondering just how secure we can make it.

the reason being is that we have an sql server that the sharepoint server pulls information from, so moving the sharepoint server to a DMZ would mean that we would have to copy a full version of SQL (which isnt cheap) to publish data to a copy of sql express in the DMZ so the sharepoint server could still access the information.
0
 
LVL 10

Accepted Solution

by:
rscottvan earned 500 total points
ID: 34240228
Actually, you could open only port 1433 from the DMZ to the internal SQL server.  This would be more secure than exposing an internal server to the internet.
0

Join & Write a Comment

Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now