WINDOWS SERVER 2012 R2 STANDARD IIS AND FILE SERVER.

We have a WINDOWS 2012 R2 STANDARD setup which is currently being used as a File and Sage Accounts & Payroll server.

We now have a requirement to host a number of Domain Websites on it (re: not Intranet) - if we add the necessary IIS roles etc in order to do this would there be any negative issues to its current role, any additional costs / licenses involved etc?

Thank You.
awall2012Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Harper McDonaldCommented:
Personally, I would either build out another VM / or physical server for the websites (or have them hosted offsite) - sounds like too many point of single failure, especially with a server running payroll.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DMTechGrooupCommented:
A lot depends on how much traffic you expect, what types of web languages you might need (asp, php, etc).. Its ideal to have it on its own server but it can be locked down pretty well.  But I agree that hosting them offsite is preferred.. someplace like 1&1 offers unlimited linux or windows hosting for 4 bucks a month.. $48 bucks a year to host unlimited web sites with a 99.9% uptime is not bad.  Do you need any cross firewall sharing like a SQL DB or something?
0
Dan McFaddenSystems EngineerCommented:
Negative issues... yes.  You will now have to expose your server to the Internet in order to bring those websites online.  This presents the issue that everything running on the server is essentially exposed to the Internet.  Meaning, 1 forgotten configuration item, a poorly coded web site, a forgotten patch and such leaves all the data assets on the server vulnerable to being attacked.

I would never recommend deploying a file server as an Internet exposed web server.  I would absolutely NOT exposed the payroll server to the Internet as a web server.  Too much private data associated with payroll info.

The payroll item alone is a red flag.  Here are the arguments against using your existing server for hosting externally exposed web sites:

1. payroll data is stored on the server.  what would the cost to the company be, if that data was stolen?
2. accounting/book keeping data is stored on the server.  what would the cost be to the company is the accounting system was breached and the data deleted?
3. file services.  what would it cost the company if the file server went off line after the contents was taken?

So, as Harper recommended... a dedicated server is the only way to go given the existing server roles.

Dan
0
awall2012Author Commented:
great , thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.