Internal Hosted Website / Database

AJ1978
AJ1978 used Ask the Experts™
on
Dear All
I wonder if you can assist me, I’m about to implement a server which will be running IIS for website Database and wanted to know what would be best practice in regards to IP address and DNS? This is to run a HR database which will be accessible to internal user over the WAN either by a subdomain or by domain.com/database. I know that I will have to point an IP to the server but I want to make it as secure as possible and am not sure how to achieve this. I ask as I know that anyone will be then be able to search the IP.

Current Infrastructure:
DL308 GEN 9
Cisco Meraki MX80
1x Static IP

If you could let me know you thoughts I’d be grateful.
Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
"Batchelor", Developer and EE Topic Advisor
Top Expert 2015
Commented:
To reduce the attackable profile you usually put a web server into a DMZ, which is physically separated from the LAN. That laso allows you to give the server a public IP and route to it, instead of having to NAT to a private IP. Firewall rules are usually much simpler, too.
The issue is not to know the public IP  - that will happen anyway -  but to gain access to the web server machine, and run malicious code on it. It the server is in a DMZ, access from server to LAN is restricted, adding security.
Anything facing the public side of Internet needs special care and continious supervision.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial