Integrating an IIS server into a LAN

FreeFragOz

Junior Member
Apr 25, 2006
1
0
0
Goodevening Anandtech! 5 years ago I went on a holiday to another forum closer to home, it was only recently that I realised that I should have stayed put on AT. I hope to spend a lot more time here with the nef calls and personal mods (I assume we still all get our own mods...right??)

So anyway, the question at hand:

I have an IIS Server that I need to integrate into an existing network. It is hosting a website that needs to be accessable externally. It also needs access to a SQL Server on the LAN, and the LAN needs to be able to copy files to/from it.

The SBS 2003 Server has two NICs in it, one for the internal LAN and 2nd one for whatever. I use a Netgear FVS318 as the broadband router.

How can I integrate the IIS server so that it is secure (i.e. If the IIS server is compromised, the attacker cant get access to the rest of the lan) while still allowing SQL access to/from the Webserver to the SQL Server and file access?
 

RebateMonger

Elite Member
Dec 24, 2005
11,586
0
0
The most secure way to publish a web site in SBS is to use ISA 2004. ISA completely hides your web server from the Internet, intercepting all web requests and pre-processing them before delivering them to your web server (even if your web server is on the same box).

Other than that, about all you can do is:

1) Modify the new Virtual Server to listen to the external NIC's IP address.
2) Create a System DSN on the SBS box that points to your SQL Server.
3) Keep SBS patched.