General discussion

Locked

Best possible network security design

By ed.chee ·
My existing client environment - very simple (two W/S and a server - W2k, SQL 2000, IIS5.0). Its client server. This LAN will hook up to Internet. Data is very sensitive and critical. I'm recommending a firewall & anti virus. It is good to install software firewall in the web server and also anti virus? Or should I prepare a dedicated PC with firewall sitting in front of the Web Server? Is hardware firewall always better? I'm aware of Security Patching, Hardening, People Management. I need help on the least best configuration to secure my Web Server in terms of Security Devices. Budget estimation USD 2000 or less.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Best possible network security design

by crispy1 In reply to Best possible network sec ...

Is the web server and data server the same machine? I assume all 3 will be on the internet. Obviously, anti-virus on every pc is a must, even if it is not directly connected to the internet. As for the configuration on the web server. Assuming that it and the data server are the same machine I would purchase a router and use it's firewall capabilities. The router will allow you to block the ports from the internet to web server, but allow you to use these ports on your intranet. This way,the only ports available to the internet should be the usual, 80, 43, 25, etc.

Collapse -

Best possible network security design

by ISPnetworker In reply to Best possible network sec ...

Using a dedicated firewall can provide you with enhanced security. Servers serve, routers route and firewalls provide full security. A cisco 506 can be purchased for around $1k.

Collapse -

Best possible network security design

by AirHockeyNinja In reply to Best possible network sec ...

Go here, read these:

http://nsa1.www.conxion.com/


If I can be of further assistance, please feel free to Email me.

Good luck,

Joe

Collapse -

Best possible network security design

by dbowlin In reply to Best possible network sec ...

If your data is really that sensitive and that critical, get a larger budget.

Get IIS on a separate machine from SQL. If this server is also a DC, put the DC with SQL Server inside a firewall, and your IIS server on separate hardware outside thefirewall (preferably inside a DMZ provided by the firewall).

I would put AV on the web server. The software firewall is a good question. It may provide some easy to use interface for locking some kinds of access down, but I suspect it may slow down response time if your site gets busy.

Good luck,
Dan

Collapse -

Best possible network security design

by endrewchee In reply to Best possible network sec ...

Thank you all veyr much. Of your experts opinions and links. It helped me a lot

Collapse -

by ed.chee In reply to Best possible network sec ...

This question was closed by the author

Back to Security Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums