General discussion

Locked

RPC/HTTP on Windows SBS 2003

By davide ·
I'm considering implemeneting RPC/HTTP on a SBS2003 and using an internal certificate.

What security measures should I require as a minimum before implementing?
Is it secure enough if there if the only firewall being used is the ISA on the server?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

RE: RPC/HTTPS on SBS 2003

by TechSoEasy In reply to RPC/HTTP on Windows SBS 2 ...

"secure enough" is a relative term. For many small businesses, SBS configured properly with ISA Server is "Good Enough" security. (see this article about that: http://sbsurl.com/security).

Personally, I think that in most cases, ISA is fine on it's own, but I always put a hardware router/firewall in between SBS and the Internet connection. Usually nothing more than an inexpensive router/firewall which provides stateful packet inspection... something along the lines of a NetGear FVS318.

If you already have implemented Outlook Web Access or Remote Web Workplace (http://sbsurl.com/rww) then you really aren't exposing your server any more than you are currently because RPC/HTTPS uses the same port 443 that's already open for those services.

Jeffrey B. Kane [SBS MVP]
TechSoEasy
http://www.techsoeasy.com
http://techsoeasy.spaces.live.com

Related Discussions

Related Forums