Click here to get back home

advice on configuring a small network
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
advice on configuring a small network Joe Befumo 03-02-2006
Posted by Joe Befumo on March 2, 2006, 5:38 pm
Please log in for more thread options
 I'm a long-time software developer, so I'm familiar with most of the
concepts, but I've never before functioned as a system admin, so I've got
some learning to do.

I've got two Windows 2003 SP1 servers, each on its own completely distinct
Active Directory forest, and three Windows XP-Professional workstations. All
of the machines are connected to a Netgear firewall/swtich. One of the
servers is a webserver/mailserver. I have ports for HTTP, POP3, and SMTP
opened on the firewall to that machine only. The second server is the PDC
for my internal domain, and also runs the SQL Server database used by some
of the websites running on the webserver machine. All of the workstations
are members of the internal domain.

I'm setting up a 1-way trust relationship so that the webserver will trust
the internal domain, but not vice versa. My goal is to be able to easily
move content to/from the webserver from my administrative workstation, but
to protect the internal domain from the outside world.

First question -- Is this a reasonable setup? Any suggestions would be
appreciated.

Second question: Is there any benefit to running firewall software on the
internal domain server?

Thanks,

Joe



--
Posted via NewsDemon.com - Premium Uncensored Newsgroup Service
------->>>>>>http://www.NewsDemon.com<<<<<<------
Unlimited Access, Anonymous Accounts, Uncensored Broadband Access

Posted by Jerry Gardner on March 2, 2006, 8:58 pm
Please log in for more thread options
 On Thu, 2 Mar 2006 17:38:15 -0500, Joe Befumo wrote:
> Second question: Is there any benefit to running firewall software on the
> internal domain server?

A better idea would be to use a hardware firewall (PIX, Netscreen,
Fortigate, etc.) and put the web server in a DMZ zone distinct from
the zone containing your internal machines.



Posted by Joe Befumo on March 3, 2006, 7:59 am
Please log in for more thread options
Got it, thanks.

Joe

> On Thu, 2 Mar 2006 17:38:15 -0500, Joe Befumo wrote:
>> Second question: Is there any benefit to running firewall software on the
>> internal domain server?
>
> A better idea would be to use a hardware firewall (PIX, Netscreen,
> Fortigate, etc.) and put the web server in a DMZ zone distinct from
> the zone containing your internal machines.
>
>



--
Posted via NewsDemon.com - Premium Uncensored Newsgroup Service
------->>>>>>http://www.NewsDemon.com<<<<<<------
Unlimited Access, Anonymous Accounts, Uncensored Broadband Access

Similar ThreadsPosted
Configuring SSL for LDAP October 23, 2007, 10:01 am
Re-Configuring LDAP CDP on Enterprise Root CA February 17, 2007, 1:31 am
Small company Best Way to allow customers AD logon August 11, 2006, 12:43 pm
Configuring Certification Authority in Windows Server 2003 January 25, 2007, 11:40 am
What are the recommended Antivirus products for Windows Small Busi October 28, 2006, 4:23 am
Windows Small Business Server 2003 Premium and Remote Desktop June 8, 2006, 6:09 pm
Security Configuration Advice December 20, 2005, 3:00 am
Need advice: Security GPO for member servers April 19, 2006, 1:36 pm
Group permission AD advice needed. September 8, 2007, 9:11 pm
Need advice: Security policies for member servers April 19, 2006, 2:46 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap