+ Post New Thread
Results 1 to 9 of 9
How do you do....it? Thread, Publish school Intranet/VLE to be accessible over the web in Technical; Hi we have active directory domain with following Server 2008 R2 servers: Server 1 DC+DNS+DHCP Server 2 DC+DNS Server 3 ...
  1. #1

    Join Date
    Nov 2007
    Posts
    64
    Thank Post
    6
    Thanked 5 Times in 5 Posts
    Rep Power
    14

    Question Publish school Intranet/VLE to be accessible over the web

    Hi we have active directory domain with following Server 2008 R2 servers:
    Server 1 DC+DNS+DHCP
    Server 2 DC+DNS
    Server 3 IIS - VLE/Intranet
    Server 4 MS SQL - backend database for VLE
    Server 5 ISA 2006 - Firewall

    We would like to make VLE/Intranet accessible over the web; VLE uses ldap for the user authentication.

    Can someone please suggest the best security measures.

    If you have published your school intranet/VLE or web-server; what sort of security measures have you implemented?

    Any help would be much appreciated.

  2. #2

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,816
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Well Ideally you would want the Web Server in a DMZ but you could just get an IP Nat'd through to your internal network (on the ISA) with Port 80/443 open for Http/HTTPS access.

  3. #3

    Join Date
    Feb 2007
    Location
    Wolverhampton
    Posts
    330
    Thank Post
    18
    Thanked 35 Times in 33 Posts
    Rep Power
    21
    What firewall do you use? If you had something like ISA or TMG, you could just publish the website

  4. #4
    Trapper's Avatar
    Join Date
    Apr 2007
    Location
    Birmingham
    Posts
    1,209
    Thank Post
    74
    Thanked 147 Times in 119 Posts
    Rep Power
    93
    TMG works a treat

  5. #5
    TheScarfedOne's Avatar
    Join Date
    Apr 2007
    Location
    Plymouth, Devon
    Posts
    1,344
    Thank Post
    675
    Thanked 169 Times in 154 Posts
    Blog Entries
    78
    Rep Power
    85
    +1 for TMG/ISA here. Use it to publish Exchange, Sharepoint, and a load of other web services too...

  6. #6

    Join Date
    Nov 2007
    Posts
    64
    Thank Post
    6
    Thanked 5 Times in 5 Posts
    Rep Power
    14
    thank you all for the information.

    We have ISA 2006. Is there any security concerns I need to be worry regarding the ISA rules of publishing website.

    Regarding DMZ:
    Is it true/good practice that server's in DMZ should not have access to the internal network.
    Now in my scenario I have SQL server in LAN; If I put web server in DMZ; how about the SQL.

  7. #7

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,816
    Thank Post
    272
    Thanked 1,138 Times in 1,034 Posts
    Rep Power
    350
    Quote Originally Posted by bicky View Post
    thank you all for the information.

    We have ISA 2006. Is there any security concerns I need to be worry regarding the ISA rules of publishing website.

    Regarding DMZ:
    Is it true/good practice that server's in DMZ should not have access to the internal network.
    Now in my scenario I have SQL server in LAN; If I put web server in DMZ; how about the SQL.
    Just allow the ports for Sql into the lan - reduces the risk

  8. #8


    Join Date
    Oct 2006
    Posts
    3,412
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    149
    Quote Originally Posted by bicky View Post
    Is it true/good practice that server's in DMZ should not have access to the internal network.
    Now in my scenario I have SQL server in LAN; If I put web server in DMZ; how about the SQL.
    That's the point in a DMZ. Just open the ports needed for the VLE to work; sql to your sql server, LDAP etc to your DCs.

    If you were to have more than a couple of servers in the DMZ you may want to consider also having a DNS server in there. TBH with 1 server I wouldn't bother and either open that port up into your internal or just use google DNS with a hosts file for resolution of internal servers.

  9. #9

    Join Date
    Nov 2007
    Posts
    64
    Thank Post
    6
    Thanked 5 Times in 5 Posts
    Rep Power
    14
    thank you all for the information

SHARE:
+ Post New Thread

Similar Threads

  1. Video camera to record school plays - needs to be easy to get onto DVD
    By sidewinder in forum AV and Multimedia Related
    Replies: 3
    Last Post: 9th March 2012, 12:37 PM
  2. Replies: 15
    Last Post: 15th January 2012, 10:57 PM
  3. Primary Schools National Framework - to be discontinued?
    By speckytecky in forum Educational Software
    Replies: 18
    Last Post: 21st June 2011, 10:14 AM
  4. [Video] New BSF Initiative - School IT workers to be paid peanuts!
    By flyinghaggis in forum Jokes/Interweb Things
    Replies: 0
    Last Post: 18th January 2010, 11:48 AM
  5. Converting video files to be used on the web site
    By tosca925 in forum How do you do....it?
    Replies: 5
    Last Post: 28th April 2007, 07:31 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •