|
Home > Archive > IIS Server Security > January 2004 > Allowing access To Our INTRANET site from the outside
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Allowing access To Our INTRANET site from the outside
|
|
|
| I am hoping someone might give me some better ideas than what I have
come up with on my own. I have our Internet Site in the DMZ and our
Intranet site is inside and can only be accessed from the inside. The
big bosses want the board to have access to our intranet site. My
first solution was to give them a VPN account and have them access it
from the outside via VPN like we do, however the bosses think this is
too much trouble. They want a link on the internet site that they can
just click on and log in with a user name and password. My concern is
security and I don't want to have to spend my budget money on
something like this. Can anyone give me some ideas how I can put a
link on our internet site and have them authenicated securely?
Thanks!
| |
| Karl Levinson [x y] mvp 2004-01-26, 5:35 am |
| First, get them to sign a form saying that you recommended they use VPN on
this date, and they decided this was too difficult for them, in case the
server is hacked in the future.
Their solution may be secure enough, depending on what data is kept there,
as long as you use SSL. http://www.iisfaq.com/ssl, www.freessl.com and
www.entrust.net have information on inexpensive or free SSL certs. After
all, this is more or less the same level of security your internet banking
uses.
Using Windows 2000 Server Certificate Services to generate a user cert for
them as well might be something to consider if you wish.
"Steve" <skeet4me@comcast.net> wrote in message
news:b0249b7f.0401261028.5815427a@posting.google.com...quote:
> I am hoping someone might give me some better ideas than what I have
> come up with on my own. I have our Internet Site in the DMZ and our
> Intranet site is inside and can only be accessed from the inside. The
> big bosses want the board to have access to our intranet site. My
> first solution was to give them a VPN account and have them access it
> from the outside via VPN like we do, however the bosses think this is
> too much trouble. They want a link on the internet site that they can
> just click on and log in with a user name and password. My concern is
> security and I don't want to have to spend my budget money on
> something like this. Can anyone give me some ideas how I can put a
> link on our internet site and have them authenicated securely?
>
> Thanks!
| |
| =?Utf-8?B?d2VibWVpc3Rlcg==?= 2004-01-27, 2:35 am |
| I wouldn't publish the link to the intranet on a public website. Event the intranet is password protected.
I also would suggest to use VPN Connection to access to the intranet over the intranet.
Regards,
Thomas Bruehlmann
http://www.webmeister.ch - intranets quick and easy
|
|
|
|
|