snootalope
IS-IT--Management
Hey guys
I'm testing putting a web server in house and I've got a few questions about my options of securing it from the rest of the "domain". The web server itself won't actually be part of our Active Directory domain, but it will be sharing a switch with the rest of my servers (same lan segment/ip scope).
My concern is if the web server is hijacked from outside, how am I going to stop a trojan or an actually hacker from getting further in the network.
First of all, I know a DMZ is the right thing to do here, but my options just can't include the DMZ at the moment. Maybe down the road.
I have brand new 3550 Cisco Switches and most of them are configured with VLANs (VoIP system). Anyway, does anyone know if there's any options i can explore as far as locking down a particular port from the rest of the ports on the network? Kind of like an ACL... I only need a few service to get to and from the server, anyway I can lock the rest?
Thanks for any advice!
-snooter
I'm testing putting a web server in house and I've got a few questions about my options of securing it from the rest of the "domain". The web server itself won't actually be part of our Active Directory domain, but it will be sharing a switch with the rest of my servers (same lan segment/ip scope).
My concern is if the web server is hijacked from outside, how am I going to stop a trojan or an actually hacker from getting further in the network.
First of all, I know a DMZ is the right thing to do here, but my options just can't include the DMZ at the moment. Maybe down the road.
I have brand new 3550 Cisco Switches and most of them are configured with VLANs (VoIP system). Anyway, does anyone know if there's any options i can explore as far as locking down a particular port from the rest of the ports on the network? Kind of like an ACL... I only need a few service to get to and from the server, anyway I can lock the rest?
Thanks for any advice!
-snooter