Private and Public Sites in IIS ManagerRSS

5 replies

Last post Sep 01, 2020 07:16 PM by WynneIT

  • Private and Public Sites in IIS Manager

    Aug 28, 2020 05:36 PM|WynneIT|LINK

    I am running Windows Server 2016 on our web server. We have a handful of "private" sites that are for in-house use only. Then we have a handful of sites that are "public" for customers and external use. Is there a "correct" way to configure both private and public sites in the same IIS Manager?

    Here is how my IIS Manager is setup now:

  • Re: Private and Public Sites in IIS Manager

    Aug 28, 2020 11:00 PM|lextm|LINK

    For a corporate, public sites should be hosted on web servers in DMZ, while private sites can live on internal web servers.

    So clearly yours do not follow the basic security best practice.

    Lex Li
    Affordable IIS Consulting Services at https://support.lextudio.com/services/consulting.html
    ---------------------------
    This posting is provided "AS IS" with no warranties, and confers no rights.
  • Re: Private and Public Sites in IIS Manager

    Aug 31, 2020 07:06 AM|Jalpa Panchal|LINK

    Hi,

    Use the DMZ, you can create ACL's to handle traffic to and from the DMZ. the other option could be to create a sub-interface on your firewall that could be used as your Default Gateway for hosts in the DMZ. Then from the firewall, you could implement all your access rules.

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
  • Re: Private and Public Sites in IIS Manager

    Aug 31, 2020 12:05 PM|WynneIT|LINK

    Thank you for all the information. I am not familiar with DMZ, is that a Server Role? Can you provide me with a link to more info please. Thank you.

  • Re: Private and Public Sites in IIS Manager

    Aug 31, 2020 05:21 PM|lextm|LINK

    WynneIT

    I am not familiar with DMZ, is that a Server Role? Can you provide me with a link to more info please. Thank you.

    DMZ is a huge topic so you might get started from https://en.wikipedia.org/wiki/DMZ_(computing)

    To build a DMZ for your company, talk to your domain/network administrators. If too difficult for your company, you might hire a consultant.

    Lex Li
    Affordable IIS Consulting Services at https://support.lextudio.com/services/consulting.html
    ---------------------------
    This posting is provided "AS IS" with no warranties, and confers no rights.
  • Re: Private and Public Sites in IIS Manager

    Sep 01, 2020 07:16 PM|WynneIT|LINK

    I am the IT Manager here but not really a "web" guy.

    From reading the documentation on DMZ, it sounds like the best way is to have two firewalls.

    Here is how our network is setup. Internet comes into Cisco ASA Firewall to Cisco Switch to Network. 

    So not really sure where to build the DMZ?

    Thanks!