Re: E-commerce: Best Practice Question
From: MCTrainer (swb_mct_at_msn.com)
Date: 04/16/04
- Next message: brook: "reactivation-easy question"
- Previous message: David Copeland [MSFT]: "Re: Shared Calendar on Comp Web"
- In reply to: Jose: "E-commerce: Best Practice Question"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 16 Apr 2004 11:03:51 -0500
Security Best Practices are not an absolute
The Small Business Server is designed and priced businesses that have
limited assets for their IT infrastructure. It is configured to run a the
ISA firewall on the domain controller, to run Exchange with Outlook Web
Access and RWW on a domain controller. This configuration would definitely
not be a "Best Practice" for a large enterprise but give this is the setup
of the Small Business Server, you should try to be consistent with the
security model already built into the SBS Server.
Apply that idea to your specific questions . . . an anonomous web site open
to public would not be recommended. Further web development that required
domain-user authentication would not increase your vulnerability.
Applications . . . . there is no reason to run desktop applications on the
SBS Sever because it does not run Terminal Services in Application Mode and
should not be used as a workstation. The only applications that you might
run would be IT Asset management applications for licensing support or
Dynamic IP support etc.
You want to avoid unnecessary interactive use of the SBS desktop with
administrator privileges explaining why most IT management applications run
as a service in the background.
I hope this helps a little.
MCSE-Security Specialist
"Jose" <anonymous@discussions.microsoft.com> wrote in message
news:1ddcb01c423c4$5eea1da0$a101280a@phx.gbl...
> From what I've gathered in reading through this newsgroup,
> the SBS2K3 server machine should NOT be treated as a
> workstation. In other words, no office applications
> installed and used etc. I've alse read that the SBS2K3
> server should not host a website for security reasons.
>
> However, the Premium edition comes with Frontpage which I
> assume is meant to create other websites (not the
> companyweb site which can be published to the internet and
> I assume should not be messed with)
>
> So is the best practice to use Frontpage to create a web
> on a different machine that will eventually be our E-
> commerce web server and publish it on that server?
>
> Are there any other best practices for what should NOT be
> run on the SBS2K3 server? (I haven't even installed Ad-
> aware yet.)
- Next message: brook: "reactivation-easy question"
- Previous message: David Copeland [MSFT]: "Re: Shared Calendar on Comp Web"
- In reply to: Jose: "E-commerce: Best Practice Question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
