Re: Hosting a public website on SBS 2003... opinions?
- From: "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx>
- Date: Thu, 17 Nov 2005 23:31:43 +1100
to me the question is irrelevent of SBS or any other solution.
The hosted webservices I use have gigabit connection between the webservers
and their multiple redundant 100Mbps internet connections. Most of my
clients are lucky to be on 512/512Kbps ADSL connections, more likely
1500/256. My client's bandwidth can be used to better purpose than hosting a
website.
The services have dedicated firewall and intrusion detection TEAMS who
monitor such things 24*7. I'm unable to offer such a level of monitoring.
The services normally use dedicated hardware devices and high end software
to protect and monitor these systems, my clients don't wish to purchase
such.
Should a webserver vulnerability be found the services are able to address
it without my client's staff being without the server while it restarts.
and the bottom line, cost.
It is more expensive for my client to maintain a secure webserver than pay a
hosting company, who spreads the cost among many such clients, to do so.
It is more expensive for my client to compensate for the webserver traffic
by purchasing more bandwidth than to ask someone else to do it.
All that said, I run my own sites on the LoungeAN SBS, both sisters complain
about the performance, should the server need patching I ask myself to log
out. I'm glad I wasn't doing so in the 'code red' days and I'm constantly
mindfull that the next 'wave' of exploits is just around the corner, I'd
_hate_ not to be able to trust a single executable on my own box.
A comment about http vs SSL http:
If your site (OWA, RWW, companyweb) is _only_ available through SSL then any
exploit must first either authenticate or exploit a vulnerability in the
authentication process. This greatly reduces the likelihood of successful
exploitation.
<oscar478@xxxxxxxxx> wrote in message
news:1132163145.283784.170980@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> We've had a bit of a discussion on this in my workplace, and I thought
> I'd extend it to here to get some more opinions.
>
> The questions is simple- Should you host a company's web site on the
> same SBS server that has their domain/files/data on it?
>
> Microsoft themselves have different answers, depending where you look.
> In the SBS documentation, they tell you specifically how to setup a
> public web site on SBS. But I have also seen MS Press books that
> clearly denounce putting a public site on SBS.
>
> It's a given that it would be more secure to have a separate server, or
> even hosting company to host your site, but that's not what I'm looking
> for... And I understand traffic concerns, load, etc. I really just want
> to hear opinons on the security aspects.
>
>
> Side Opinion Question- Is opening port 80 to a server any more risk
> than opening 443? It's the same IIS listening on both. Encryption has
> nothing to do with the intent of the data, either good or bad. I'm
> asking this only because the initial opinions seem to be that opening
> 443 to allow for OWA or Remote Web workplace isn't seen as a problem
> "because it's SSL", but folks seem to shudder at opening 80...
>
> I'll give you that script kiddies out there may attempt things on port
> 80 more, and I'm assuming you're putting in a basic web site, not
> counting extra applets, data entry, or that the site code itself is the
> problem.
>
>
> I'm fairly split on this decision and just wanted to see what others
> were thinking...
>
.
- References:
- Hosting a public website on SBS 2003... opinions?
- From: oscar478
- Hosting a public website on SBS 2003... opinions?
- Prev by Date: RE: Faxing a document to multiple user fax number
- Next by Date: Re: Sharepoint
- Previous by thread: Re: Hosting a public website on SBS 2003... opinions?
- Next by thread: Re: Exchange Server 2003 Disaster Recovery Planning Guide - who's hiding it?
- Index(es):
Relevant Pages
|
