No announcement yet.

Recommended setup for a fully functional webserver

  • Filter
  • Time
  • Show
Clear All
new posts

  • Recommended setup for a fully functional webserver

    We have a webserver that we need to be fully functional with things such as SQL server, Exchange, IIS etc. From a security point of view, I understand that these should be run separately, so with only one physical box, I assume that I would run these as separate VM's on this box. I am totally new to VM's, so what would you recommend the setup be on this box to achieve this? I have in mind something like the below;

    Main system, probably a DC, not sure if IIS should be separate or not.
    1 VM running Exchange
    1 VM running SQL

    I'm guessing that way only internal SQL requests from the IIS could be setup to be allowed? (I've only ever had the resources to run everything on the same box before now, and often recieve brute force attacks. Currently this is how our webserver is setup (DC, IIS, SQL, exchange all on same instance) but it needs to go "live" and I would like it more secure).

    Am I understanding this correctly, or is there a better way to achieve this?

  • #2
    Re: Recommended setup for a fully functional webserver

    What are the hardware specs? If you need to host a Web Server, why not get a low spec Server and set that up. That way on it would be exposed to attack, assuming it is correctly configured and isolated in a DMZ. If you put it all on a machine running VMs, they have to go through the physical machine to access the VMs. Therefore the physical machine is the first port of call for an attack.

    I am not a VM authority in this matter and I am sure others will give you better advice and may even suggest a appropriate solution. I just remember inheriting a setup where a Server 2003 had VMWare installed with ISA running in the VM however the physical Server was vulnerable because it had nothing to protect it. The protection ISA 2004 was available only after you had accessed the physical Server.
    Joined: 23rd December 2003
    Departed: 23rd December 2015


    • #3
      Re: Recommended setup for a fully functional webserver

      Adding to what Biggles asked - I need to ask something myself.

      Why go for Virtual Server (or Virtual PC, as this forum's name implies) for a production webserver and database server? Didn't you hear about Hyper-V?

      Daniel Petri
      Microsoft Most Valuable Professional - Active Directory Directory Services