Recommended setup for a fully functional webserver

Home Forums Virtualization Virtual Server & Virtual PC Recommended setup for a fully functional webserver

This topic contains 2 replies, has 3 voices, and was last updated by Avatar biggles77 9 years, 6 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • Avatar
    swfblade
    Member
    #148115

    We have a webserver that we need to be fully functional with things such as SQL server, Exchange, IIS etc. From a security point of view, I understand that these should be run separately, so with only one physical box, I assume that I would run these as separate VM’s on this box. I am totally new to VM’s, so what would you recommend the setup be on this box to achieve this? I have in mind something like the below;

    Main system, probably a DC, not sure if IIS should be separate or not.
    1 VM running Exchange
    1 VM running SQL

    I’m guessing that way only internal SQL requests from the IIS could be setup to be allowed? (I’ve only ever had the resources to run everything on the same box before now, and often recieve brute force attacks. Currently this is how our webserver is setup (DC, IIS, SQL, exchange all on same instance) but it needs to go “live” and I would like it more secure).

    Am I understanding this correctly, or is there a better way to achieve this?

    Avatar
    biggles77
    Spectator
    #210970

    Re: Recommended setup for a fully functional webserver

    What are the hardware specs? If you need to host a Web Server, why not get a low spec Server and set that up. That way on it would be exposed to attack, assuming it is correctly configured and isolated in a DMZ. If you put it all on a machine running VMs, they have to go through the physical machine to access the VMs. Therefore the physical machine is the first port of call for an attack.

    I am not a VM authority in this matter and I am sure others will give you better advice and may even suggest a appropriate solution. I just remember inheriting a setup where a Server 2003 had VMWare installed with ISA running in the VM however the physical Server was vulnerable because it had nothing to protect it. The protection ISA 2004 was available only after you had accessed the physical Server.

    Avatar
    danielp
    Participant
    #172206

    Re: Recommended setup for a fully functional webserver

    Adding to what Biggles asked – I need to ask something myself.

    Why go for Virtual Server (or Virtual PC, as this forum’s name implies) for a production webserver and database server? Didn’t you hear about Hyper-V?

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.