Security Basics mailing list archives
secure sharepoint 2010 design
From: Francois Yang <francois.y () gmail com>
Date: Thu, 29 Jul 2010 23:14:30 -0500
just wondering if anyone here has been involved with designing sharepoint 2010 or earlier version from ground up. the consulting people we have working on this are MS or sharepoint people from third party and all seem to think that it's ok to leave your whole sharepoint environment open to corporate lan. according to them that's how most people do it. either that or have a MS TMG server for front end which would serve Sharepoint, which doesn't make sense to me since it still leaves all the servers open to the whole lan. I was suggesting to put the whole environment behind a firewall and only allow ports 443 since that's what will be used by the internal users to access it. no need for the whole company to have access to all the backend web servers and database servers. of course admins of those servers would be allowed access to their servers on the necessary ports. am I being too paranoid? or have anyone done something similar? management seem to think I'm crazy and being the road block to this project. thanks. Frank -- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. — White House Cybersecurity Advisor, Richard Clarke ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- secure sharepoint 2010 design Francois Yang (Jul 30)
- RE: secure sharepoint 2010 design Greg Merideth (Jul 30)
- Re: secure sharepoint 2010 design Martin Petersen (Jul 30)