Re: Allowing access To Our INTRANET site from the outside
From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: Mon, 26 Jan 2004 14:01:19 -0500
First, get them to sign a form saying that you recommended they use VPN on
this date, and they decided this was too difficult for them, in case the
server is hacked in the future.
Their solution may be secure enough, depending on what data is kept there,
as long as you use SSL. http://www.iisfaq.com/ssl, www.freessl.com and
www.entrust.net have information on inexpensive or free SSL certs. After
all, this is more or less the same level of security your internet banking
Using Windows 2000 Server Certificate Services to generate a user cert for
them as well might be something to consider if you wish.
"Steve" <firstname.lastname@example.org> wrote in message
> I am hoping someone might give me some better ideas than what I have
> come up with on my own. I have our Internet Site in the DMZ and our
> Intranet site is inside and can only be accessed from the inside. The
> big bosses want the board to have access to our intranet site. My
> first solution was to give them a VPN account and have them access it
> from the outside via VPN like we do, however the bosses think this is
> too much trouble. They want a link on the internet site that they can
> just click on and log in with a user name and password. My concern is
> security and I don't want to have to spend my budget money on
> something like this. Can anyone give me some ideas how I can put a
> link on our internet site and have them authenicated securely?