Firewall/Lan protection

[JohnBoy2005]

I have a Windows 2003 Server (Standard) which acts as a web server for my schools website and intranet.

I have been given an IP address by my ISP for the server 10.56.12.3. This WAN/DMZ link is seperate to the schools internet connection.

I want to install a second NIC in the server so that the school LAN can access the web server internally without going out to the internet.

The schools LAN is on 10.40.220.x.

Can I use a software firewall to secure the server so WAN/DMZ traffic cannot access the schools LAN and if so, will it be secure enough. Any ideas what software to use?

Cheers

John

 

[Zelandakh]

John,
I'm not 100% certain what you are asking but is it this?

Your local on site server is a web server and you want to make it available to LAN users?

If so, ignore the ISP IP address. Configure DNS on the server and create a new zone for the normal URL of the web site like yourdomain.com and create a new A record for

http://www pointing

at the LAN IP of the server 10.40.220.whatever.

Assuming that the clients get their DNS from that internal server it will work immediately and they don't go to the Internet.

 

[JohnBoy2005]

I've been told that adding a second card will be a possible security risk. Traffic for the web server could "potentially" gain access to the schools network.

So I'm looking for a software solution to sit on top of the server to make sure traffic never jumps across.

Something like ISA Server or similiar.

Cheers

John