Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Network / Server use / Network Design Help

Status
Not open for further replies.

tcpipgeek

IS-IT--Management
Feb 21, 2007
19
US
Hello,
I am looking to get some network engineering advice about how best to use 3 average 2u servers in a windows environment for a small business. I am more focused on security for my CRM database than anything else.

The story:

I am just a small business and l have these servers that are less than a year old and collecting dust.

I want to:
• Create a simple website for my customers use. ( Very little traffic)
• Purchase and manage a web based CRM software. (Uses an Access database)
• Create an FTP server for techs to use and maybe some time in the future allow customer access to download / upload some files.


I understand I do not need to use three servers to accomplish this. However I have them so I want to use them.


My goal is to end up with the servers being used and being exposed to the outside as little as necessary.
I was hoping for some ideas and feedback as to how some of you more experienced network engineers would use or configure these servers to accomplish what I am after.



My ideas so far are:
Server 1: Use to host my small business website that does not get much if any traffic and is simply a site for new customers to learn a bit about my business and provide a button to “Create a new ticket” using my CRM software running on a different server.

Server 2: Install my CRM software on. It’s basically like help desk software that uses a Microsoft Access database. I want to create a “ Click here to open new ticket“ button on server one that when clicked it would launch my web based CRM software and present to the “Clicker” the “Create new ticket” window.

Server 3: Probably use for an FTP server to store files that field techs may need to quickly fix issues.



My thinking was to buy an inexpensive router with a DMZ port and put “Server 1” (website server) on the DMZ.
I was hoping to be able to make “Server 1” the only Server seen by the outside for security sake.

I wanted “Server 2” (CRM customer service software and database server) to be on the inside of the network for security purposes. The only way I want it accessed is through someone clicking the “Create new ticket” button on “Server 1” so that the web based CRM software will present the customer with the “Create new ticket” window.

Server 3 is going to be used simply as an FTP server. I am not sure how best to place it so it is most secure.

Any expert design ideas would be really appreciated.

Thanks!
 
Without putting a lot of thought into this, I'd put MS Threat Management Gateway on one, put THAT in the DMZ and publish apps and websites through that. That way, all of your application servers are in your internal network, and the only access to them is via TMG.

inexpensive router? Not concerned about security much, eh? Put quality hardware and software security solutions in place or you really aren't reducing your threat footprint.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top