Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
neonox2013-06-21 11:21:18
VPN
neonox, 2013-06-21 11:21:18

How to secure access to the server as much as possible

Good day.
To be honest, I am somewhat far from protecting networks, which is why I am writing here.
I am now helping friends in opening a new office and the following question arose. How to make a secure connection from outside the company's employees?

Given:
1. Windows Server 2012 Essentials
2. A network with a fixed IP
3. 5 employees who need to connect to the server at any time and get the necessary data.

Purpose: To protect the data stored on the server as much as possible.

I plan to make a remote connection via VPN (what should I choose OpenVPN, PPTP, L2TP or IPSec?). Is there any other way to secure the process of connecting to the server? If so, in which direction should I look (settings on the server, additional software, SSL certificates, etc.)? Is it worth looking in the direction of software, ala Kerio?
Essno the budget for this whole thing is not very large, but for the sake of protecting information, they are ready to spend money.

Thanks in advance for your replies.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
N
Nikolai Turnaviotov, 2013-06-21
@foxmuldercp

VPN is easiest to do on the router using keys or complex passwords with keys, or on the 12th server itself, if it sticks out. Well, to prohibit RDP and in general all connections for external IP firewall.
And then let them work with what they want.

Report
O
Otkrick, 2013-06-21
@Otkrick

Set IIS with a blank page, limit on the number of connections, flows + OpenVPN on port 80, authorization by keys and passwords + with compression, generate certificates for each user. Comm. antivirus with firewall and centralized management.
* Specify network structure

Report
N
neonox, 2013-06-21
@neonox

Sorry for the quality, I whipped up a network diagram.
Now

What is planned?

I'm still thinking about a router with keys and complex passwords. It seems to be ready to take a tsiska in the region of 15-16 kilorubles.

Report
I
Ilya Evseev, 2013-06-21
@IlyaEvseev

I would secure the network with a Mikrotik router and set up a VPN server on it for outside connections.
VPN type - either PPTP with ProxyARP (available in Windows, quickly configured, but less resistant to hacking),
or OpenVPN (configured a little more difficult).
Mikrotik model - RB / 951 or one of RB / 2011, depending on whether you need sfp, usb, wifi, an external antenna, etc.
Choose on mikrotik.rf

Similar questions
A
Alexander2015-07-08 14:41:15
Are there analytical modeling systems using voxels? 2Reply
M
modcode2022-04-04 11:56:43
Why not connect ikev2 to mikrotik? 2Reply
P
PFrontEnd2022-04-05 14:04:49
Remote via RDP, is it possible to calculate? 1Reply
K
ka-may2022-04-09 17:46:56
Why doesn't IDLE Timeout work in RouterOS? 2Reply
L
ljybar2016-09-23 16:47:41
How to build IPSec VPN with one peer on different subnets? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question