I need to setup a Windows2008 Server R2 incl. SQL Server and IIS. The server is as far as I know directly connected to the internet.
My question is, is Windows 2008 R2 Server secure enough for this usage? Are there any known security risks?
Will the windows firewall be enough to secure the server?
What precautions do I have to take?
Thanks in advance
cheers
Best Answer
Remember that you can filter incoming ports so that they only respond to a particular IP - so you can filter, say, inbound RDP so that it only responds to the IP of your office.
This is not an ideal situation and I wouldn't put in anything really sensitive like this - a router + firewall + server firewall is better. However I have had to manage systems like this and didn't see any real problems. Oddly I saw less attack attempts on these than I did on clients with residential level DSL lines.