I currently begin to deploy Windows servers facing the web.
And I would like to know what are you way of protecting your servers ? What softwares are you using ?
On Linux, i'm using Fail2ban to prevent bruteforce and Logwatch to get daily reports about what's going on on my servers. Are there any equivalents of those softwares on Windows ? If not, what do you recommend to use to protect the server ?
Best Answer
First of all you need to think about your network design. It would be good to use at least one DMZ in oder to protect the internal network. A good Windows system for beeing public would be Windows Server 2008 R2 if you do not want to purchase the new 2012 Server. We have at least four windows based webservers which work perfectly as webservers, all based on 2008 R2. Just be sure to do the following:
(optional) Use Hyper-V for your webserver and it's backup system. Much easier to update and check whether your updates do not interfer with the webservice in some way. In that case you will need two identical hardware machines to have redundancy in case of an hardware fault. But that's pretty expensive maybe.
Hope it helps you!