<johnpaul.temple@gmail.com> wrote in message
news:1129712571.876667.111500@g49g2000cwa.googlegroups.com...
> hi
>
> I am planning on building a Windows 2003 Web Server and placing into a
> DMZ, with CISCO PIX on each side.
>
> I have found only a few documents that describe how to configure the
> Windows Server without using ISA. Has anyone got any tips or
> suggestions for this sort of scenario?
>
> We don't have a copy of ISA and I don't think there are any plans to
> purchase it in the near future, which is why I am planning on building
> this DMZ without it.
>
> thanks in advance
>
> JP
>

Chris Weber [Security MVP] wrote:
> I would refer you to the Windows Server 2003 Security Guide at
> http://www.microsoft.com/technet/security/prodtech/windowsserver2003/w2003hg/sgch00.mspx
>
> In general, IIS 6 in Win2k3 is pretty nice out of the box - ASP disabled,
> IIS lockdown preconfigured etc. So as long as you lockdown your perimeter
> firewall to only allow TCP 80 and/or 443 you should be okay, provided you
> dont change too many IIS settings or roll out an insecure web application.
>
> Chris Weber