This chapter examines the security design requirements for hosting network resources that are accessible to users on the Internet. The challenge is to configure firewalls in such a way as to allow Internet users into a portion of the private network without granting them access to the entire network. The area of a private network that hosts Internet-accessible resources is called an extranet.
Web server content is the most common network resource that organizations make available on the Internet. This chapter covers methods for securing Internet Information Services (IIS) and describes how to secure network traffic and services within an extranet. The text concludes by discussing the design of packet filters to protect extranet resources.
To complete this chapter, you must read the chapter scenario. This scenario is used throughout the chapter to apply the design decisions discussed in each lesson.