Meraki

Community

Application on IIS server

AnkitSharma1
Here to help
‎Sep 20 2024 1:20 PM
‎Sep 20 2024 1:20 PM

Application on IIS server

We have an MX250 and have opened a port to access our internal application on a Windows Server from our side. I know it’s a security concern; how can we further protect ourselves to avoid any security breaches? I need a security expert to provide suggestions

0 Kudos
2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 20 2024 1:49 PM
‎Sep 20 2024 1:49 PM

IIS - I would use a WAF.  Examples are CloudFlare, Amazon AWS WAF, etc.

Correction: I wouldn't put it on-premise in the first place, but let's proceed with the assumption it has to stay on-premise.

 

With CloudFlare you don't have to open any ports at all.  They have an agent you can put on the server that connects out to CloudFlare, and then inbound requests come into that.

Brash
Kind of a big deal
Kind of a big deal
‎Sep 25 2024 10:29 PM
‎Sep 25 2024 10:29 PM

Agreed with @PhilipDAth , don't run web servers behind Meraki MX's with open ports and no other protection.

Either place them behind an NGFW or dedicated appliance with WAF capabilities, or utilize a cloud service such as Cloudflare to filter inbound traffic.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.