Ask the Expert

How to create shared services that two different parties can use

I manage the computer systems for a university. We have a local Win2k network domain with an intranet Web site and Exchange 5.5 Server running on it. Sometimes our students try to hack into the teachers' computers. In an effort to prevent this, I want to set up another domain for the students, but still allow them to access the intranet and Exchange mail system when their teachers are monitoring them. How can I accomplish this?

    Requires Free Membership to View

You're facing a problem common to educational institutions. I would strive to isolate student and administrative networks as much as possible. It's extremely difficult to secure environments where users have two different security levels (e.g. students and teachers) on the same network, regardless of their domain membership.

It's entirely possible to implement shared services, such as the mail and Web services you mentioned. I suggest using a four-interface firewall to create separate zones for students, teachers, shared services and the Internet. The Web server and intranet server would then live in the shared services zone or DMZ and benefit from the protection of the firewall's rulebase.

This was first published in August 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: