Key Points to consider regarding network security:

  • Hackers
    • Check your IIS web logs:
      • IIS7+: %SystemDrive%\inetpub\logs\LogFiles
    • Also, keep an eye on the Event Log
  • Stay current on all patches and updates for all the software on the server (Windows, .NET Framework, etc.)
  • If you have antivirus on your server, watch for any performance issues that may arise from real time scanning.
  • SSL Certificates
    • Aeries Software recommends using an SSL certificate on all Internal and External websites.  Your certificate provider will have instructions for generating the Certificate Signing Request and installing the certificate for your server's version of IIS.
    • Force SSL to be required on all sites
    • Educate users to use “HTTPS://yourwebsite”
      • Customize the error page (403;4)
      • Redirect from HTTP to HTTPS
  • Active Directory
    • Aeries Web Version Admin Portal and/or Teacher Portal can be setup to use Active Directory via Windows Authentication in IIS or via the Aeries LDAP Connection String

Sample Aeries Topology: