-2

I have to run differents services in a lab enviroment where I'll have 6 computers working as servers, what services can I put together, and what cannot be, in order to prevent security risks, and considering that if one service goes down, affects less possible the function of the server farm, the services are:

  • MySql
  • Http for intranet
  • Https
  • DHCP
  • IPP
  • SMTP
  • LDAP
  • VPN
  • SSH
  • NTP
  • DNS
  • NFS

I'll use linux

poz2k4444
  • 99
  • 2
  • 10
  • 2
    This question is along the lines of `How long is a piece of string?` or [`What killed the cat?`](http://www.bsd-box.net/~mikeg/context). At the very least you're conflating security and redundancy (which is Bad). All we can really offer you is the general rule: Separate your services logically, and have two of everything for redundancy... – voretaq7 Oct 01 '12 at 22:04
  • @voretaq7 Well, that's my question, how can I separate them logically?? (I don't really know how to ask this) – poz2k4444 Oct 01 '12 at 22:07
  • This smacks of homework to me. – Driftpeasant Oct 01 '12 at 22:11
  • @Driftpeasant it's part of a project, I have the services (most of them) running, I just want to know which of them put together... or as voretaq7 said "Separate logically" – poz2k4444 Oct 01 '12 at 22:13
  • @poz2k4444 That's a major design decision not really well suited to asking on the internet. A good answer requires knowing your environment... – voretaq7 Oct 01 '12 at 22:29
  • @voretaq7 Well, thanks for the responses, I know this site is for professionals but I have no idea where to ask, or even how to ask, I'll delete the question as soon as it allows me to – poz2k4444 Oct 01 '12 at 22:38
  • every of listed service can be done on linu,x no problem – alexus Oct 01 '12 at 21:53
  • But the question is: with 6 computers, what services can I put together in order to prevent security risks and when one of those services goes down, affect less the farm server... – poz2k4444 Oct 01 '12 at 21:56
  • if you configure them properly there is no security risk for another service – alexus Oct 01 '12 at 21:58
  • Well, I think my question is vague, but I mean, for example if MySQL goes down, I want to have the DNS and DHCP working, so, what services should I put together to affect less the performance and aviability on the farm server – poz2k4444 Oct 01 '12 at 22:01

1 Answers1

0

in order to prevent security risks

Generally most mitigation of security risks is done by having a firewall in front of everything. Anything after the firewall, well, that entirely depends on the security of the actual application you use. You can make things as separate as you like, but if your app has a remote shell vulnerability then all bets are off.

Apart from that, just put things into whatever availability groups you want. If your MySQl is only used by the web server, then you may as well put them together.

If you want DHCP work with your VPN, then put them on the same server.

There are no rules here, just group them however best suits your requirements; we can't really answer that for you.

Mark Henderson
  • 68,316
  • 31
  • 175
  • 255
  • Well, I think my question is vague, but I mean, for example if MySQL goes down, I want to have the DNS and DHCP working, but I don't really know how could affect if the DNS and DHCP goes down together, if it's better to put them together or not... – poz2k4444 Oct 01 '12 at 22:05