Site Security Planning

To safely deploy enterprise Web applications, you will need security policies and practices that defend your intranet against intrusion, that protect the communication of sensitive information across the Internet, and that provide secure access to critical applications for customers and business partners.

This appendix describes how to set policies for securing Web resources, applications, and data in an intranet. It also presents scenarios for using Internet Information Services (IIS) 5.0 in order to secure communications, including e-commerce applications, over the Internet. For more information about security in general, see Security in this book.

In this section:

• Assessing Threats to Security

• Where to Spend the Effort

• Making Policy

• Additional Resources