Export (0) Print
Expand All

Choose the security environment (Search Server 2008)

Search Server 2008

Updated: July 13, 2009

Applies To: Microsoft Search Server 2008

 

Topic Last Modified: 2009-08-04

NoteNote:
Unless otherwise noted, the information in this article applies to both Microsoft Search Server 2008 and Microsoft Search Server 2008 Express.

Use this article to determine the security environment that most closely matches the intended use of Microsoft Search Server 2008.

The security guidance that is recommended for your organization depends on the environment. This article describes the following three security environments:

Review the description for each environment and determine the one that most closely matches your environment.

NoteNote:
All these security environments apply to Search Server 2008 installations and Search Server 2008 Express installations. However, in Search Server 2008 Express, scalability is restricted because all roles run on a single server.

Security guidance for an internal team or department environment in a larger organization focuses on recommending practical security configurations and settings for a team or department that uses Search Server 2008 for search.

This environment is a one-server (for Search Server 2008 Express) or two-server deployment in which the servers are not hosted by the primary IT team within the organization. Although the guidance for this environment requires some IT knowledge, it is not necessary for server farm administrators to be IT specialists.

The guidance for the internal team or department environment relies on the security of the overall network environment. Many of the default settings are intended to be used with this environment.

This environment is not intended for multiple teams. If the team or department requires a larger number of servers, or a higher level of security than is provided by the overall network environment, use the guidance for the internal IT-hosted environment.

If the environment most closely matches the internal team or department environment, go to the article Plan secure configurations for Search Server 2008 features.

An external secure access environment is one in which users can query Search Server from a location outside the local network, such as from home or from a customer site. This environment enables external users to search for content quickly, exactly as internal users do. This environment is only practical if external users also have access to the content that Search Server indexes.

Security guidance for this environment focuses on the following:

  • Authenticating and securing communication between users and the server farm.

  • Protecting database and application servers from direct user interaction and securing the server farm against risks associated with hosting Internet-facing servers.

If the environment most closely matches the external secure access environment, see Plan server farm security (Search Server 2008). The articles in this section describe designing solutions for securing server-to-server communication and client-server communication, and hardening servers for specific roles.

An external anonymous access environment is one that gives users anonymous access to content and search features from the Internet while protecting the server farm from the risks associated with hosting Internet-facing servers.

Security guidance for this environment focuses on the following:

  • Securing communication between servers.

  • Ensuring that content caching does not expose sensitive data.

  • Protecting database servers from direct user interaction and securing the server farm against risks associated with hosting Internet-facing servers in an anonymous environment.

If the environment most closely matches the external anonymous access environment, see Plan server farm security (Search Server 2008). The articles in this section describe designing solutions for security, securing server-to-server communication and client-server communication, and hardening servers for specific roles.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft