Results 1 to 7 of 7
  1. #1

    Managed or unmanaged for a software engineer?

    I am a software engineer and I know my way around a computer. The server will only be running Windows 2008, IIS7, asp.net framework, and sql server express. That's it.

    In my laptop, I installed the antivirus and the hardware, and Windows 7 automatically downloads and installs updates. I already have someone that I can call if I need IIS 7 configuration.

    The only help I would need would be creating email addresses (I have no idea how to do that in a server), setting up the domain to the server, installing an SSL certificate, name servers, FTP, managing ddos attacks or anything that threatens my server.

    That said, should I spend on a managed server?

    Thanks.

  2. #2
    Join Date
    Sep 2003
    Location
    Amsterdam, NL
    Posts
    642
    Quote Originally Posted by vmhatup View Post
    I am a software engineer and I know my way around a computer. The server will only be running Windows 2008, IIS7, asp.net framework, and sql server express. That's it.

    In my laptop, I installed the antivirus and the hardware, and Windows 7 automatically downloads and installs updates. I already have someone that I can call if I need IIS 7 configuration.

    The only help I would need would be creating email addresses (I have no idea how to do that in a server), setting up the domain to the server, installing an SSL certificate, name servers, FTP, managing ddos attacks or anything that threatens my server.

    That said, should I spend on a managed server?

    Thanks.
    If you are a software engineer and you know your way around a computer, a managed server is probably not necessary. The issues you cite, such as setting up a domain, etc. are addressed in many articles on the internet. Obviously, you do have to be committed to hardening your server to prevent security issues, but an alternative is to use a 3rd party management company, many of whom advertise here.

  3. #3
    As its Windows you can probably get away with doing it yourself.

    Now had you said you were running linux, then you would absolutely need someone. Being a programmer is far different than being a server admin.

    However as its Windows and you likely have a decade or more of experience you can probably google your way through emails (Active Directory) and what not
    BackupTeddy - Easy Linux Backups
    Easiest automated backups for webmasters with VPS's or Servers

  4. #4
    Join Date
    Aug 2004
    Location
    Kauai, Hawaii
    Posts
    3,799
    If it's for business go managed. If it's for fun then figure it as you go along. Keep backups offsite.

    As for email, you may want to check out google apps. Hosting your own email is a unnecessary pain (spam getting through etc).
    Last edited by gordonrp; 02-23-2011 at 09:57 PM.

  5. #5
    Join Date
    Oct 2009
    Posts
    138
    Quote Originally Posted by Backupteddy View Post
    As its Windows you can probably get away with doing it yourself.

    Now had you said you were running linux, then you would absolutely need someone. Being a programmer is far different than being a server admin.
    As a security software engineer, I disagree with your assessment that hardening a Windows box is easier than hardening a *nix box. I submit that ones ability to harden a particular operating system is primarily a function of their knowledge of the OS in question.

    That being said, for the general public, it is much easier for them to gain a knowledge of *nix functionality as the code is freely available for review. There is much written about how Windows implements security, but reading a book is not the same as reading code. There are, of course, other ways to verify the binaries functionality, but it is often time consuming and changes without notice. If I was going to rank the difficulty of securing Windows and *nix, I would say Windows is significantly more difficult to achieve the same level of security that would be achieved by *nix, given the same amount of time.

    And I agree that being a software engineer is different than being a server admin -- I'm very happy my server admins take care of a lot of these details so I can focus on writing code. Unfortunately, I have to be my own server admin for my personal "fun" projects.

    @OP: If you're not intimately familiar with the internals of Windows Security (and since it sounds like you want a DC setup), I would recommend having someone set it up for you. Windows 2008 R2 is a nice OS with many enhancements over its predecessors. At a bare minimum, make sure you have your firewall configured correctly to only allow necessary ports in/out, patch the system monthly, install an AV. There are also many settings you should configure in GPO, but the person who installs your DC should hopefully be able to set you up with that.

    JZ

  6. #6
    I think you misread what I said. His running one server, not a Windows network of PC's. He only needs to know "enough" to get by. Most security issues are immediately nullified with a basic firewall... even if Windows has a million more ways to be exploited over linux. Remember his not running a network, just one server. If millions of tech-unsavvy users can leave their own windows machines running on their ADSL connections 24/7 he can run a server (aka different version Windows with IIS) just fine as a techie with a decent tutorial.

    Edit: I feel I should add for the OP's benefit, you should absolutely thoroughly make sure IIS is secure, because if something unauthorized is going to happen, its going to happen through IIS and its weird permissions and users setup.
    Last edited by Backupteddy; 02-24-2011 at 01:01 AM.
    BackupTeddy - Easy Linux Backups
    Easiest automated backups for webmasters with VPS's or Servers

  7. #7
    Join Date
    Jan 2011
    Location
    Canada
    Posts
    938
    No offense, but being a software engineer might be giving you an false sense of security. I'm one too and trust me, there's little overlap. It's like saying a mechnical engineer could be a civil engineer overnight because they both studied math.

    Please keep in mind, this is a server in the DMZ, not a laptop behind a router firewall. If its' just for personal use and you don't mind the risk of having it defaced or compromised, then by all means, use it as a learning experience. It'll take time, but I'm sure you'll manage. However, if it is for business, don't do it yourself.

    You can go managed, or probably better for you, is to do an unmanaged server and then get an expert like Rack911 to look it over and harden it for you. They might be willing to spend some time guiding you too just to make sure their hard work doesn't go to waste.

    Best of luck.

Similar Threads

  1. Graduate Software Engineer looking for work
    By Hundin in forum Employment / Job Requests
    Replies: 1
    Last Post: 05-28-2009, 11:29 AM
  2. Software Engineer
    By mtsu_bravo in forum Employment / Job Offers
    Replies: 2
    Last Post: 06-22-2007, 03:49 PM
  3. Need a software engineer/programer/dev.
    By Lurkos in forum Employment / Job Offers
    Replies: 2
    Last Post: 02-17-2006, 02:27 PM
  4. ControlScan Senior Software Engineer
    By abiddar in forum Employment / Job Offers
    Replies: 0
    Last Post: 12-15-2005, 04:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •