You are here: Installation Overview > Network Security

Network Security

If you plan to use Faculty Access for the Web over an Internet connection, set up security to limit access to the database.

Warning: We do not accept any responsibility for the unauthorized access of your system. To determine your organization’s security needs, use knowledgeable technical staff or consulting services.

You should configure Faculty Access for the Web to allow secure connections to the Faculty Access for the Web site. This complex issue has many solutions. No matter which security configuration you select, we recommend you enable your IIS server to run Secure Sockets Layer (SSL). SSL provides a level of encryption to all incoming and outgoing HTTP requests equal to that of an online banking or secure e-Commerce site. SSL affords a level of safety to information on the Internet.

Tip: For more information about SSL installation and configuration, consult your IIS documentation and the Microsoft and VeriSign websites.

This section provides you with basic information to consider when you make decisions about Faculty Access for the Web. We recommend you discuss these options with your network administrator, firewall vendor, or ISP.

Your users can access Faculty Access for the Web via your intranet or the Internet.

Intranet

You can run Faculty Access for the Web on a web server within your organization accessible only to those logged into the internal network. This method is secure because all users are authenticated as valid users of the internal network before they gain access to Faculty Access for the Web. It does not provide access to the program directly from your external website.

Internet

Faculty Access for the Web can run on a web server visible on the Internet so you can access the website from a W3C-compatible web browser through an external Internet connection.

The web server must be located on the same network as the Education Edge database; it should not be hosted by your ISP unless your ISP hosts your database server as well. If you use this method, others may see your website but cannot log into the site without user names and passwords. If you use a firewall to prohibit access to the internal network through the Internet, determine how to grant access to the Education Edge database from your web server.

Firewall Issues

If you plan to install Faculty Access for the Web on an Internet server, you need to consider where to place the Education Edge database. We recommend the database be on your organization’s network, behind the firewall. This reduces the chance of unauthorized access.

Confer with knowledgeable staff and consultants to select a security option that safely grants the web server access to the database through the firewall. Your options depend on the make and model of your firewall. For more information, we recommend you consult with your firewall vendor or ISP.

Examples of security options include:

 •   Open a “pinhole” in the firewall. A pinhole is a designated port in the firewall that provides access to the database. With Faculty Access for the Web, you can limit database transactions to the assigned port.
 •   Use packet filtering. Some firewalls allow access to computers within a specified IP address range. A filter is added between the web server and the Internet to prohibit access to the web server unless a predefined address is used.
 •   Use Secure Sockets Layer (SSL). Secure Sockets Layer (SSL) is a data security method available as part of your IIS program. SSL encrypts all data passing between the Web browser and the client (workstation). The data is secure while in transit through the firewall and is decrypted when the client accesses it.