4 Replies Latest reply on Jan 10, 2012 10:13 PM by BruceHerbach

    Setting up Mac server with internet access?


      One of my clients is setting up two Mac Os X10.7 server to provide services with internet access. What software should be running on a Mac to protect it from threats on the internet? A firewall and router are already in place and currently protect the Windows based servers currently in use. These will stay with modifications to allow access to the new servers.


      For background, the new main server is a Mac Pro and will be running Aqua Connect terminal services and possibly Parallels server version with two "cloned" virtual windows servers. The windows servers already have protection setup and are currently running as hardware versions. After things go live the hardware versions of the windows servers will be retired.


      The second Mac server will be running FileMaker server as it's only service. This will include Web services to support FileMaker server. Currently the databases don't use IWP or an internal web interface. Access to the FileMaker server will on the Lan and provided to either local computers or the terminal server. Remote (WAN) access will come through the terminal server.


      Thanks much

      Bruce Herbach

        • 1. Re: Setting up Mac server with internet access?

          Having a good automated backup that goes to both onsite (local) and offsite (preferably two locations) I would think should be your next consideration. A correctly setup firewall and router, along with only have the ports open necessary on the Mac Servers, is already taking care of most of your worries. You are pretty much done already.


          That being said, while the servers are secure from the outside world, it is your users and their machines that could be your biggest threat. I use Barracuda products and the Spam filter (for email) and Spyware filter (spyware, content filter) have been very handy over the years protecting us. There are other companies that have products that do the same thing. But I just suggest that the user machines are protected which in turn protects your servers from them.



          1 of 1 people found this helpful
          • 2. Re: Setting up Mac server with internet access?



            This is helpful.  Thanks very much.  I'll check out the Barracuda product line.


            Bruce Herbach

            • 3. Re: Setting up Mac server with internet access?

              Sounds like a peculiar setup.


              For the record, I've had Mac servers running indefinitely with no specific security software installed. Most I've found do little more than point out when there Windows malware in an email attachment.


              Servers in particular should be secure because the number one threat to the Mac right now is the user downloading what they shouldn't.


              This sounds like it could be a problem for you as you're using the "Main Server" as a terminal server providing virtualized Mac sessions to remote users. Kinda weird. Is this for training purposes? Anyway, if you have remote people using the machine as a Mac, they might download inappropriate software and install it, unless all remote users are non-privileged standard users.


              And you're going to have Parallels on this machine? So curious as to what this set up is for.


              On Mac's I've taken to using two security products. Eset NOD-32 for Mac and Sophos anti-malware for Mac. Both are decent products, but again they are marginally effective due to the low incidents of Mac attacks. Sounds like even virtualized Windows will still be your chief security problem.


              I also run baracuda spam firewalls for clients as well as SonicWall firewalls/gateways.

              1 of 1 people found this helpful
              • 4. Re: Setting up Mac server with internet access?



                The initial use is so staff in the office can use the mac version of FileMaker.  The client prefers the Mac set up.  So instead of replacing a number of older Window desktops with Macs,  they will use the terminal services on the Mac Pro and run FileMaker,  as well as MS Office products.


                Parallels on the box will let them keep an older 2003 server that supports quickbooks,  Windows terminal services and some other business software/history.   Over time  ( hopefully ) these will be phased out.  Quickbooks,  only runs on Windows so it will stay.  Usage for these items will be low. 


                This second part was not part of the original setup,  the client was looking at replacement for the windows server and this plan came up when we compared processing power and capability of the old Windows box and the new Mac Pro. 


                Thanks much for the suggestions

                Bruce Herbach