Living in the age of the increasingly mobile workforce, secure external access is becoming an integral element in the success of any intranet. Employees need your intranet and the business-critical information it contains to move with them in order to do their job – wherever it might take them.

The main concern for organizations looking to set up external access to internal systems is security. Considering the sensitive and strictly internal nature of the information contained within your intranet, you need to be sure only valid users are accessing it.

If you have iD set up to be externally accessible over the internet, you can restrict access to the Admin interface to your specific internal IP Range. This adds an extra level of security, not to mention peace of mind, by preventing any ‘outsiders’ from accessing the Admin interface and trying to guess your password. This is especially useful when you know you’ve been a little less than creative when selecting one.

All you’ll need is access to the webserver, and someone with a basic knowledge of IIS. The steps below will be different if you’re using IIS6 or IIS7, but let’s start with 7…

IIS7

  1. Start by expanding the Intranet DASHBOARD website, click the Admin folder and select the ‘IP Address and Domain Restrictions’ icon.
  2. Select ‘Add Allow Entry’ from the Actions menu on the right and enter your internal IP range.
  3. Now select Edit Feature Settings from the Actions menu, and change ‘Access for unspecified clients’ to ‘Deny‘. Now only users on your internal network will be able to access the iD Admin.

    4. But wait! We’re not done yet!

  4. Expand the Admin folder, click the Images folder and again select the ‘IP Address and Domain Restrictions’ icon.
  5. Select ‘Edit Feature Settings’ from the Actions menu, and change ‘Access for unspecified clients to Allow’, since there are images in this directory that are required on the front end.

IIS6

  1. Start by expanding the Intranet DASHBOARD website,  right click the Admin folder and select ‘Properties’.
  2. Select the ‘Directory Security’ tab, and click ‘Edit’ under ‘Authentication and access control’.
  3. Change the setting here, so by default, all computers will be Denied Access.
  4. Now add your internal IP Range to the list here and click OK -  now only users on your internal network will be able to access the iD Admin.

    5. But wait! We’re not done yet!

  5. Expand the Admin folder, right click the Images folder and select ‘Properties’.
  6. Again, select the ‘Directory Security’ tab, and click ‘Edit’ under ‘Authentication and access control‘.
  7. This time, change ‘Denied Access’ to ‘Granted Access’, since there are images in this directory that are required on the Front End.

…and we’re done! And in just a few simple steps we’ve greatly increased the security of the website. We can all sleep soundly tonight.

Further Reading