As a security professional I'll point out that there is legit concern if the
i-based solution were to keep database, apps, and web services on a single
LPAR. By definition the database server would be in the outer DMZ as that's
where the web servers have to reside to be visible to the outside world.
Regardless of the inherent security of the apps and underlying platform,
from an architecture standpoint that would be bad and goes against secure
design practices.

Of course that can be mitigated by placing the web server on a different
LPAR or physical system than the app/db layers. So the platform comparison
should be be between IIS on a dedicated Windows instance (physical or VM) v.
Apache on a dedicated i instance (physical or LPAR). Both scenarios
segregate the web server from the back-end app & db layers. And both add
cost and/or admin overhead v. putting everything on a single box.

But honestly, that's not even the comparison that needs to be made. The
content tools & apps that will drive the new site should determine the
underlying web server technology and from there the platform decision is
easier as it's the platform that the web server tech runs on. This is
somewhat complicated since Apache runs on most everything but you could make
a decent case for the comparison to be limited to IIS V. Apache-on-i.

You may even find that a blended approach is best.
IIS/SharePoint-on-Windows for the static content, CRM, etc. supplemented by
an SSO-enabled hand-off to Apache-on-i for the i-centric stuff.

On Tue, Apr 12, 2011 at 10:02 AM, Bryce Martin <BMartin@xxxxxxxxxxxx> wrote:

hahahaha. That figures. The guys is trying to tell your President that
IIS is more secure than the IBM i.... ohh boy. hahahahaha.

You need to ask the network guy in what ways the IIS server is more secure
than the IBM i. Press him on it... make him give examples of how IBM i
can be hacked and IIS cannot. Oh please report back with his answer,
because this HAS to be good :D


Thanks
Bryce Martin
Programmer/Analyst I
570-546-4777



Rich Dotson <rich_dotson@xxxxxxxxxxx>
Sent by: web400-bounces@xxxxxxxxxxxx
04/12/2011 10:36 AM
Please respond to
Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>


To
<web400@xxxxxxxxxxxx>
cc

Subject
Re: [WEB400] iSeries vs IIS web site








Just one word of caution. Do not try and turn a programmer into a
marketing website designer.
Prior to taking this position I was a consultant for 18 years on the IBM
midrange with the last 5+ years also doing web development using Microsoft
products (.aspx, c#, vb.net, etc..). I've created a few prototype web
pages for marketing to review and they were thrilled with the prototype
and ideas I presented. My problem is that the network guy went over my
head to the President and said that doing it this way was not secure as
the IIS server and can be easily hacked if we went that direction. That
is when I started doing my research on running a web site on the iSeries.


--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.



--- This message (including any attachments) is intended only for the use
of the individual or entity to which it is addressed and may contain
information that is non-public, proprietary, privileged, confidential, and
exempt from disclosure under applicable law. If you are not the intended
recipient, you are hereby notified that any use, dissemination,
distribution, or copying of this communication is strictly prohibited. If
you have received this communication in error, please notify us and destroy
this message immediately. ---
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.





As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.