NETWORK PROJECT
.1 Create a windows Server with IIS installed.
2. Create an Application Security Group(ASG) in the same region as your Server.
3. Go the Server's NSG and Add an inbound rule on port 80 and Port 443.
4. Create firewall and attach it to the Server's Vnet to secure your environment from malicious threats.
5. Once done, Copy your Public IP to a browser and ensure there is connectivity
NOTE: starting from how to install IIS on a window server.
1. Create a windows Server with IIS installed.
In order to carry out the above project its important to note that you need an active azure account with a subscription and also have the prerequisite of how to create an azure windows sever. I will be starting this project from the stage of how to install IIS on window sever.
Step 1: after successfully creating and connecting to a window server; click on “Add Roles and Features” and click on Next
Step 2: on the installation type careful look at the screen and ensure that the “Role-base or feature-base installation” is tick as show in the image below and click on Next
Step 3: on the select destination sever page, ensure that “select a server from the server pool” is tick and confirm that the right IP address is selected and click on Next
Step 4: on the select server roles search for web server (IIS) and click on it and click on Add Features, proceed to the next page by clicking next
Step 5: leave others pages at there default state by click on next to the confirmation page and click on “Install” to complete the process
2. Create an Application Security Group(ASG) in the same region as your Server.
To carry out the above project, sign in to azure an search for Application Security Group (ASG) on the search bar;
Step 1: click on create ASG
Step 2: Project details; assign / select subscription and recourse group
Step 3: Instance details; assign a name and ensure that the region is align or it’s same with the region of the server created
Step 4: click on Review+create
Step 5: click on create.
3. Go the Server's NSG and Add an inbound rule on port 80 and Port 443.
In order to carry out the above task; search for Network security group (NSG) in the azure search bar and click on the NSG that was created default by azure for your sever and select inbound security rules.
Step 1: on the next page select the inbound security rules and click on “Add” to create an inbound security, as showed in the image below;
Step 2: Source should be left as “Any” to enable public / general access to the server and source port range should be left as (*)
Step 3: Destination; select “application security group”
Step 4: Destination application security groups; select the ASG that was created in project 2.
Step 5: Destination port will be changed to 80,443 (80 is for HTTP, 443 is for HTTPS)
Step 6: Protocol should be left at “Any”
Step 7: Action should be left as “Allow”
Step 8: Priority Role will be change to 100 in order to take priority over the previous rule
Step 9: Name; give it your preferred name and click on Add to complete this process.
4. Create firewall and attach it to the Server's Vnet to secure your environment from malicious threats.
In order to carry out the above task; search for firewall on azure search bar and click on it and click on create as displayed in the image below;
Step 1: Project details; select your preferred subscription and resource group
Step 2: : Instance details; assig a name and ensure that the region it’s same with the region of the server, and select your prefer availability zone.
Step 3: Firewall SKU should be Premium
Step 4: Firewall management should be left at default; that's “use firewall policy to manage this firewall”
Step 5: Firewall policy; click on add new and create a firewall policy by given the policy name, region same region of the server and policy tier should be at premium and click ok to continue
Step 5: Choose a virtual network; you can either create a new one or use existing virtual network for the purpose of this project I will be creating a new one.
Step 6: Public IP address; you can either create a new one or use existing virtual network for the purpose of this project I will be creating a new one.
Step 7: leave other settings at default state and click on review+create
Step 8: click on create when it pass validation.
5. Once done, Copy your Public IP to a browser and ensure there is connectivity
in order to carry out the above task simply copy the public IP address of the server created and past on a web browser and if all settings are well carried out it will displayed as in the image below;
