make only secure services available

Discussion created by ajonestipmont on Oct 10, 2013
Latest reply on Oct 15, 2013 by stsnider
I need to serve unsecured services inside my fire wall and secure services ONLY outside my firewall from the same ArcGIS server install. I have installed 2 webadaptors, one in a DMZ (outside firewall) and one inside firewall. This exposes both secured and unsecured services for inside users as expected if they have valid credentials, if not valid they only see unsecured.  This is as expected and acceptable for inside firewall users.  But on the outside firewall Web Adapter (forward facing proxy), users have to log in to see secure as expected but the unsecured services are exposed outside as well without logging in.  This is a problem.  We have applications running inside my organization that consume ArcGIS services and do not employ security and don't need to because it's inside my firewall.  I have spoken to support and they tell me i have to run parallel ArcGIS servers, one hosting secured and one hosting unsecured services which will require another license. 

The problem revolves around the unsecured services being accessed using anonymous access on the unsecured services folder.  If i disable anonymous access on that folder it is no longer unsecured.

The bottom line is some things need to be unsecured inside my firewall but cannot be unsecured outside and i do not want to purchase another ArcGIS server just to isolate these services.  Any suggestions?