Hi All,

I am looking for advice on moving an in-house intranet reporting asp.net application to the internet. Currently the application uses windows authentication and users who are not connected to the company network must first create a VPN connection. This is seen as being too restrictive for sales staff in the field especially since apple have dropped support for PPTP connections on their IOS devices. Access to areas of the application is restricted for each user and the menus varied according to their windows group membership. The data reported is sensitive information for the company and security of access is very important. From what I can see we are are faced with refactoring the web site to use ASP.net to manage users and user roles and to restrict menu item access based on these roles. There may also be a need to include a 2 factor authentication process probably via sms.

TIA Andy