Re: Exchange Server / ISA / Firewalls

In message <1115712439.276322.144450@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, catazy@xxxxxxxxxxx writes 
Yes, I currently have the sbs site working fine. It was more because I
am planning installing an exchange server 2003 site using the same
network and was hoping to share the internet connection and rather than
have them both setup differently I was hoping to keep a standardised
setup. What do people do if their server is not located next to the dsl
router?

Personally I install a Netgear Web Router (includes a 4 port switch) on the DSL line and then place the SBS server on that switch. With no port forwarding the Netgear devices completely blocks ALL incoming ports to the SBS server. You don't need to open port 25 for Exchange as it instigates the connections to your ISP or POP boxes when required and NAT takes over.

Only on sites where I need incoming VPN's or other incoming services do I start port forwarding from the Netgear router to the SBS server. Still very safe.

The other advantage on this method means you get a small DMZ for other uses.

I have read that article before and I am a fan of ISA it was just I
wasn't sure how ISA reacts to a hardware firewall. I do get slightly
nervous having our main server connected directly to the Internet (ISA
or no ISA). Although ISA is a good firewall, it is also based on the
Windows environment.


ISA should not care about the hardware firewall at all, it just needs to use it as the gateway rather than the modem etc.

--
Andrew D. Newbould                  E-Mail:  newsgroups@xxxxxxxxxxxxxxxxx

ZAD Software Systems                Web   :  www.zadsoft.com
.

Relevant Pages
Quantcast