Re: network config question
From: JOlson (TJMCG) (jolson_at_tj-myers.com)
Date: 04/13/04
- Next message: JOlson (TJMCG): "Re: SMTP outgoing issues"
- Previous message: Jonathan Lotman [MSFT]: "RE: Time synchronization"
- In reply to: rockymtntuna: "network config question"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 13 Apr 2004 19:27:33 GMT
It is sad that they no longer include ISA on the standard ed. of SBS!
I know that with very careful hardening of Server/Exchnage you can
safely do what you're talking about -- as well as good patch
management. However, I feel much better using a application based
filter for my smtp/http/pop traffic. ISA does a good job of this
(IMHO). It would have no qualms about having both Sonicwall and ISA
between the internet and your SBS box.
Jason Olson
Solutions Mgr
www.tj-myers.com
TJ-Myers Consulting Group
On Tue, 13 Apr 2004 10:33:02 -0600, "rockymtntuna"
<stan9753@yahoo.com> wrote:
>I am setting up SBS2003 to replace old NT 4 domain with exchange 5.5. Have
>previously been using sonicwall and opening ports for SMTP mail to flow
>through firewall to Exchange.
>
>My question is would it be a good idea to add a second NIC to the SBS box
>and use SBS firewalling behind the sonicwall. So I would in effect be
>forwarding the mail ports from the sonicwall to the outside NIC of the SBS
>server and then creating another subnet using the internal NIC.
>
>I just have the standard addition so no ISA. It seems like kind of a
>security issue to have ports 25. 110, 80 open to the SBS server. Would
>appreciate your opinion.
>
>Thanks!
>
- Next message: JOlson (TJMCG): "Re: SMTP outgoing issues"
- Previous message: Jonathan Lotman [MSFT]: "RE: Time synchronization"
- In reply to: rockymtntuna: "network config question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
