Re: SBS Advice Please
From: Javier Gomez [SBS MVP] (javier_gomez_at_REMOVE.THIS.engineer.com)
Date: 11/17/04
- Next message: Koosha: "Re: MDBDATA folder"
- Previous message: Michael Patrick: "New ISA install - More questions"
- In reply to: Michael Cook: "Re: SBS Advice Please"
- Next in thread: Frank McCallister SBS MVP: "Re: SBS Advice Please"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 17 Nov 2004 14:22:06 -0500
Hi Michael!
The link that Frank gave you will give you a clear picture of how the
network will be connected:
http://www.smallbizserver.net/Default.aspx?tabid=52
Notice that the netgear router will be infront of ISA.
I must point out that you don't need port 444 if you don't plan to use
Sharepoint from the outside. However, if you want to use RWW you will need
4125 also open. Of course, there are other ports that are required depending
on your setup (i.e. 25 for SMTP mail). You can get a list of the SBS ports
here:
http://msmvps.com/bradley/archive/2003/11/27/860.aspx
[most of my instalation have 25, 443, 1723 and 4125 open]
I'm kind of lost on how the VPN on the Linux box is used and you should be
aware about how exactly you want these to connect... I say this because VPN
is the only thing (IMO) that might require to change your setup.
-- Javier [SBS MVP] www.msmvps.com/javier << SBS ROCKS!!! >> "Michael Cook" <MichaelCook@discussions.microsoft.com> wrote in message news:C640B6E1-DBD5-4A60-9B05-52EEC61CE2AE@microsoft.com... > Wow... Something I always liked about the Linux community was the gracious > support from end users. I am glad to see that here as well. > > No I gues share-point is not nessesary outside but I would like remote > desktop feature for home users. We will still use Linux for our VPN > functions as I dont have enough licenses for all our connections and some > of > the 911 offices purchased XP home ( without my knowledge ). They use the > Linux box for filesharing and printing, so we will use that for VPN too. > > The Netgear firwall is our router too and it appears to protect fine. > Should I turn on the other nic card and install ISA or can I use the one > Nic > that is in ther for everything. I really just want the extra protection > for > SQL server as it is the protected patient data. > > Thanks again. I am really appreciative. > > "Javier Gomez [SBS MVP]" wrote: > >> > Once again please excuse my simple questions as we have always been a >> > linux >> > shop. I made the SBS purchase about a month ago and am very impressed. >> > I >> > do >> > however have a couple of questions. >> >> We all been down that road... keep asking questions! >> >> > Our setup. New server Intel 3.0 with 1 gig of ram and 2- 80gig sata >> > drives >> > on raid 1. >> > Plenty of horsepower for our needs. We have 8 office personell that >> > will >> > use the server heavily during buisenss hours, as all of our Access apps >> > are >> > moving to the SQL server. Also we will use the exchange exclusively >> > for >> > 15 >> > users. All of our data is patient information and needs to be >> > protected >> > as >> > much as possible. ( HIPPA) >> > >> > I plan to open ports 444, and 443 as well as allow outlook over http. >> > ( >> > by >> > the way I love that ) >> >> Sounds good. You want to have Sharepoint available from outside? >> >> > Here is my question. Should we use the ISA program and if so why. >> >> Traditionally, ISA is a love-it or hate-it product. Personally, I'm on >> the >> "love-it" group... however, I recognize that it is intimidating and more >> complicated than a traditional firewall at first (mostly because by >> default >> is much more locked down). ISA provides a level of control that no >> traditional firewall can offer and you get features (like application >> level >> filtering) that are only available in pricier firewalls. Since you appear >> to >> already have SBS Premium Edition, then I will definitely install ISA. >> >> More specifically... I would choose ISA mainly because: >> >> -Detailed Internet Usage Reports (that can be traced down to the user >> level) >> -You can control what a specific user can access and what not (you can do >> this by: protocol, IPs, websites, content and even time of day!). >> -You can publish servers behind ISA which shields the servers/services >> much >> more than simply forwarding a port. >> -Probably a lot more reasons, but I just got tired of typing :-) >> >> You might want to read this, so you can familiarize yourself with ISA a >> little bit: >> http://www.smallbizserver.net/Default.aspx?tabid=91 >> >> > Also should I install the Trend SMB all to this box or put the main >> > components on a win2k workstaton to free up resources. >> >> I would say most definitely not (I didn't even know it was possible to >> install it on a workstation). Install Trend on the SBS box. >> >> > Also I noticed on my laptop that when I am home I can still login as my >> > domain user. I know I cant see the domain controller from home so does >> > xp >> > pro login with defualt profiles, if it cant find the server? >> >> This is called cached credentials.... it will use the profile that is >> stored >> on the machine for the user (not the default one). Remeber that the >> machine >> always keeps a copy of the profiles (even if you are using roaming >> profiles, >> the "different" parts of the profile are copied back/forth). >> >> > Oopps almost forgot we use a Netgear FVS318 Prosafe VPN firewall for on >> > the >> > front end for network protection. >> >> Do you plan to use it as an end-point of VPN connections? or you can use >> the >> SBS box instead? >> >> -- >> Javier [SBS MVP] >> www.msmvps.com/javier >> << SBS ROCKS!!! >> >> >> > >> > "Michael Cook" wrote: >> > >> >> Once again please excuse my simple questions as we have always been a >> >> linux >> >> shop. I made the SBS purchase about a month ago and am very >> >> impressed. >> >> I do >> >> however have a couple of questions. >> >> >> >> Our setup. New server Intel 3.0 with 1 gig of ram and 2- 80gig sata >> >> drives >> >> on raid 1. >> >> Plenty of horsepower for our needs. We have 8 office personell that >> >> will >> >> use the server heavily during buisenss hours, as all of our Access >> >> apps >> >> are >> >> moving to the SQL server. Also we will use the exchange exclusively >> >> for >> >> 15 >> >> users. All of our data is patient information and needs to be >> >> protected >> >> as >> >> much as possible. ( HIPPA) >> >> >> >> I plan to open ports 444, and 443 as well as allow outlook over http. >> >> ( by >> >> the way I love that ) >> >> >> >> Here is my question. Should we use the ISA program and if so why. >> >> Also should I install the Trend SMB all to this box or put the main >> >> components on a win2k workstaton to free up resources. >> >> >> >> Also I noticed on my laptop that when I am home I can still login as >> >> my >> >> domain user. I know I cant see the domain controller from home so >> >> does >> >> xp >> >> pro login with defualt profiles, if it cant find the server? >> >> >> >> Thank You very much >> >> >> >> Michael Cook >> >> IT Manager >> >> Sumner County EMS >> >> >>
- Next message: Koosha: "Re: MDBDATA folder"
- Previous message: Michael Patrick: "New ISA install - More questions"
- In reply to: Michael Cook: "Re: SBS Advice Please"
- Next in thread: Frank McCallister SBS MVP: "Re: SBS Advice Please"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
