Re: What to use for a Firewall device?

Why would you never trust ISA?

Thank you,

ebrind


"Leythos" <void@xxxxxxxxxxx> wrote in message
news:MPG.1d343d5463df4399989976@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> In article <1120533698.184151.308850@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
> stephen346_news@xxxxxxx says...
>> Hello,
>>
>> I have the SBS 2003 w/o sp1, standard edition.
>>
>> We have added a cable modem to the office, and have yet to engage it.
>> We need some firewall in place, and personal the one that is part of
>> SBS 2003 standard, I do not think is hardened enough.
>>
>> I have two NIC's in the SBS 2003 server, and currently the server is
>> the DHCP server as well.
>>
>> We have disabled a fair number of the remote access parts of the
>> server, and really need to be sure that all outside access is disabled.
>>
>> I also only have the Exchange set up for Internal e-mail, and would
>> like
>> some way to confirm that it is not wanting to fetch or send send any
>> e-mail.
>>
>> I am think in of a Hareware device, Watchguard, Cisco 501 pix. I am
>> open to ideas, may be the ISA server or some other Firewall OS/software
>> in a PC.
>
> The WatchGuard X700 makes a perfect firewall appliance in front of any
> public facing server. You can set it up for Drop-in mode or routed mode
> - means you can have your public IP on both sides or you can NAT the LAN
> side.
>
> I would never trust ISA, and yes I know it's a firewall, but I never put
> a server directly on the net, and not a Windows server, even protected
> by ISA.
>
> The WatchGuard units will also filter attachments in SMTP and content in
> HTTP, so you get a lot of nice features in an appliance.
>
> If worse comes to worse, get a NAT router and put in front of the server
> and port forward 25 inbound to the server - do not put it live on the
> Net, not even in a dual-nic ISA mode.
>
>
> --
> --
> spam999free@xxxxxxxxxx
> remove 999 in order to email me


.

Relevant Pages

  • Re: SBS VPN setup?
    ... wouldn't need ISA, so that is completely gone in the matter. ... are you referring to a firewall device hardware type, ... I prefer SBS 2k3 without ISA. ... outlined above...and the firewall appliance is an ISA server, ...
    (microsoft.public.windows.server.sbs)
  • Re: ISA 2004 run as network service problem
    ... Do you have anything in between your gateway device and the SBS external NIC? ... It's not uncommon for external routers and/or firewall type devices to block VPN. ... I'm into more than one VPN issue to day and can't remember if I asked you - you did run the "configure remote access" wizard from the Internet page of the Server Mgmt. ... > the service only fails to start at boot after i change the account ISA ...
    (microsoft.public.windows.server.sbs)
  • Re: Firewall and ISA
    ... good idea to use ISA on SBS (it will be the only server in the network). ... If ISA on SBS is not a good idea, ... A hardware firewall: Cost runs about $900 and more, ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS VPN setup?
    ... And if you have a hardware firewall you haven't flashed in years they just got in through a exploit. ... SBS plugs into a switch with the other computers and the switch is plugged into a firewall appliance with 2-nics. ... To compare apples to apples, let us assume there is a network setup as I outlined above...and the firewall appliance is an ISA server, such as those available from Celestix. ... > learn and test the RWW solution before deploying it. ...
    (microsoft.public.windows.server.sbs)
  • RE: OWA page not displayed Outside
    ... Open the ISA Server management console, ... On the ISA Server computer, stop the Microsoft Firewall service. ...
    (microsoft.public.windows.server.sbs)
Loading