Re: Good Firewall for Standard SBS2003

I gave you a suggestion... ;-) but I do not concur that hardware firewall is
superior than ANY server with 2 NICs.

Superior security is seperating the LAN from the WAN, single NIC does't do
this unless the hardware firewall has supports seperating LAN from WAN.




"Daniel Jewel" <cyberdudeiq@xxxxxxxxxxxx> wrote in message
news:1183137088.16985.5.camel@xxxxxxxxxxxx
thanks to ALL for the "concrete" suggestions for my search of a
"software" firewall !!!

I get the point that the hardware appliance is far superior than "just"
SBS + ISA + 2 NICS ...

However, I try to keep an open mind to products I'm unaware of such as
the "ipcop" suggestion...we all have a PIII laying around somewhere,
don't we?

As for the fact that ISA was was never certified for use with
SBS....hummm that makes me wonder why...

Dan

On Thu, 2007-06-28 at 16:28 -0500, Les Connor [SBS MVP] wrote:

Hi Daniel,

I'm not sure what you mean by "software firewall". If you mean, some
software you can install on your SBS box for enhanced security - then
look
no further than ISA, that's a no brainer.

It's relatively inexpensive (to upgrade to SBS Premium) - and you won't
find
any "software firewall" that's more capable than ISA 2k4, at any price,
that
can go on the SBS box and offer the same level of protection via the SBS
integration tools.

ISA has been running on, and protecting tens - if not hundreds - of
thousands of SBS boxes for almost 8 years now, and even longer than that
if
you consider ISA's predesessor.

ISA protected SBS boxes aren't exactly falling over, regardless of what
some
folks say "could happen". The "could happen" crowd usually has no
experience
with ISA on SBS, and in some cases there is experience, but it only
consists
of bungling the configuration by not using the wizards, and that
qualifies
their opinion.

If you're looking for an external security device (hardware with
software),
AKA "firewall", then there are quite a number of favourites mentioned in
this newsgroup. You could google search this newsgroup and get lots of
answers.

Like Dave, I have personal experience with the Sonicwall TZ 150 and 170,
and
their software (OS) and hardware seems to be in the category that's above
'not good enough'.

Security software needs hardware to run on, whether it be on your SBS, or
on
an external device.




.

Relevant Pages

  • Re: SBS 1002 Premium R2 Mangling Port Issues
    ... It's not worth considering at this point...its not supported with any version of SBS at this time. ... As Merv, points out, there are many useful purposes for the second server license that comes with SBS 2008 premium, but using it for a "Software firewall" is not one of them ... requires at least 20GB HDD capacity and Forefront Threat Management Gateway ... hardware for the second server and put Forefront on it. ...
    (microsoft.public.windows.server.sbs)
  • RE: [fw-wiz] Proverbial appliance vs software based firewall
    ... "Software security is soft security: Hardware is required." ... A software firewall doensn't enjoy the same operating environment. ... on top of an inheriently unsecure general purpose operating system (ie; ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Proverbial appliance vs software based firewall
    ... What is not meaningless to security and function is kernel size, ... functionality, hardware access levels. ... There are many security applications where monolithic kernels ... use a PC based firewall for this purpose without using many firewalls? ...
    (Firewall-Wizards)
  • Re: Good Firewall for Standard SBS2003
    ... I'm not sure what you mean by "software firewall". ... no further than ISA, that's a no brainer. ... It's relatively inexpensive (to upgrade to SBS Premium) - and you won't find ... If you're looking for an external security device (hardware with software), ...
    (microsoft.public.windows.server.sbs)
  • Re: Security Issue
    ... Funny thing is, just moments ago, after I successfully configured exchange for mail relay and authentication all the test messages I had been sending along with server reports I configured earlier, came rushing through to my ISP email account. ... I really want the accessibility features of the INternet facing services, but also want to keep on top of security issues. ... Firewall located between SBS and cable modem, and firewall is only allowing access to SBS view few select ports. ...
    (microsoft.public.windows.server.sbs)
Quantcast