Re: Dual Nic vs. Single Nic
- From: Richard K <RichardK@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 12 Nov 2007 05:36:02 -0800
Thanks for the info. The only reason I am asking these questions is to
continue to gain knowledge. To me whether you run a single vs. dual nic I
always like to have even a basic router on the front end for the simple
reason of controlling port traffic. I never like to hook an SBS server
directly to DSL or cable. I also agree with that router you would be better
served with more firewall capabilities such as packet filtering. But am I
correct in saying the basic firewall in SBS works whether you run a single
vs. dual NIC configuation? So I guess my question comes down to, taking the
router out of the equation, what are the advantages/disadvantages of a single
vs. dual nic?
"SuperGumby [SBS MVP]" wrote:
A two NIC SBS (no ISA) is just a NAT router, nothing magic about it..
I just fired up my two NIC (no ISA) VM to check, Windows Firewall is
disabled (as I expected but had to check). RRAS NAT looks after the whole
two NIC process. RRAS is not a firewall.
You get 'shielded from outside' courtesy of not having processes listening
for traffic (IP:PORT), nothing more. A simple NAT router in front of either
(1 or 2) simply allows control of what hits the server, there is very little
functional difference between RRAS NAT and NAT provided by a simple device.
There is a (very) minor argument about 'layers' of security (the onion) and
NAT in front of SBS with or without ISA. An exploit must both traverse the
router and SBS. It has been more than a few years since I considered such
anything but barely mentionable, happened after I attended a security class.
The main purposes of such a device should be considered as a) a stable IP
interface and b) noise stopper.
If you don't have a firewall no externally initiated connection to any
server should be possible. (including SMTP, let alone HTTwhatever)
"Larry Struckmeyer" <lstruckmeyer(no spam)@mis-wizards.com> wrote in message
news:uanvwVSJIHA.1324@xxxxxxxxxxxxxxxxxxxxxxx
Hi Richard:
With a simple NAT router you should use the two nic config. SBS has its
own internal firwall that will shield it from much of the rubbish that the
bad guys try from outside your network. Only if you have a true
"firewall" between your SBS and the inet should you use a single nic
config.
--
Larry
"Richard K" <RichardK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D2C72035-E08D-49D0-9713-30EB573BBDEE@xxxxxxxxxxxxxxxx
I have an SBS 2003 standard machine (no isa) and I can configure it with a
single nic or dual nic configuration. I can also put a simple router on
my
front end between dsl and server that will do simple NAT and specific
port
forwarding. What would you do to configure the server and more
importantly
what are the pros and cons of a single vs. dual nic configuration?
Thanks!
-Richard
- Follow-Ups:
- Re: Dual Nic vs. Single Nic
- From: SuperGumby [SBS MVP]
- Re: Dual Nic vs. Single Nic
- References:
- Re: Dual Nic vs. Single Nic
- From: Larry Struckmeyer
- Re: Dual Nic vs. Single Nic
- From: SuperGumby [SBS MVP]
- Re: Dual Nic vs. Single Nic
- Prev by Date: Re: joining sbs with exchange
- Next by Date: TrendMicro CSM a good choice?
- Previous by thread: Re: Dual Nic vs. Single Nic
- Next by thread: Re: Dual Nic vs. Single Nic
- Index(es):
Relevant Pages
|
