Solved

Design question...

Posted on 2002-06-19
10
218 Views
Last Modified: 2010-04-13
I just started at this new job. I am building them a brand new network, with brand new servers, etc. This is a small company (35 employees) so I was given a limited budget in which to buy equipment.

This is the equipment I have, and the duties that I have assigned to them thus far. My problem is I don't have a router, so I'm going to have to use one of the servers to handle routing duties. Whichever box I pick will have a second NIC in it, which I will hook the DSL line right up to. Which box should the second NIC go in to?

Server 1: Domain controller. Will be setup to handle DNS, print server, and maybe some file storage since the drives in it are pretty big.

Server 2: File server. This has a mission critical database on it, and will also serve as our main file storage location.

Server 3: SBS 2000 server. This is where Exchange 2000 will be running, as well as ISA 2000.. so this is our mail and our firewall box.

Server 4: Terminal Server/RAS box. This is the machine that our 5 employees in a remote office are going to connect to across the Internet to work on.

So, based off of this amount of equipment, which box should the line go into?
0
Comment
Question by:Gabe_Rivera
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 1

Expert Comment

by:Banyan99
ID: 7092985
I know this is not the answer you want to hear but maybe you should consider a basic 16 port firewall/router/switch. This would eliminate the need for a second nic in any machine and could also be used as the main swtich for the network. These can be picked up now for less than $200.
0
 
LVL 17

Accepted Solution

by:
mikecr earned 200 total points
ID: 7093256
Your SBS 2000 box. Your going to want to keep your firewall as close to your internet connection as possible, however, be careful with running Exchange and ISA server on the same box as you will need to make sure that you create a rule in your rule base to open the SBS box for email traffic as this will all be closed off by default.
0
 
LVL 7

Expert Comment

by:jmiller47
ID: 7093428
I agree with Banyan. I would never do routing on a Windows 2000 PC. You could however, pick up an even cheaper solution for the time being until your company can afford a router.

You could purchase a 1-4 port Linksys Router that would do nothing but serve Internet routing and basic Firewall. Then you would have the ability to NAT easily if you needed and your other Firewall would be even more effective with the Linksys router handlng the incoming firewall  also. (You could also turn off all functions except routing too if you wanted...) This solution would be under $100. You can actually pick them up for like $50-$60 on a deal.

They are very stable and reliable. It can also act as a DHCP server, DNS, NAT, and other features if for some reason, your DNCP server went down temporarily, you could start up DHCP on the router.


I hope this is of some help to you...
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 1

Author Comment

by:Gabe_Rivera
ID: 7093573
Why would you never do routing on a Windows 2000 server? I have a Windows 2000 box that I use for routing at the office right now and it works like a champ, what's the problem?

As I said, barring additional costs, which box would you pick? I have 1 vote for the SBS box.
0
 
LVL 7

Expert Comment

by:jmiller47
ID: 7093605
"Why would you never do routing on a Windows 2000 server? "

One - This is software driven and Microsoft not only has many "security" problems, but is prone to crash periodically.

Two - Putting all your eggs in one basket... If you do routing, DNS, Domain Controller, e-mail, file services, and print services on one computer and a print queue gets hung up and the only thing you can do to fix it is to reboot the Windows 2000 based server, BOOM, there goes everything all your users were working on.... because of a simple stuck print queue.

Three - Ease of use. Setting up Windwos 2000 routing and remote access is not only a bit difficult, you usually need training, and if something is not working right, it could take a LONG time to get it going. The hardware router? You reset it to default settings, change a few settings using web interface, and done. Or if it is completely dead, go get another for under $100. Set the new one up in just minutes.

Four - Uptime. If something really bad happened to that server, and you needed to reinstall or take it down for heavy maintenance, all users lose routing and Internet Access for that time also. If it had to go down for some reason and you didn't have all the services on that box and the router was a hardware router, then Internet Access for reasearch, mail, etc.. would still be possible.

Otherwise, to your specifications, I woud also go with the box with the ISA server service on it...
0
 
LVL 7

Expert Comment

by:jmiller47
ID: 7093608
BTW - I feel the same way about Software RAID for the same reasons. It can be done, and people can get it to work, but think of the complications that could happen if something were to go wrong...
0
 
LVL 17

Expert Comment

by:mikecr
ID: 7093713
Please keep in mind Gabe that this is not the opinions of all of the Experts here. I have no problem with software routing or basically anything else that you need to get by with on a 35 user network, however, if we would be talking a 350 user network then I would suggest moving to hardware instead. A lot of companies normally can't afford to do things the way the IT department wishes them to be done so it remains that you need to apply work arounds in different situations. Against popular belief, I personally have had Windows 2000 servers that have been running for over a year now without any reboots except for the ocassional application of a recommended patch. I'll grant you that Microsoft has had some security bugs but they are making great effort to fix these problems and I would have more respect for knowing you have a problem and attempting to fix it than ignoring the situation altogether.

I had a nasty problem once with a Linksys wireless access point that I got the run around for 2 days on from them before anyone had the common sense to give me a beta copy of their firmware for it that didn't completely cure the problem but it did help. So this goes to show that any company can have faults, it just depends how they handle them.
0
 
LVL 1

Author Comment

by:Gabe_Rivera
ID: 7093724
Thank you for your comments and input Mike, it's very much appreciated.
0
 
LVL 7

Expert Comment

by:jmiller47
ID: 7093732
Very nicely put mikecr!
0
 
LVL 1

Author Comment

by:Gabe_Rivera
ID: 7096260
Hey I forgot to ask:

I have found that with Small Business Server and the installation of Exchange 2000, it wants the server to be a domain controller.

Should I be concerned about a machine that will be my primary domain controller, my Exchnage server, and my firewall server all sitting out there on the Internet for someone to come and abuse?
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to migrate DHCP sever on Windows 2003  to Windows 2008 4 521
Windows 2000 Print Server 2 1,064
Windows 7 7 281
Change port for terminal servers (2000 and 2003) 3 176
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Configuring Remote Assistance for use with SCCM

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question