asked on

SBS2003 Premium, internal firewall VS external firewall

We have Small Business Server 2003 Premium. As we all know it has a built-in firewall-----ISA server.

I am wondering if we should buy a external firewall, for example, SOHO3.

The reason i am thinking about an external firewall is
1. the external firewall will be in charge of internet connection sharing, this will take some workload from the server.
2. the firewall will be a DHCP server, this will take some workload from the server.
3. if the server is down, all the workstations still have access to the net

am i correct? any thoughts based on your REAL field experience?

thx

qwaletee

Yeah, everything you are saying is true, plus, anything that takes a Windows PC off a direct internet connection is almost certainly a good thing!!!

Basically, Windows-as-internet-router (known as ICS in consumer versions of Windows, which is really the same thing as ISA is doing), is pretty marginal. Windows is the first target of hackers, and its network code is not really built to do routing. It will be somewhat more flexible than a SOHO-type router, but LESS flexible than a true firewall-router. The most comon type of complete firewall-router is the Cisco PIX line. The most common SOHO routers are Linksys and D-Link. The Linksys and D-Link products (and all their competitors) are really easy to set up and administrator. PIX requires more knowledge.

You can also get some "firewall appliances" (such as Symantec's) which offer a balance of ease of use and flexibility.

Y Y

ASKER

thx for the fast reply,qwaletee.
SOHO3 is made by SonicWall.
I think Cisco's firewall is a over kill in my situation, but Dlink or Linksys is not very configurable.

ASKER CERTIFIED SOLUTION

qwaletee

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial