Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SBS2003 Premium, internal firewall VS external firewall

Posted on 2003-12-01
3
Medium Priority
?
611 Views
Last Modified: 2013-11-16
We have Small Business Server 2003 Premium. As we all know it has a built-in firewall-----ISA server.

I am wondering if we should buy a external firewall, for example, SOHO3.

The reason i am thinking about an external firewall is
1. the external firewall will be in charge of internet connection sharing, this will take some workload from the server.
2. the firewall will be a DHCP server, this will take some workload from the server.
3. if the server is down, all the workstations still have access to the net

am i correct? any thoughts based on your REAL field experience?

thx
0
Comment
Question by:techcity
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 31

Expert Comment

by:qwaletee
ID: 9854585
Yeah, everything you are saying is true, plus, anything that takes a Windows PC off a direct internet connection is almost certainly a good thing!!!

Basically, Windows-as-internet-router (known as ICS in consumer versions of Windows, which is really the same thing as ISA is doing), is pretty marginal.  Windows is the first target of hackers, and its network code is not really built to do routing.  It will be somewhat more flexible than a SOHO-type router, but LESS flexible than a true firewall-router.  The most comon type of complete firewall-router is the Cisco PIX line.  The most common SOHO routers are Linksys and D-Link.  The Linksys and D-Link products (and all their competitors) are really easy to set up and administrator.  PIX requires more knowledge.

You can also get some "firewall appliances" (such as Symantec's) which offer a balance of ease of use and flexibility.
0
 
LVL 1

Author Comment

by:techcity
ID: 9855444
thx for the fast reply,qwaletee.
SOHO3 is made by SonicWall.
I think Cisco's firewall is a over kill in my situation, but Dlink or Linksys is not very configurable.
0
 
LVL 31

Accepted Solution

by:
qwaletee earned 80 total points
ID: 9856377
SonicWall is good, same class as the Symantec applienaces I mentioned, though they make a range of products.  If you don't need the configurability you mention, the cheap routers are often "good enough."  The primary limitations are a single external address, meaning that youc an't, say, run two web servers on public port 80, because there's only one external IP address for them to share.  Some other limitations:

No policy control
No content filtering
Only directly supports a simple, flat, single subnet (including DHCP)
Unmanaged (litle or no SNMP, no physical port controls)

Most org's don't need these things, of course.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question