Solved

SBS 2003 Firewall or External Firewall

Posted on 2004-08-11
7
690 Views
Last Modified: 2013-11-16
I have a question.

I am a programmer who is a complete novice with regard to networks. I am installing SBS 2003 on a machine to bring my network out of the stone ages. (Also, need SQL.)

I have run into a question while performing the installation. The server has two network cards in it, and I am wondering whether I should run the Firewall incorporated into SBS, or use the one in my router/firewall. (SMC Networks broadband router/firewall.)

Which is the more secure way?

Also, if anyone knows the answer to this one: Is it better to let me router be the DHCP server or should I let SBS be the DHCP server?

Any advice would be greatly appreciated.

Thanks.
Vee
0
Comment
Question by:VeeVan
  • 4
  • 3
7 Comments
 
LVL 2

Accepted Solution

by:
AndyJG247 earned 500 total points
ID: 11819911
First Question
Most secure way would be to use both, although this would increase the configuration time.
Assuming this is SBS2003 and you are meaning the ISA firewall (included only in the premium package as is SQL) then it is industry standard and very powerful however still has the problem of residing on the server itself.  Having said that its still great.  Your router firewall should be considered as the first line defence - ISA as number two in-line.


|
Router
|
|NIC#2
Server
|NIC#1
|
Switch
|
Clients

Second question
As above you would need to use the dhcp server of SBS as your router is seperated from your internal clients.  Even if this wasn't the case the SBS DNS would still be a lot more powerful (additional options etc).

Once its working I don't think you will regret using SBS.

cheers
Andy
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11820264
Andy -

I have already setup SBS using the DHCP on the server. Also, I am currently using only the Firewall on my router. Is there a way to reconfigure SBS to use it's firewall, too, or would I have to reformat and start over (not an option at this point.)

If there is a way to reconfigure, if you could provide a little insite on how that would be done would be greatly appreciated.

Thanks.

Vee
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11820267
And yes, it's SBS 2003 premium.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 2

Expert Comment

by:AndyJG247
ID: 11822162
Hi,

No need to reformat.   Main question I would ask is are you using both of the network cards in the server?

By default you have RRAS as a 'kind of' firewall setup when you run the internet connection wizard through the SBS console.  If you have both network cards in use then you would need to install ISA from the premium cd (same as the SQL one) following the installation guide that auto boots with the cd.  When it is installed it asks you to run the internet wizard again and sets itself up automatically.

If you have only one network card in use then things get a bit more complicated as ISA will only work as a proxy rather than a firewall.  With this scenario you might find it easier to stay as you are.  Have you tried "http://www.grc.com/default.htm" - Mr Gibsons Shields Up utility will allow you to scan your ip address for holes for information purposes.

One word of caution of course - if you need any inbound access - like smtp mail or you are publishing your own website etc you would need to allow these in via ISA - however I am assuming you would have had to do this on your router anyway so you would already know of this.

http://www.smallbizserver.net - this is a fantastic resource by Mariette Knap & Marina Roos MVP's if it helps.

cheers
Andy
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11822838
I have two network cards in the machine. I am only using one of them currently. I will take a look and see how complicated it would be to setup the Firewall in SBS, too. Thanks for all the input. I greatly appreciate it.

Vee
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11822850
PS: I already LOVE SBS. It's a great tool for those of us who are computer proficient, but network scared!!
V
0
 
LVL 2

Expert Comment

by:AndyJG247
ID: 11825002
No problems.  Hope it all goes well.

cheers
Andy
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
firewall rule terminology 3 40
Best firewall recommendation 12 153
Is my Machine open to hackers 3 77
SRX240 SYSLOG Setting 6 50
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now