Solved

SBS 2003 Firewall or External Firewall

Posted on 2004-08-11
7
695 Views
Last Modified: 2013-11-16
I have a question.

I am a programmer who is a complete novice with regard to networks. I am installing SBS 2003 on a machine to bring my network out of the stone ages. (Also, need SQL.)

I have run into a question while performing the installation. The server has two network cards in it, and I am wondering whether I should run the Firewall incorporated into SBS, or use the one in my router/firewall. (SMC Networks broadband router/firewall.)

Which is the more secure way?

Also, if anyone knows the answer to this one: Is it better to let me router be the DHCP server or should I let SBS be the DHCP server?

Any advice would be greatly appreciated.

Thanks.
Vee
0
Comment
Question by:VeeVan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 2

Accepted Solution

by:
AndyJG247 earned 500 total points
ID: 11819911
First Question
Most secure way would be to use both, although this would increase the configuration time.
Assuming this is SBS2003 and you are meaning the ISA firewall (included only in the premium package as is SQL) then it is industry standard and very powerful however still has the problem of residing on the server itself.  Having said that its still great.  Your router firewall should be considered as the first line defence - ISA as number two in-line.


|
Router
|
|NIC#2
Server
|NIC#1
|
Switch
|
Clients

Second question
As above you would need to use the dhcp server of SBS as your router is seperated from your internal clients.  Even if this wasn't the case the SBS DNS would still be a lot more powerful (additional options etc).

Once its working I don't think you will regret using SBS.

cheers
Andy
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11820264
Andy -

I have already setup SBS using the DHCP on the server. Also, I am currently using only the Firewall on my router. Is there a way to reconfigure SBS to use it's firewall, too, or would I have to reformat and start over (not an option at this point.)

If there is a way to reconfigure, if you could provide a little insite on how that would be done would be greatly appreciated.

Thanks.

Vee
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11820267
And yes, it's SBS 2003 premium.
0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 2

Expert Comment

by:AndyJG247
ID: 11822162
Hi,

No need to reformat.   Main question I would ask is are you using both of the network cards in the server?

By default you have RRAS as a 'kind of' firewall setup when you run the internet connection wizard through the SBS console.  If you have both network cards in use then you would need to install ISA from the premium cd (same as the SQL one) following the installation guide that auto boots with the cd.  When it is installed it asks you to run the internet wizard again and sets itself up automatically.

If you have only one network card in use then things get a bit more complicated as ISA will only work as a proxy rather than a firewall.  With this scenario you might find it easier to stay as you are.  Have you tried "http://www.grc.com/default.htm" - Mr Gibsons Shields Up utility will allow you to scan your ip address for holes for information purposes.

One word of caution of course - if you need any inbound access - like smtp mail or you are publishing your own website etc you would need to allow these in via ISA - however I am assuming you would have had to do this on your router anyway so you would already know of this.

http://www.smallbizserver.net - this is a fantastic resource by Mariette Knap & Marina Roos MVP's if it helps.

cheers
Andy
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11822838
I have two network cards in the machine. I am only using one of them currently. I will take a look and see how complicated it would be to setup the Firewall in SBS, too. Thanks for all the input. I greatly appreciate it.

Vee
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11822850
PS: I already LOVE SBS. It's a great tool for those of us who are computer proficient, but network scared!!
V
0
 
LVL 2

Expert Comment

by:AndyJG247
ID: 11825002
No problems.  Hope it all goes well.

cheers
Andy
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

761 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question