Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SBS 2003 Firewall or External Firewall

Posted on 2004-08-11
7
Medium Priority
?
700 Views
Last Modified: 2013-11-16
I have a question.

I am a programmer who is a complete novice with regard to networks. I am installing SBS 2003 on a machine to bring my network out of the stone ages. (Also, need SQL.)

I have run into a question while performing the installation. The server has two network cards in it, and I am wondering whether I should run the Firewall incorporated into SBS, or use the one in my router/firewall. (SMC Networks broadband router/firewall.)

Which is the more secure way?

Also, if anyone knows the answer to this one: Is it better to let me router be the DHCP server or should I let SBS be the DHCP server?

Any advice would be greatly appreciated.

Thanks.
Vee
0
Comment
Question by:VeeVan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 2

Accepted Solution

by:
AndyJG247 earned 2000 total points
ID: 11819911
First Question
Most secure way would be to use both, although this would increase the configuration time.
Assuming this is SBS2003 and you are meaning the ISA firewall (included only in the premium package as is SQL) then it is industry standard and very powerful however still has the problem of residing on the server itself.  Having said that its still great.  Your router firewall should be considered as the first line defence - ISA as number two in-line.


|
Router
|
|NIC#2
Server
|NIC#1
|
Switch
|
Clients

Second question
As above you would need to use the dhcp server of SBS as your router is seperated from your internal clients.  Even if this wasn't the case the SBS DNS would still be a lot more powerful (additional options etc).

Once its working I don't think you will regret using SBS.

cheers
Andy
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11820264
Andy -

I have already setup SBS using the DHCP on the server. Also, I am currently using only the Firewall on my router. Is there a way to reconfigure SBS to use it's firewall, too, or would I have to reformat and start over (not an option at this point.)

If there is a way to reconfigure, if you could provide a little insite on how that would be done would be greatly appreciated.

Thanks.

Vee
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11820267
And yes, it's SBS 2003 premium.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 2

Expert Comment

by:AndyJG247
ID: 11822162
Hi,

No need to reformat.   Main question I would ask is are you using both of the network cards in the server?

By default you have RRAS as a 'kind of' firewall setup when you run the internet connection wizard through the SBS console.  If you have both network cards in use then you would need to install ISA from the premium cd (same as the SQL one) following the installation guide that auto boots with the cd.  When it is installed it asks you to run the internet wizard again and sets itself up automatically.

If you have only one network card in use then things get a bit more complicated as ISA will only work as a proxy rather than a firewall.  With this scenario you might find it easier to stay as you are.  Have you tried "http://www.grc.com/default.htm" - Mr Gibsons Shields Up utility will allow you to scan your ip address for holes for information purposes.

One word of caution of course - if you need any inbound access - like smtp mail or you are publishing your own website etc you would need to allow these in via ISA - however I am assuming you would have had to do this on your router anyway so you would already know of this.

http://www.smallbizserver.net - this is a fantastic resource by Mariette Knap & Marina Roos MVP's if it helps.

cheers
Andy
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11822838
I have two network cards in the machine. I am only using one of them currently. I will take a look and see how complicated it would be to setup the Firewall in SBS, too. Thanks for all the input. I greatly appreciate it.

Vee
0
 
LVL 1

Author Comment

by:VeeVan
ID: 11822850
PS: I already LOVE SBS. It's a great tool for those of us who are computer proficient, but network scared!!
V
0
 
LVL 2

Expert Comment

by:AndyJG247
ID: 11825002
No problems.  Hope it all goes well.

cheers
Andy
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question