Link to home
Start Free TrialLog in
Avatar of VeeVan
VeeVan

asked on

SBS 2003 Firewall or External Firewall

I have a question.

I am a programmer who is a complete novice with regard to networks. I am installing SBS 2003 on a machine to bring my network out of the stone ages. (Also, need SQL.)

I have run into a question while performing the installation. The server has two network cards in it, and I am wondering whether I should run the Firewall incorporated into SBS, or use the one in my router/firewall. (SMC Networks broadband router/firewall.)

Which is the more secure way?

Also, if anyone knows the answer to this one: Is it better to let me router be the DHCP server or should I let SBS be the DHCP server?

Any advice would be greatly appreciated.

Thanks.
Vee
ASKER CERTIFIED SOLUTION
Avatar of AndyJG247
AndyJG247
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of VeeVan
VeeVan

ASKER

Andy -

I have already setup SBS using the DHCP on the server. Also, I am currently using only the Firewall on my router. Is there a way to reconfigure SBS to use it's firewall, too, or would I have to reformat and start over (not an option at this point.)

If there is a way to reconfigure, if you could provide a little insite on how that would be done would be greatly appreciated.

Thanks.

Vee
Avatar of VeeVan

ASKER

And yes, it's SBS 2003 premium.
Hi,

No need to reformat.   Main question I would ask is are you using both of the network cards in the server?

By default you have RRAS as a 'kind of' firewall setup when you run the internet connection wizard through the SBS console.  If you have both network cards in use then you would need to install ISA from the premium cd (same as the SQL one) following the installation guide that auto boots with the cd.  When it is installed it asks you to run the internet wizard again and sets itself up automatically.

If you have only one network card in use then things get a bit more complicated as ISA will only work as a proxy rather than a firewall.  With this scenario you might find it easier to stay as you are.  Have you tried "http://www.grc.com/default.htm" - Mr Gibsons Shields Up utility will allow you to scan your ip address for holes for information purposes.

One word of caution of course - if you need any inbound access - like smtp mail or you are publishing your own website etc you would need to allow these in via ISA - however I am assuming you would have had to do this on your router anyway so you would already know of this.

http://www.smallbizserver.net - this is a fantastic resource by Mariette Knap & Marina Roos MVP's if it helps.

cheers
Andy
Avatar of VeeVan

ASKER

I have two network cards in the machine. I am only using one of them currently. I will take a look and see how complicated it would be to setup the Firewall in SBS, too. Thanks for all the input. I greatly appreciate it.

Vee
Avatar of VeeVan

ASKER

PS: I already LOVE SBS. It's a great tool for those of us who are computer proficient, but network scared!!
V
No problems.  Hope it all goes well.

cheers
Andy