• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 312
  • Last Modified:

What kind of firewall for a new Windows Server 2003 SBE

I am installing my first server in the guise of a Windows Server 2003 SBE machine from Dell.  The setup is for a Doctors office, so security is imporant, since the server will have patient files.  Most of my experience is with workstations, so I had a few questions:

1.  Would you suggest I get the Premium version of Server 2003 SBE that includes ISA or is there another 3rd party firewall software that would work equally as well (I had been looking at Symantec Client Security for a combined Anti-Virus/Firewall Solution).
2.  Do the various software firewalls (ISA, Symantec, Zone Alarm, etc) work on the actual server as well, or does the OS come with enough built in security to lock itself down.
3.  I am trying to figure out what kind of a hardware router/firewall to use.  Any suggestions.  I need something affordarle for about five machines.  Am I ok with one of the less expensive business Linksys or Netgear's or should I be looking into somehting with client liscenses (Syamtec box for example.)


Thanks,
0
dhollander
Asked:
dhollander
  • 2
1 Solution
 
lrmooreCommented:
Personal opinion - Microsoft took ISA out of SBS for a reason. It's simply not a good idea.
The best approach is a hardware appliance firewall - always.
Here's some help with low-end firewalls..


Good article on choosing the best firewall for you:
http://www.sans.org/rr/whitepapers/firewalls/951.php


Good solid product that does a lot. The Linksys QuickVPN client is cool.
Linksys RV082:
http://www.linksys.com/products/product.asp?prid=589&scid=29

Lots of awards in the press for being a multi-function product, but I don't like all my eggs in one basket and I've heard that they are a real bear to get configured and maintain
Fortinet:
http://www.fortinet.com/news/pr/2004/pr102504.html
http://www.fortinet.com/products/telesoho.html

Lots of good press and experts here at EE like these products:
SonicWall
http://www.sonicwall.com/

Adtran is fairly new in the arena, but the products are solid, and the support is good (if you can live without 24x7 support)
Adtran Netvanta
https://www.adtran.com/adtranpx/Rooms/DisplayPages/LayoutInitial?Product=com.webridge.entity.Entity%5BOID%5B27100B71B4B3E44D84DCAE487414CD69%5D%5D&Container=com.webridge.entity.Entity%5BOID%5B54C70AA0A26ED711A78500D0B72032D8%5D%5D&ProductCategory=com.webridge.entity.Entity%5BOID%5BCB5C5CB7C4419B4AA04F9CE1AEDD8CE7%5D%5D

Netscreen has been bought out by Juniper Networks. Our corporate Network guys use Netscreen and are looking for a replacement (NOT a Netscreen)
Netscreen, but I have clients that swear by them...
http://www.juniper.net/products/glance/nscn_5.html

Rock-solid product with good support:
Watchguard Firebox
http://www.watchguard.com/products/

PIX 501 - My favorite. Most reliable and versitile (IMHO)
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/ps2031/index.html

I would put this product way down in my list unless budget was all I could afford:
D-LINK w/DMZ port
http://www.dlink.com/products/?pid=66

All of Symantec's products are rock solid:
Symantec:
http://www.symantec.com/smallbiz/gtw/
0
 
dhollanderAuthor Commented:
If I were to go with the Linksys Linksys RV082, do you think I would also need to have a local software firewall installed on the machines as well?
0
 
lrmooreCommented:
I wouldn't say that you HAVE to have one, but it woudn't hurt. I know that Windows 2003 Server comes with basically the same firewall as XP SP2, but I'm not 100% sure that the SB edition has it, too. If so, I believe that would be all you need with any external firewall.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now