Firewall on Server SBS 2003 Standard

Greetings all,
I am having an ongoing discussion/argument with many IT pros in this field. As of now, we are running SBS 2003 SP1 with Exchange Server 2003 SP1 on one single server machine hooked to a standard Dynamode 10/100/1000 fast ethernet switch. In addition, we have a 3com Office Connect ADSL router with 11g wireless (3CRWE754G72-A/B) plugged into one of the switch ports. This ADSL unit has a built in hardware driven (I think) firewall which is activated along with the port filter. The Server has Symantec Corporate 9.0 installed along with managed work stations (25 all total). All work stations have Win XP SP2 installed and users are all limited to the lowest level ("user"). NOBODY has access to outside e-mail and the SMTP port on the server has been altered so NO outgoing mail can be sent via the server. ALl of the workstations have the SP2 firewall activated and all users are unable to change this. Inside the Internet Explorer browser v6, the security, privacy and cookie settings are set one step above the default.
Whew.....
After saying all of that, is it absolutely necessary to add a firewall box?
Fortigate?
Checkpoint S-Box?
...if at all?

Appreciate all the help I can get,
DR
tagltdAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SPUHCommented:
Hello,
    Seems that 3CRWE754G72-A/B has a built in firewall and how I understand this unit is between Your LAN and WAN. So You don't need any extra firewall.
ccomleyCommented:
Does the Office Connect not have a firewall built in? I@m not familiar with the model but I had heard that 3Com included SonicWall firewall product in some of their routers.

I would go with that - and doing that, would NOT put any third-party firewall product on the SBS2003 server. Too much risk of upsetting the regular SBS systems.

In fact if the 3Com does NOT include a firewall, I woudl put in a Sonicwall or a Zyxwall firewall between the 3COm and your LAN and *stilll* wouldn't put "firewall" software on the server.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SPUHCommented:
by the way but searching the specifications, they say that this 3com router has firewall
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

tagltdAuthor Commented:
SPUH, ccomley - Greetings,
Thanx for the heads-up reply. I talked with my 3com reseller and to tell you the truth he said no more or less then what you guys said AND what I already knew. Apparently, there is a pseudi-hardware driven firewall with many config sets such as MAC address listing, Specific Apps or Ports blockers etc.
I guess its kinda of a Coke Lite (Diet Coke) but not the "real deal".
Thanks anyway for the data
DR
ccomleyCommented:
Well lots of routers have "built-in" firewalls, some of the really cheap ones just have NAT and claim it's a firewall (which, to be fair, it is *only* as far as blocking unwanted inbound traffic, if you don't set up a NAT mapping) and others have more powerful offerings. The firewall in a Zyxel Prestige DSL router, for example,  is excellent. Not sure what's in the 3Com product you have, but it's stilll a good place to look. :)

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.