[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Linux Firewall for Microsoft Exchange Server

Posted on 2006-07-07
2
Medium Priority
?
260 Views
Last Modified: 2006-11-18
Right now I have been asked to add a firewall to our network for our exchange server. We are running Exchange server on a stand alone server that also acts as a secondary dns server for our network. Is there a distro anyone would reccomend? Or is there any applications or services we should use in paticular?

Also what potential complications would there be running a firewall in front of our exchange server/secondary dns server?

Would it be much easier just to run a isa server instead?

Thanks for your help as allways!

-Brian
0
Comment
Question by:Calv1n
2 Comments
 
LVL 17

Accepted Solution

by:
BudDurland earned 2000 total points
ID: 17063113
If the only functionality you need is firewall, there are several Linux based solutions.  The one I like best (mostly because I'm NOT very familiar with Linux) is SmoothWall Express (www.smoothwall.org). It's free, runs on just about anything pentium based, and installes from a single CD.  It's kid of an appliance.  This is not a linux distro for doing general computing.  it only does firewalling.  It's very easy to configure, and opening ports so that your Exchange box can continue to be a secondary DNS visible to the internet is easily accomplished.

They also have a commercial version that offers more advanced features -- content filtering, access control, VPN, multiple 'red' addresses, etc.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17065422
I ran a Linux firewall infront of an Exchange server for two years. It was fine. Exchange doesn't need many ports open - just 25 (smtp) and 443 (https). I only ditched it because I wanted a PIX and its VPN solution.

I used floppyfw for mine. An old 486 with two NICs, no hard disk or CD-ROM drive.

The choice of firewall is down to what you have experience in.

ISA is a complex beast with a learning curve. It is more than just a firewall, it is also a proxy server and will inspect the packets.

If you have confidence in using a Linux solution, then go ahead and use that.
If you want something where you can get a support contract, then look at something like a PIX, Netscreen etc.
Either of those two solutions will be much cheaper than an ISA and will give you a dedicated box.

Simon.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This video tutorial shows you the steps to go through to set up what I believe to be the best email app on the android platform to read Exchange mail.  Get the app on your phone: The first step is to make sure you have the Samsung Email app on your …
Suggested Courses

608 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question