Solved

Linux Firewall for Microsoft Exchange Server

Posted on 2006-07-07
2
240 Views
Last Modified: 2006-11-18
Right now I have been asked to add a firewall to our network for our exchange server. We are running Exchange server on a stand alone server that also acts as a secondary dns server for our network. Is there a distro anyone would reccomend? Or is there any applications or services we should use in paticular?

Also what potential complications would there be running a firewall in front of our exchange server/secondary dns server?

Would it be much easier just to run a isa server instead?

Thanks for your help as allways!

-Brian
0
Comment
Question by:Calv1n
2 Comments
 
LVL 17

Accepted Solution

by:
BudDurland earned 500 total points
ID: 17063113
If the only functionality you need is firewall, there are several Linux based solutions.  The one I like best (mostly because I'm NOT very familiar with Linux) is SmoothWall Express (www.smoothwall.org). It's free, runs on just about anything pentium based, and installes from a single CD.  It's kid of an appliance.  This is not a linux distro for doing general computing.  it only does firewalling.  It's very easy to configure, and opening ports so that your Exchange box can continue to be a secondary DNS visible to the internet is easily accomplished.

They also have a commercial version that offers more advanced features -- content filtering, access control, VPN, multiple 'red' addresses, etc.
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17065422
I ran a Linux firewall infront of an Exchange server for two years. It was fine. Exchange doesn't need many ports open - just 25 (smtp) and 443 (https). I only ditched it because I wanted a PIX and its VPN solution.

I used floppyfw for mine. An old 486 with two NICs, no hard disk or CD-ROM drive.

The choice of firewall is down to what you have experience in.

ISA is a complex beast with a learning curve. It is more than just a firewall, it is also a proxy server and will inspect the packets.

If you have confidence in using a Linux solution, then go ahead and use that.
If you want something where you can get a support contract, then look at something like a PIX, Netscreen etc.
Either of those two solutions will be much cheaper than an ISA and will give you a dedicated box.

Simon.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now