We help IT Professionals succeed at work.

What does the Cisco 501 exactly protect me from?

280 Views
Last Modified: 2010-04-09
Hi,

I am going to be running an Exchange 2003 server on at a remote location, hosted by a Server provider. The only thing this box will be doing is hosting the mail server and the Domain Controller (I know it's not suggested that the DC be on the same box as the Exchange Server but cost dictates that I do it this way)

The Provider has suggested that I get a firewall from them (Cisco 501). The cost is additional $150 a month from the provider  and I'm wondering if this is something I really need.
Some of the questions I have:

Does this prevent me from getting Mailbombed?
Does this stop Spam?

What would be the main reason for having this device attached to a Mail server?

Thanks very much,

Mike
Comment
Watch Question

MH IT Dept
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
The PIX 501 includes an integrated 4-port Fast Ethernet (10/100) switch and a Fast Ethernet (10/100) interface. Ideal for securing high-speed broadband environments, the Cisco PIX 501 delivers up to 60 Mbps of firewall throughput, 3 Mbps of Triple Data Encryption Standard (3DES) VPN throughput, and 4.5 Mbps of Advanced Encryption Standard-128 (AES) VPN throughput.

mhequipitMH IT Dept

Commented:
To answer your other question about why would you want this in front of the exchange server:

You should always use some sort of firewalling device, some people prefer software (Not me) and some hardware.  I would never stick a Microsoft or Unix/Linux email server or web server straight on a live IP.  Firewall, firewall, firewall!

Commented:
It seems a little high for cost of managing a firewall for just one server.  

How is this connected to your network for the use of exchange and being a DC?  The network config would dictate some of what you would need to protect it.


A side not for spam filtering, I have used spamstopshere.com and absolutely have loved the service.  Costs less than solutions to manage it locally and they do all the work.  It does well enough that my users generally tell me when they get spam.  It's that rare.

Author

Commented:
Thanks for all the quick responses.
To mhequipit:   You said you would never put a box on a live IP w/o a firewall. I still don't exactly understand why.
What am I being protected from?  What does a firewall device do well and what does it do poorly?



To Dpait: In answer to your question, This Server isn't connected to my network, it's at a Service provider.  The way we will be using it is primarily for OWA (Outlook Web Access). I may need to VPN into the box though. Otherwise I will be using Remote Desktop to manage it.

Thanks,

Mike
mhequipitMH IT Dept

Commented:
A firewall is going to allow you open only the ports you want and need open.  It will keep you safe from script kiddies, ddos, etc.

Commented:
A firewall will block all unwanted traffic from your server thus reducing the attack vectors all those unsavory people try to do to our systems.  If you just plug the server into the internet with a valid internet IP it's like inviting everyone in the world to be on the same local network that your server is on.

For this scenario you would only maybe want port 25 for smtp mail and port 443 open for owa.  Also a port for vpn access of some sort.   Anyways, the point being you only have the required ports open for the world to see.

A question for you would be why are you doing this with your own server?  It appears you may not have a significant amount of knowledge about securing your computer and network.  It could possibly be a better approach to just pay a service provider to handle all the back end of a OWA system for you.  Just a thought....

The Cisco may also be able to give you a secure VPN access to the server also.  You definitely do not want to leave RDP open on the internet to your server.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.