SBS2003 ISA Security vs Hardware Firewall

Hello,

I have inheirited the IT responsibilities for a small medical office.  The previous support rep installed an SBS 2003 Domain, and configured the ISA Security Firewall rather than purchase a hardware firewall solution.

I will preface this by saying that I have worked with SBS2003 before, but I have very little practical experience with the ISA firewall bundled with SBS.

That being said, is this a solution that you would leave stand?  Honestly, it scares me a little to know that the server (which houses medical data) has a direct connection to the internet, no matter what the firewall capabilities of ISA are.  Are my fears unfounded?

I have priced a number of entry-level firewalls (SonicWALL and Cisco come in around the $500 range), so price to implement shouldn't be any object.  I am, however, unaware of any pitfalls in reconfiguring SBS to remove the ISA firewall and implement a traditional one-nic approach.  Does anyone have any thoughts on this matter?


Thanks for your time.


Scott
LVL 1
meelnahAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ConchCrawlCommented:
Yeah if your going to do that I would get the sonicwall - like the tz210 we use it with a lot of SBS OS's, great product.
You may not be able to implement this, but if it were me I would install SBS 2008 standard and be done with it.
I have never uninstalled ISA from SBS but I believe it can be done, it's been a while since I've used ISA. Like you I've opted over the past number years for hardware firewall. I think the last time I used ISA was back in 2000 :-).
Here is a link
http://msmvps.com/blogs/kwsupport/archive/2008/09/07/uninstalling-isa-2004.aspx 
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
meelnahAuthor Commented:
That's a great article... thanks.

I am still struggling with whether my fears are unfounded or not (regarding using ISA).  I guess it comes down to 'what you are familiar with' for the most part, and I am certainly more comfortable with the router - firewall - server type of setup.

Thanks for your help!

Scott
0
ConchCrawlCommented:
That sounds like a good answer, In the end I always prefer a hardware solution when possible vs software.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.