SBS2003 ISA Security vs Hardware Firewall


I have inheirited the IT responsibilities for a small medical office.  The previous support rep installed an SBS 2003 Domain, and configured the ISA Security Firewall rather than purchase a hardware firewall solution.

I will preface this by saying that I have worked with SBS2003 before, but I have very little practical experience with the ISA firewall bundled with SBS.

That being said, is this a solution that you would leave stand?  Honestly, it scares me a little to know that the server (which houses medical data) has a direct connection to the internet, no matter what the firewall capabilities of ISA are.  Are my fears unfounded?

I have priced a number of entry-level firewalls (SonicWALL and Cisco come in around the $500 range), so price to implement shouldn't be any object.  I am, however, unaware of any pitfalls in reconfiguring SBS to remove the ISA firewall and implement a traditional one-nic approach.  Does anyone have any thoughts on this matter?

Thanks for your time.

Who is Participating?
ConchCrawlConnect With a Mentor Commented:
Yeah if your going to do that I would get the sonicwall - like the tz210 we use it with a lot of SBS OS's, great product.
You may not be able to implement this, but if it were me I would install SBS 2008 standard and be done with it.
I have never uninstalled ISA from SBS but I believe it can be done, it's been a while since I've used ISA. Like you I've opted over the past number years for hardware firewall. I think the last time I used ISA was back in 2000 :-).
Here is a link 
meelnahAuthor Commented:
That's a great article... thanks.

I am still struggling with whether my fears are unfounded or not (regarding using ISA).  I guess it comes down to 'what you are familiar with' for the most part, and I am certainly more comfortable with the router - firewall - server type of setup.

Thanks for your help!

That sounds like a good answer, In the end I always prefer a hardware solution when possible vs software.
All Courses

From novice to tech pro — start learning today.