Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows Server 2003Windows 2000Windows NTSmall Business ServerVirtual ServerExchange ServerIISHost Integration ServerISA ServerSMSWSUSMOMWindows Media ServerSecurityCertification
Related Topics
SQL ServerMS WindowsMS OfficePC HardwareMore Topics ...
Windows Server Forum / Small Business Server / SBS 2000 / January 2004

Tip: Looking for answers? Try searching our database.

Firewalls

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Sam Goddard - 30 Jan 2004 16:10 GMT
Hello all,

I'm trying to get to grips with Small Business Server in a practical way and
I've noticed that I don't have any firewall hardware.

Is there a particular router or firewall that I can use with SBS 2003?

Is it best to use a hardware or software firewall with SBS 2003?

How would you go about securing a small network (of 5-10 client computers
running off one server that is connected to the Internet)?

Thanks for any practical suggestions

Sam
Reply to this Message
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] - 30 Jan 2004 16:25 GMT
You do realize that SBS2k3 comes with a firewall?  But many of us add a
little natting router firewall on the outside.

> Hello all,
>
[quoted text clipped - 11 lines]
>
> Sam

Signature

http://www.sbslinks.com/really.htm

Reply to this Message
Sam Goddard - 30 Jan 2004 17:03 GMT
I do realise that it has its own software firewall, but I've been advised to
add a firewall on the outside. Can you tell me why this is done & how
beneficial it might be?

Thanks

Sam
> You do realize that SBS2k3 comes with a firewall?  But many of us add a
> little natting router firewall on the outside.
[quoted text clipped - 14 lines]
> >
> > Sam
Reply to this Message
SBS03 Rocks !!! - 30 Jan 2004 17:29 GMT
Sam,

Did that advise come with the understanding that a firewall must be managed
(updated regularly)?

For a small office a NAT router should be more than enough if you keep SBS
patched.

Try SUS and MBSA and Shavlik as patch enabling technologies.  Remember
patching includes those client PCs especially the traveling laptops.

SBS03 Rocks!!!

> I do realise that it has its own software firewall, but I've been advised to
> add a firewall on the outside. Can you tell me why this is done & how
[quoted text clipped - 23 lines]
> > >
> > > Sam
Reply to this Message
bielot@sbcglobal.net - 30 Jan 2004 19:57 GMT
Hi,

I generally recommend the installation of a hardware firewall. They are
purpose specific devices, and as such generally have less frequent
operating system (firmware/software) upgrades (i.e. read bugs) than a
general purpose OS like Windows or Linux does.

The choice of the firewall is dependant upon several factors. Basic
questions include, what is the speed of your Internet connection, do you
need a 3rd interface for what's referred to as a DMZ or the capability to
connect to a filtering server (virus/spam)? Plus, if you have to take the
server down for some reason, do you want that to interrupt all of your
Internet access, assuming it's the firewall also?

If it's a T1 (1.5mb/s) or less and you only need 2 interfaces (Internet and
LAN), you can, as Susan said in her reply, probably get by with a SOHO
(Small Office Home Office) type router/firewall. They provide basic
firewall protection by providing a NAT'd (Network Address Translation)
connection to the Internet. For instance, your Internal network would use
the private network address range of 192.168.0.1 - 192.168.0.254, and you'd
only use a single Internet accessable IP address (a static address assigned
by your provider). The router/firewall would use this address on it's
Internet facing interface. Then in the router configuration, you'd specify
the ports that you needed to forward to your server (i.e. 80 for www trafic
if you host a web site, 21 for ftp traffic if you host a ftp site, etc.).
These are fairly inexpensive (<$200), although they are limited in
functionality.

The next step up, you're going to be looking at more of a small business
type firewall, and those probably start at around $500, with a yearly
software maint. fee on top of that.

In both cases, there are several vendors to choose from. In the SOHO space,
you'd find companies like Linksys, Netgear and D-Link just to name a couple
and in the small business space, Cisco, Watchguard, Checkpoint. These are
just a few, there are many others.

John

> Hello all,
>
[quoted text clipped - 11 lines]
>
> Sam
Reply to this Message
Pie Man - 31 Jan 2004 22:16 GMT
I use a FortiGate 50 firewall www.fortinet.com for more details, with a sbs 4.5 server (soon to upgrade to sbs 2003 hence why i am here) it is has a lot of features for the money including virus scanning, attachment blocking and website blocking. It works well, has an auto update feature that works (push rather than pull) and would cost around £400 for a 10 user model. Like all firewalls it needs some setting up, but with a bit of thought and reading it can add another layer of security to your network for a pretty reasnable cost ( virus and software upgrades are 10% of purchase price /anum)
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.