Announcement

Collapse
No announcement yet.

Should I buy a firewall?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Should I buy a firewall?

    Hi Forum members, I am a newbie as such...

    I have just setup our company with a SBS2003 where we are 10 clients connected.

    I have to network cards and the server act's as a router.
    since the server is acting as a router between the WAN and LAN I could imagine that I will need a firewall in front of the server before it connects to the internet.

    If I am right, what firewall would you then recomend?

    We use VPN, FTP, Exchange, OWA

    Best regards,
    Kristoffer
    Last edited by kmf_fab; 14th March 2009, 15:27. Reason: The title was not good enough

  • #2
    Re: Should I buy a firewall?

    I would purchase a firewall to front-end the SBS server. The thought of having any Microsoft based server directly connected to internet.... would make me lose some sleep. At least search for "hardening" procedures for the SBS server and implement them.

    Based on your budget, there are many good firewalls available (netgear, linksys, cisco pix, etc...). All of which should meet your requirements.

    Comment


    • #3
      Re: Should I buy a firewall?

      Originally posted by scowles View Post
      I would purchase a firewall to front-end the SBS server. The thought of having any Microsoft based server directly connected to internet.... would make me lose some sleep. At least search for "hardening" procedures for the SBS server and implement them.

      Based on your budget, there are many good firewalls available (netgear, linksys, cisco pix, etc...). All of which should meet your requirements.
      SonicWall also worth considering.

      Comment


      • #4
        Re: Should I buy a firewall for our new SBS2003?

        Originally posted by kmf_fab View Post
        I have just setup our company with a SBS2003 where we are 10 clients connected.
        Do you have Standard or Premium Edition? If you have premium edition, then SBS comes with ISA Server which is a firewall. Use either ISA or a hardware appliance as your firewall but not both. Doubling up with a hardware firewall if you already have ISA would just cause needless confusion and possible errors.
        Last edited by Nonapeptide; 14th March 2009, 19:08. Reason: clarification
        Wesley David
        LinkedIn | Careers 2.0
        -------------------------------
        Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
        Vendor Neutral Certifications: CWNA
        Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
        Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

        Comment


        • #5
          Re: Should I buy a firewall?

          Originally posted by scowles View Post
          I would purchase a firewall to front-end the SBS server. The thought of having any Microsoft based server directly connected to internet.... would make me lose some sleep.
          Well this is not completely true. ISA server (which runs on Microsoft) is fantastic firewall, thorough inspection, inbound SSL inspection when using bridged configuration (try that with Pix/ASA) and no vulnerability so far.
          Also there isn't any documented hack on a ISA server

          Also check this out:
          http://blogs.technet.com/isablog/arc...ndows-box.aspx

          Like Nonapeptide stated SBS premium comes with ISA server.
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: Should I buy a firewall?

            Hi All, thanks for your answers,

            We got a standard server so ISA is not included as it is in premium.
            What I will do is to invistigate what the cost would be to upgrade from standard to premium (if it is possible at all, I have a feeling that it is not possible...)

            If that does not work, then I will go with a hardware solution from Cisco, does anyone of you know how much knowledge will be needed as such with a ASA 5505, we will be using outlook web access, ftp and VPN, nothing else.

            Best regards,
            Kristoffer

            Comment


            • #7
              Re: Should I buy a firewall?

              Having just had to deal with a ASA 5505, I can say that the Cisco ASDM tool (GUI interface for configuring many 5505 options) is a bit flaky and may give you some fits. If you ever have to drop into the CLI (which you may not have to if your needs are simple) you'll need to know the Cisco IOS like you would for any other Cisco device. I don't have experience with the Cisco VPN client so can't vouch for it's reliability or performance. IMO, It's not a device for the faint of heart. A SonicWall might be a bit easier to deal with.
              Wesley David
              LinkedIn | Careers 2.0
              -------------------------------
              Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
              Vendor Neutral Certifications: CWNA
              Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
              Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

              Comment


              • #8
                Re: Should I buy a firewall?

                Thanks for the reply, do you have any SonicWALL model you can recomend?

                Best regards,
                Kristoffer

                Comment


                • #9
                  Re: Should I buy a firewall?

                  I've only worked in an environment with larger models, but I think the TZ series is their SMB line that would best fit your needs. Their website is vast and a little hard to navigate, but here's the link to the TZ model comparison chart.
                  Wesley David
                  LinkedIn | Careers 2.0
                  -------------------------------
                  Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                  Vendor Neutral Certifications: CWNA
                  Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                  Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                  Comment


                  • #10
                    Re: Should I buy a firewall?

                    Thanks I went for the TZ190 model

                    Best regards,
                    Kristoffer

                    Comment


                    • #11
                      Re: Should I buy a firewall?

                      Good choice. When you get it, make sure the SonicWall enhance firmware is instaled. If not, when you register the product on their website, that you need to do to activate the firewall, there will be a section that will allow you to download it.

                      Comment


                      • #12
                        Re: Should I buy a firewall?

                        Great, thanks for the heads up on that!

                        Comment


                        • #13
                          Re: Should I buy a firewall?

                          Originally posted by kmf_fab View Post
                          Thanks I went for the TZ190 model

                          Best regards,
                          Kristoffer
                          Now I'll feel responsible if it doesn't work for you.
                          Wesley David
                          LinkedIn | Careers 2.0
                          -------------------------------
                          Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                          Vendor Neutral Certifications: CWNA
                          Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                          Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                          Comment


                          • #14
                            Re: Should I buy a firewall?


                            Also, just for anyone else reading, we have a Cisco firewall forum for queries relating to that (it isn't that hard I promise!)
                            ISA is a fantastic firewall too.
                            cheers
                            Andy

                            Please read this before you post:


                            Quis custodiet ipsos custodes?

                            Comment


                            • #15
                              Re: Should I buy a firewall?

                              Hi Forum members, today I received the TZ 190 firewall from SonicWALL, looks like a nice product I must say.

                              I have one question, in the TCP/IP protocol on the server network coard which will connect to the internet I used to have the ip address, subnet, gateway provided by our internet provider, should I now obtain this ip address automatically?

                              From reading I can see that the firewall can act as a DHCP server, however I do not think I should enable this as the server has 2 network cards, any hints on how this should be setup I would appriciate.

                              Best regards,
                              Kristoffer

                              Comment

                              Working...
                              X