로그인
 
라이브러리학습다운로드지원커뮤니티포럼
Resources for IT Professionals >
Firewall for sbs

Answered Firewall for sbs

  • 2010년 9월 8일 수요일 오후 3:13
     
     
    로그인하여 투표
    0

    Hi,

    I don't quite see the logic of SBS2008 not being bundled with a proper firewall, only Forefront for exchange. Currently using sbs2003 with ISA and about to migrate to sbs2008 and I was originally going to use forefront but I don't have enough ram yet as it requires a boatload!

    ISA has been pretty good for the years we have used it but I dont want to stick with old tech when I'm upgrading anything else.

    I've bled the coffers dry for a while getting the new server and ram so I don't have ££££ to buy a cisco or sonicwall dedicated device. Might be able to stretch to a secondhand pix 501 or something similar. Might be able to pinch my bosses Netgear FVG318 if it comes to it.

    Anyone have any suggestions - all gratefully received :-)

     

모든 응답

  • 2010년 9월 8일 수요일 오후 3:35
     
     
    로그인하여 투표
    0

    Since you don't have the money for a good hardware firewall you can consider free Untangle open source software on an older P4 type box.

    <SDSltd> wrote in message news:8ea5ed67-dc96-4d60-b3f6-ea48130b7040@communitybridge.codeplex.com...

    Hi,

    I don't quite see the logic of SBS2008 not being bundled with a proper firewall, only Forefront for exchange. Currently using sbs2003 with ISA and about to migrate to sbs2008 and I was originally going to use forefront but I don't have enough ram yet as it requires a boatload!

    ISA has been pretty good for the years we have used it but I dont want to stick with old tech when I'm upgrading anything else.

    I've bled the coffers dry for a while getting the new server and ram so I don't have ££££ to buy a cisco or sonicwall dedicated device. Might be able to stretch to a secondhand pix 501 or something similar. Might be able to pinch my bosses Netgear FVG318 if it comes to it.

    Anyone have any suggestions - all gratefully received :-)

     
  • 2010년 9월 8일 수요일 오후 3:59
     
     
    로그인하여 투표
    0

    How does that stack up against isa 2006? I still have the option to use isa -  it just feels a bit old hat now with forefront out. How much ram does forefront actually use?

    http://technet.microsoft.com/en-us/library/ff382651.aspx  - seems to suggest only 2gb in proxy mode? I have 3gb 'spare'.

     

     

     
  • 2010년 9월 8일 수요일 오후 6:18
     
     
    로그인하여 투표
    0

    I can't answer about Forefront. ISA 2006 would certainly work, but of course on a separate box than the SBS 2008.

    Steve

    <SDSltd> wrote in message news:03050a22-1090-4b2d-9e27-7fdb400bc16a@communitybridge.codeplex.com...

    How does that stack up against isa 2006? I still have the option to use isa - it just feels a bit old hat now with forefront out. How much ram does forefront actually use?

    http://technet.microsoft.com/en-us/library/ff382651.aspx - seems to suggest only 2gb in proxy mode? I have 3gb 'spare'.



     
  • 2010년 9월 9일 목요일 오전 4:04
     
     답변됨
    로그인하여 투표
    0

    and whether you use ISA, a *nix based device, a PIX, or a similar device, you lose SBS integration.

    To me, the problem with FF is not so much about its RAM requirements but the simple fact it demands Server08 x64. Yeah OK, my workstation (Dell E520) is getting a bit long in the tooth and would make a reasonable FF box, should I get a new one, and an even better idea would be real server hardware... oh the can of worms we could open...

    Neither I nor my clients need the level of control offered by the more expensive alternatives. I also believe the security picture has changed from a few years ago. I'm running SBS08 behind simple NAT routers and not yet experiencing problems.

    <Compukirk> wrote in message news:373813b2-33c8-44bf-82c0-afce205de0ef@communitybridge.codeplex.com...

    I can't answer about Forefront. ISA 2006 would certainly work, but of course on a separate box than the SBS 2008.

    Steve

    <SDSltd> wrote in message news:03050a22-1090-4b2d-9e27-7fdb400bc16a@communitybridge.codeplex.com...

    How does that stack up against isa 2006? I still have the option to use isa - it just feels a bit old hat now with forefront out. How much ram does forefront actually use?

    http://technet.microsoft.com/en-us/library/ff382651.aspx - seems to suggest only 2gb in proxy mode? I have 3gb 'spare'.





    • 답변으로 표시됨 Miles LiModerator 2010년 9월 24일 금요일 오전 7:44
    •  
     
  • 2010년 9월 9일 목요일 오전 9:48
     
     
    로그인하여 투표
    0

    Thanks for the replies. We also don't need everything that a relatively expensive standalone firewall has to offer and whilst the old server that i'm dropping could be used as a standalone, my boss is something of an eco warrior and hates leaving things on - I had to talk him out of turning off the server everyday when we left!

    I have 8gb ram but I am going to be running SBS2008 as a virtual machine. I do have full server 2008 so I can set-up another instance of server 2008 (1gb) and then use that for forefront (2gb) if the ram for proxy mode is correct thereby using all my spare 3gb.

     

     

     
  • 2010년 9월 9일 목요일 오후 7:14
     
     답변됨
    로그인하여 투표
    0

    Just to clarify that Forefront for Exchange is not a firewall, it's AV/antimalware/antispam for Exchange Server.  The successor to ISA 2006 is Forefront Threat Management Gateway. 

    If cost is an issue and you have hardware available, ISA 2006 seems like it would be a good solution until your budget allows for something different.  It's still supported for a while yet:  http://support.microsoft.com/lifecycle/?p1=11928

    Dave Nickason - SBS MVP
     
  • 2010년 9월 13일 월요일 오전 4:26
     
     
    로그인하여 투표
    0

    8GB is a (realistic) minimum for SBS itself. Virtualising in 8GB, particularly with TMG as another guest, is not recommended.