Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firewall Recommendations

Status
Not open for further replies.
digitsdad

digitsdad

Programmer
Mar 22, 2002
6
US
Hello,
I have been asked to set up Exchange 2000 for our small network,(Win2k server, less than 50 clients). We have a DSL connection to the Internet. Could anyone give a suggestion regarding a good choice for a firewall? Keep in mind my boss is quite cheap!
thank you,
Paul
 
Sort by date Sort by votes
You could look at a Cisco PIX 501, they are under 500ish..

BuckWeet
 
Upvote 0 Downvote
I like the pix, we use the 515 for all our firewalls.

One thing, the pix by default uses fixup protocol for port 25. I recommend you disable this as Exchange uses esmtp instead of regular smtp by default. The fixup protocol will filter the protocol extensions.
 
Upvote 0 Downvote
Buckweet, Tom, Xmsre,
thank you all for the tips, I appreciate it.
Paul
 
Upvote 0 Downvote
I use the Pix 501 for a couple of my customers also but be careful because the basic 501 only allows 10 users licenses. If you have over 10 users and are using this firewall for all other traffic then you should get the Pix 501 with 50 user licence. I have a Pix 501 to upgrade to 50 users tomorrow morning. I hope everything goes well... The 501 is a great little firewall for very small businesses.
 
Upvote 0 Downvote
My upgrade went smoothly. I forgot to mention, most DSL ISP providers do not allow mail to be forward to customer's mail servers. Bell in Montreal/Ottawa don't allow this on their PPPoE service. In order to run a mail server, you must take the business plan ADSL with fixed IPs. This is going to be my next challenge. The fixed IP option is about 5 times more expensive but you do get better service. Unless you configure your Exch Server to retrieve the emails through POP3...
 
Upvote 0 Downvote
I wouldn't disable the fixup protocol 25 unless you are trying to exchange servers in your organization through a PIX firewall. Yes, Microsoft added some extansions to SMTP to allow the servers to communicate via SMTP instead of RFC (or RPC or something like that). Put there is no reason why another companies SMTP server should talk with your server using these. The mailguard feature ensures that other organizations adhere to the SMTP standard and limits hackers on the commands they can send your Exchange Server. In todays world, I would take the little bit of protection I can get. I can imagine it will only be a matter of time before someone uses one of these extensions to exploit an Exchange 2000 Server.


It is what it is!!
__________________________________
A+, Net+, I-Net+, Certified Web Master, MCP, MCSA, MCSE, CCNA, CCDA, and few others (I got bored one day)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Cstorms
  • Locked
  • Question
Header Firewall on default send connector
Replies
0
Views
124
Cstorms
Cstorms
sxmont
  • Locked
  • Question
Hardware Recommendations for Exchange 2010
Replies
4
Views
143
Zelandakh
Zelandakh
mlc9
  • Locked
  • Question
Exchange & Outbound Firewall rules
Replies
5
Views
254
rjs
rjs
zeethree
  • Locked
  • Question
Help with Exchange 2010 and Windows Firewall Set to Defaults
Replies
1
Views
84
58sniper
58sniper
mlchris2
  • Locked
  • Question
Server using 92% of Phys RAM out of 6GB... recommendations?
Replies
7
Views
186
baddos
baddos

Part and Inventory Search

Sponsor

Back
Top