Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security considerations

Status
Not open for further replies.
dsdjnpfvf

dsdjnpfvf

IS-IT--Management
Aug 21, 2003
38
GB
Hi,

My company are soon to buy a new Windows 2003 server. I'd like to bring the e-mail system in-house, rather than using another ISP using Exchange. Problem is I've only got the budget for one server. It's only a small network (15 client machines). I've recently had an ADSL connection with 64 static IP addresses installed so that's not a problem.

More concern is this... If I've only got one multihomed server, which is my server for accounting software, file & print and domain control, it doesn't seem good practice for it to also host Microsoft Exchange. It will obviously be firewalled on it's public NIC, but it still seems a little risky to me. What would people recommend?

I've also got the problem of how to allow the client machines access to the internet in future aswell. At the moment it's just NAT. But that's another story. Just something I have to fit in securely aswell.

Many thanks,

Daniel Briley
 
Sort by date Sort by votes
A firewall is a MUST have. Even if your budget is small, you cannot really afford NOT to have a firewall. That said, many firewalls can be configured with an SMTP proxy service. That way, mail goes to the firewall's SMTP proxy which eliminates the need for any outside contact directly to your main/mail server.

Or also consider that an anti-virus SMTP gateway is also pretty much of an absolute necessity, particularly wiht Exchange. So again, the SMTP AV gateway talks to the outside world, not your main mail server.

R.Sobelman
 
Upvote 0 Downvote
So would you recommend I set up some sort of SMTP gateway using an older machine? I can set up a FreeBSD gateway or something. Thinking about it, I could actually use a FreeBSD box as a web server and an SMTP gateway, and that could be the only machine exposed to the internet (via a firewall of course)

Only trouble is this introduces another point of failure...

It annoys me that Microsoft advertise Windows 2003 Small Business Edition as an all-in-one solution, when to me it seems like such a security risk to have your file & print, accounts, etc on a server which also has an interface exposed to the net for remote access and mail services... (via a firewall of course, but still).


Is there any tips people can give me to try and develop a relatively secure system bearing in mind my limited budget?

Ideally I need to have DC/Active Directory services, File & Print and I'm looking into how to incorporate IIS (not so important) and Exchange securely.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

amanua
  • Locked
  • Question
Event ID 4776 Security Log
Replies
0
Views
270
amanua
amanua
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2012.
Replies
0
Views
217
Bigbadjoe
Bigbadjoe
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2008
Replies
1
Views
196
wtotten
wtotten
intel233
  • Locked
  • Question
Export Security Group Info
Replies
1
Views
364
intel233
intel233
bmacbmac
  • Locked
  • Question
How to open ports with firewall off - Recent security update may have closed necessary port
Replies
3
Views
255
smah
smah

Part and Inventory Search

Sponsor

Back
Top