Windows 2003 server

Discussion in 'other firewalls' started by joter, Jan 8, 2005.

Thread Status:
Not open for further replies.
  1. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    1. What do you think about the security on a 2003 server with only packet filtering firewall, like 8signs, installed and coexisting with someting like ProcessGuard.

    2. Is there a better security solution for an application server that is also a small network DHCP server?
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi joter

    ... and welcome to Wilders :)

    That would be a good combination if actual application specific rules are not a concern for you.

    You will have to assess the security needs for your entire network as well as the server. Any hardware in place? Is that all the server is actually being used for?

    Regards,

    CrazyM
     
  3. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    CrazyM, Thanks for your reply.

    Yes. The server running Windows 2003 is just an application (Lotus Domino) server but also would like to be a DHCP server to some workstations, connecting to Internet by a broadband DSL connection.

    My main need is securing the most the server.

    There is no hardware firewall.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi joter

    A little more info on the network setup would help. Is this a home or business network?
    How is the network currently connecting to the Internet? Is this server also your gateway to the Internet?
    You may need to consider an appropriate hardware solution to protect the network as well.

    Regards,

    CrazyM
     
  5. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    Hi CrazyM

    It is a business network and the server, having 2 network interface cards, is also the only gateway to the Internet.

    Thanks,
    Joter
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    8Signs Firewall Server Version would be a viable software solution.
    However, I think you should also consider a hardware solution for a business network. A business class router/firewall would provide a secure gateway that is independent of any systems on the network.

    Regards,

    CrazyM
     
  7. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    A lot of you security level depends on the configuration of your server. Windows 2003 Server track record is very good, unless you let it slip. Default settings are quite secure, just remember to not activate any process until you really need it.

    And, since it is connected to the internet: access control, both logically and physically is very important. And please, never ever log in as administrator and have domino run as a low privilege account.
     
  8. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    Thanks a lot for your answers.

    I think I'll give 8signs firewall a try but I would like also to test Outpost firewall on a testing virtual-server cause it is more familiar to me. I have Outpost installed on my xp workstation and I like it a lot.

    Any thoughts about the second solution?

    Thanks
    joter
     
  9. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    I like Outpost, a lot, but I don't know if it's viable as a server firewall. It will protect the server, but you'll have to address all client pc's too, because you do allow incoming traffic. Protecting a system is not the same as protecting a network.
    I don't know if OP can handle the traffic. You'll have to test that yourself.
     
  10. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Agreed - Outpost can run on a server but extra configuration will be necessary (e.g. you may find features that generate frequent popups like Component Control impractical and remote administration rules will need to be created). Traffic can certainly be an issue but the CPU Utilisation FAQ at the Outpost forum can offer some help there.

    Also using Outpost with software like VirtualPC can raise another set of problems (try a search at the Outpost forums for more details).
     
Loading...
Thread Status:
Not open for further replies.