RE: FYI: ISA on SBS

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 13 Jul 2003 09:55:12 -0500

Hi Amy,
 
Good thoughts here, Amy!
 
I'm thinking of the SBS group that got SBS because its a good deal, not the 
group who's barely holding on and can't spend a nickle for better functionality 
or protection. There are a lot of small businesses running SBS that aren't on 
the edge of bankruptcy and have travelling representatives and home workers. 
These businesses save money by hosting their own mail services, Web sites, etc. 
These are the classic entreprenurial types who like to have control and do 
things themselves when they can (with a little help for a consultant). They'll 
pay three grand for an ISA Server appliance or a second server that allows a 
second server with Win2003 and ISA 2000. It's a write off and the cost 
amoritized over three years is nominal.
 
The SonicWall box isn't a good solution for these folks, because they got SBS 
for mainly for the Exchange 2000 services. The SonicWall doesn't do secure 
Exchange RPC Publishing, doesn't provide SSL bridging, requires a kludgy 
proprietary non-RFC IPSec NAT-T client, doesn't protect Web sites at the edge, 
and doesn't have any pre-authentication modules. 
 
If any business needs to pony up the slightly extra cost for security, its the 
small biz. They don't have the slack to handle intrusions and data destruction 
and theft. So to put sonicwall or "joe blow's cool firebox neé NAT router" on 
the edge of their networks isn't the best thing.
 
Of course, I've run into those same kind of businesses that you're talking 
about. They're risk takers, cheapskates, or on the edge going out of business. 
For those, I'd get them a 50-150 buck SOHO NAT thing, tell them the risks, and 
cross my fingers that they're small enough that security through obscurity will 
save them :-) No reason to spend several hundred bucks on a sonicwall. 
 
Then there are those businsses that have no need to remote access. I don't see 
many of those anymore, since most people want to access Exchange from home. In 
that case, ISA Server is the firewall of choice for them, whether they access 
it using OWA or the "big Outlook" clinent (2000/2003)
 
Tom
 
 
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>  
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> 

 

        -----Original Message-----
        From: Amy Babinchak [mailto:Amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
        Sent: Sunday, July 13, 2003 9:30 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: FYI: ISA on SBS
        
        
        http://www.ISAserver.org
        
        

        Tom,

         

        The SBS market is for the most part very cost conservative and 
reluctant to purchase a second server or appliance to do anything. That's not 
to say that I don't have clients that use SBS in conjunction with Citrix, NAS, 
or other specialty servers, I do, but the majority of my SBS clients are 
businesses that had to be convinced to get a server in the first place, so 
selling them on the idea of a second server would be very nearly impossible. 
The question really isn't whether or not ISA could be better on a separate box 
but whether as integrated is it good enough for what the majority of SBS users 
need it to be? For my clients I think so. They don't host websites or SMTP 
email; they don't use VPN or FTP. Pretty much for them the SBS server is there 
to provide more robust internal email, a central backup and connect everyone to 
a common high-ish speed internet. Most also use the fax server feature. For 
these clients I just can't see myself convincing them that they need to 
purchase SBS without ISA and also purchase ISA separately or as an ISA 
appliance (when such a thing exists). It would be a lot of money for a level of 
protection that they would not be taking advantage of. I'll instead be looking 
at comparing the price of SBS without ISA + a firewall appliance, such as 
Sonicwall vs. SBS with ISA built-in. The other factor will be management hassle 
for me and the additional cost to the client to have me manage a separate ISA 
or Firewall appliance vs ISA integrated within SBS. This is a cost-benefit over 
reality equation.

         

        Amy Babinchak

        Technology Consultant

        Harbor Computer Services

         

         

        -----Original Message-----
        From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
        Sent: Sunday, July 13, 2003 9:52 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] FYI: ISA on SBS

         

        http://www.ISAserver.org
        
        
        

        Interesting article on ISA on SBS:

        http://www.w2knews.com/index.cfm?id=434

        HTH,

        Tom

        Thomas W Shinder

        www.isaserver.org/shinder 

        ISA Server and Beyond: http://tinyurl.com/1jq1

        Configuring ISA Server: http://tinyurl.com/1llp

• » FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS
• » RE: FYI: ISA on SBS

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page
• » View list details
• » Manage your subscription