Those had to have been "special cases". The standard SBS EULA very clearly makes the point of never splitting up the components; they're licensed together or not at all. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Steve Moffat" <steve@xxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Wednesday, April 02, 2003 10:07 Subject: [isalist] RE: RES: Off topic: SBS Liscensing http://www.ISAserver.org Hi guys Just to tag along at the end of this little thread, 2 of my clients when I was back in the UK actually had it in writing from MS UK that the component parts of SBS could be split between Servers, as long as there was a separate w2k server licence purchased for each machine. This was current as of last year around JAnuary. Steve ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, April 02, 2003 1:13 PM To: Isa List http://www.ISAserver.org Hi Amy, It is blasphemy, but not enough to get you off the list ;-) A back to back firewall configuration is great, and its better than putting a fulled SBS'ed server on the edge. But you still end up in the same place were you started: a server in the early stage of compromise :-) However, its better than no protection at all. But, like almost all things in life, you get what you pay for. Thanks! Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 <http://tinyurl.com/1jq1> Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, April 02, 2003 8:25 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: RES: Off topic: SBS Liscensing http://www.ISAserver.org http://www.ISAserver.org Maybe this is blasphemy but what about using a nice little Sonicwall firewall on the perimeter? It's not as configurable or full featured but it would add the additional layer you are looking for and it would be a lot less expensive. (please don't throw me off this list, I'm learning a lot here) Amy -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Wednesday, April 02, 2003 8:47 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: RES: Off topic: SBS Liscensing http://www.ISAserver.org Hi Amy, While you can make ISA Server work on an "all purpose" server, I could never justify such a configuration from a security point of view. Putting an Exchange Server, SQL Server, FAX server, etc. on the firewall is a bad security proposition, no matter how you cut it. There are also other drawbacks, such as how logging is affected by publishing services located on the ISA Server itself. The ISA Server is a firewall and perimeter defensive device and should be treated like one. I wouldn't install all these extraneous services on a PIX or CP/Nokia and I wouldn't do it on an ISA Server. What I'm trying to determine is the cost effectiveness of using two Win2k servers and a separate installation of ISA Server. From what I can tell so far, you can still profit from getting SBS to put on the internal network to use as an Exchange, SQL, FAX, etc. server and get separate licenses for Win2k and ISA Server to run on the perimeter. The cost would be comparable to black box solutions, but you can easily configure and integrate with the existing Microsoft network, and you don't pay extra for VPN or "connectors" to connect to the user database. Thanks! Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 <http://tinyurl.com/1jq1> Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> Free Trial Software: Monitor & Manage Web Use with SurfControl Web Filter for MS ISA Server http://www.surfcontrol.com/go/zisadl1 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This E-Mail is confidential. It is not intended to be read, copied, disclosed or used by any person other than the recipient. Unauthorised use, disclosure, or copying is strictly prohibited and may be unlawful. Optimum Computer Solutions disclaims any liability for any action taken in connection of this E-Mail. The comments or statements expressed in this E-Mail are not necessarily those of Optimum Computer Solutions or its subsidiaries or affiliates. usermanager@xxxxxxxxxxxxxxx Free Trial Software: Monitor & Manage Web Use with SurfControl Web Filter for MS ISA Server http://www.surfcontrol.com/go/zisadl1 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')