RE: An Alternative Solution VS SBS on one Physical Server
- From: "Roy Tsao" <roy_tsao@xxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 10 Jan 2005 22:14:55 +0800
Amy,
My logic for is like this:
1) to kick off soho type of router because its limitation
to host Internet connection both performance & control.
Enterperise router is available but believe it is not
essential
2) ISA box is a replacement to the router, but ISA and DC
must be seperated in different box for security conern
If I maintain hosting internet traffic by router, obvious
I can put only one server to serve as DC/ISA in one box!
Anyway, thanks for your comment.
Roy Tsao
-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Monday, January 10, 2005 9:44 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: An Alternative Solution VS SBS on one Physical
Server
http://www.ISAserver.org
You can still make ISA a DC while having it on its own box. You
mentioned kicking out a router - I'm not exactly sure what that means
but I would take it to mean that you have a piece of hardware that
ISA server is going to replace. Rather than replace it I would put
that router/firewall in front of ISA to take off some of load from
ISA. Since you are going to run other apps on the ISA server it makes
sense to reduce the traffic that is going to be hitting it. This will
also gain you back some of the security compromise that you are
making when you put other apps on the ISA server.
Amy
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Monday, January 10, 2005 12:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: An Alternative Solution VS SBS on one Physical
Server
http://www.ISAserver.org
Amy,
Your suggestion "put ISA on one box, Windows 2003 with VMware and the
guest servers on this box" can't fit the requirement to put ISA box
join the DC, ISA box needs to be a domain memember for traffic
control!
Roy
----- Original Message -----
From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, January 10, 2005 1:25 PM
Subject: [isalist] RE: An Alternative Solution VS SBS on one Physical
Server
http://www.ISAserver.org
The VMware license cost is one additional cost, but the cost of the
additional server licenses vs. SBS is still quite significant.
If the main concern is to minimize physical servers and maximize
security then put ISA on one box, Windows 2003 with VMware and the
guest
servers on this box.
Amy
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Sunday, January 09, 2005 10:59 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: An Alternative Solution VS SBS on one Physical
Server
http://www.ISAserver.org
What I am trying to do is to minimized cost of taking
addtional units of physical servers while both security
and function shall not be compromised. For SBS, it is
of course a 1st option but in our envirnoment, we need
more function more than SBS, that's why I want to uprise
such a solution VS SBS.
As for license charge, I merely regards the Vitual server
as actual one, it means we must pay for it for any server
need to install, and then disgard comparision of charge
with SBS.
Thanks,
Roy Tsao
----- Original Message -----
From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, January 10, 2005 6:05 AM
Subject: [isalist] RE: An Alternative Solution VS SBS on one Physical
Server
http://www.ISAserver.org
I think that it is a good idea but it is a whole lot more expensive
than
1 SBS Premium license at $1,450. How deep are your pockets? Is the
extra
cost worth it, in terms of function or security? These are the
questions
yet to be answered.
Amy
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Sunday, January 09, 2005 10:49 AM
To: [ISAserver.org Discussion List]
Cc: Jim@xxxxxxxxxxxx
Subject: [isalist] An Alternative Solution VS SBS on one Physical
Server
http://www.ISAserver.org
In my past post, I want to implement a more wider service
Like ISA/SQL/DC etc. on one phsical server. For security
Concern, so far the recommendation from ISAServer forum
Is to use SBS. However we could have one more idea by utilizing
Vmware GSX server like below for my network:
- Host OS: Windows Server 2003 (two NICs)
External NIC: any but no DG IP
Internal NIC: 192.168.0.2/255.255.255.0
- two Guest Server (Through Vmware GSX):
1) Windows Server 2003 running as DC (one vitual NIC)
IP: 192.168.0.3/255.255.255.0
(bridged to Host Internal NIC)
2) Windows Server 2003 running as ISA2K4 (one vitual
NIC)
IP: 192.168.0.1/255.255.255.0
(bridged to Host Internal NIC)
Network frame:
Wan connection: ADSL PPOE connection through Guest Server 2)
Host Server and other Lan PC's connection to
Wan through Gateway 192.168.0.1 like a physical
ISA2K4 Box
Lan connection: Guest Server 1) as DC/DNS/DHCP server
Firewall protectiont o Host Server from External NIC:
enable firewall protection, close up all communication port
through
TCP/IP
Dear Jim and other cool guys, is that a good idea suppose the host
server
Has engouth CPU capacity and RAM?
Thanks for your suggestion in advance!
Roy Tsao
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
roy_tsao@xxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
roy_tsao@xxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List
as: roy_tsao@xxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
