Ok, now I understand what you are talking about. That is setting up the e-mail client as an Exchange client as opposed to a POP3 client. I think that has to go back to Amy's point. There are 2 types of small business, those that seek to utilize the technology available, and those that use technology to help get there job done. Small business company profile 1: Those that seek to utilize the technology available are going to want to use the features of Exchange and SBS, including ISA. They will most likely use OWA and remote clients using their e-mail client configured as an Exchange client. This kind of business will seek and pay for SBS and ISA and use its features and if recommended use SBS without ISA and have another box in front running ISA. (BTW, I still am going to come up with a new small size cube box for the ISA device.) Small business company profile 2: This kind of company uses technology in the course of business out of need or assistance to promote/assist their work. This company may use a app that uses a SQL DB, and as Amy pointed out, may have a small static website that promotes their business, maybe even some dynamic that say pulls lists from the DB. This company does not want to fully utilize the features of Exchange or IIS, but rather the pricing is enough to make SBS attractive rather than buying the OS and SQL separately. They may have a dozen or so remote users, but they have the mail client setup with POP3 or their e-mail is hosted else where. In this case, having a SonicWall or other SOHO device is quite logical to meet the client needs. I think what it really boils down to is there is 2, or maybe even 3 types of Small business and they each require different approaches; Those that embrace technology and those that use technology and those that use technology but only if they feel it is worth the money. (I have one of those 3rd type. He has no firewall at all!) John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Monday, July 14, 2003 5:42 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FYI: ISA on SBS http://www.ISAserver.org Hi John, With ISA Exchange RPC publishing, it just opens 135 inbound, and only for the Exchange specific UUIDs. If you don't use ISA, then you allow 135 inbound for any UUID, and then you have to open all high number ports inbound, since the server can assign itself any ephemeral port. Check out: http://support.microsoft.com/default.aspx?scid=kb;EN-US;148732 It has good info and links on the problematic nature of doing this without ISA. Thanks! Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Monday, July 14, 2003 11:40 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FYI: ISA on SBS http://www.ISAserver.org First off, I have to admit I am not familiar with the technical side of RPC publishing. What port ranges are used and how does it work? John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Monday, July 14, 2003 9:21 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FYI: ISA on SBS http://www.ISAserver.org Hi John, Yes please! I'd like to hear more of your observations on this. However, the problem with the sonicwall firewall setup is that if you run ISA Server 2000 on the SBS box that runs the Exchange Server, you cannot avail external users of Exchange RPC publishing. The only way to do this is to disabling packet filtering, in which case, there's no point to even installing ISA Server, since its no longer a firewall without packet filtering protection. The Problem is that there's no way to disable RPC socket pooling. When you can't disable socket pooling, you can't create Server Publishing or Web Publishing Rules on that socket. The only other option is to create packet filters, but in order to create packet filters, you have to open the entire ephermal range of ports using static packet filters, which gets back to the poor security provided by tradition packet filtering based devices like PIX or sonicwall, and the reason why you want an ISA based appliance in front of the SBS box so that the customer is able to fully take advantage of the Exchange Server and remote Outlook 2000/2002/2003 client. Thanks! Tom Thomas W Shinder <http://www.isaserver.org/shinder> www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: <http://tinyurl.com/1llp> http://tinyurl.com/1llp ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')