SMTP forwarding sends email directly to the Windows SBS/Exchange server, but what are the security implications if the Internet Security and Acceleration (ISA) server is not configured? Is the Asymmetric Digital Subscriber Line's (ADSL) built-in firewall secure enough for this solution, or should I configure the ISA server with a second network interface card (NIC)? I am trying to keep the configuration simple, but secure. Any recommendations would be greatly appreciated.
I recommend one of the two following options:
- Add a second NIC to Windows SBS and configure ISA Server as a firewall in addition to a proxy.
- Invest in a firewall appliance such as a SonicWall TZ180. Configure the appliance for your network and disable the firewall feature on the DSL modem.
If you choose the ISA Server option, you can use the Windows SBS wizard to configure ISA Server to permit inbound email and/or other services.
Do you have comments on this Ask the Expert Q&A? Let us know.
Ask an Exchange Server question in our forum.
This was first published in August 2008