W2K Adv server as a NAT box?

  • Thread starter Thread starter rickm
  • Start date Start date
R

rickm

Our budget was axed and my plans for a firewall with it. :P

I do have a development box running W2K Adv Server that I was going to use
as a NAT for 100 machines. We have 3 shifts, during the day about 70 users
would be online, a lot fewer in the evenings. Would it be possible to drop
another nic in this machine to make a firewall/nat box out of it? We
currently have everyone on static IPs, I have no problem going to DHCP to
free them up (save me a few bucks/mo). What I'd like to do is for all
traffic to go through the W2K box where I could filter both outgoing and
incoming along with providing DHCP and DNS (our DNS is offsite).

Is this possible? Any other software needed? (I hope this makes sense)
 
It's possible with TCP/IP filtering but it doesn't do near as good a job as
a firewall. Not even close. In my opinion, a company that won't spend the
$ for a firewall is just asking for trouble, and guess who's going to get
blamed for it when it happens? There are some software firewalls you can
get for $40-50 and they would do better than NAT (like Black ICE), but a
good hardware firewall is cheaper and better in the long run. I'd start
looking for a new job with a company that has their priorities straight.
You can't run a secure network without a firewall. IMHO.
 
Conrad Pfleging said:
It's possible with TCP/IP filtering but it doesn't do near as good a job as
a firewall. Not even close. In my opinion, a company that won't spend the
$ for a firewall is just asking for trouble, and guess who's going to get
blamed for it when it happens? There are some software firewalls you can
get for $40-50 and they would do better than NAT (like Black ICE), but a
good hardware firewall is cheaper and better in the long run. I'd start
looking for a new job with a company that has their priorities straight.
You can't run a secure network without a firewall. IMHO.
Click to expand...

Looking around we can come out a lot cheaper than I thought. Any experience
with the Watchdog line?
 
No, I've never heard of that one. It may be fine, but I've always been a
believer in "you get what you pay for". I mean, we're only talking
$500-1000 here right for name brand stuff, right
 
Conrad Pfleging said:
No, I've never heard of that one. It may be fine, but I've always been a
believer in "you get what you pay for". I mean, we're only talking
$500-1000 here right for name brand stuff, right
Click to expand...

This box is like 1500.00...the PIX are in the same ballpark, we don't needs
DES for everyone nor do we have any remote users.
 
You need a separate box for a firewall. It only needs an old pentium running
NT. Sygate is much better than the features built into Win 2K3. However, it
costs as much as a dedicated router with NAT.

| Our budget was axed and my plans for a firewall with it. :P
|
| I do have a development box running W2K Adv Server that I was going to use
| as a NAT for 100 machines. We have 3 shifts, during the day about 70 users
| would be online, a lot fewer in the evenings. Would it be possible to drop
| another nic in this machine to make a firewall/nat box out of it? We
| currently have everyone on static IPs, I have no problem going to DHCP to
| free them up (save me a few bucks/mo). What I'd like to do is for all
| traffic to go through the W2K box where I could filter both outgoing and
| incoming along with providing DHCP and DNS (our DNS is offsite).
|
| Is this possible? Any other software needed? (I hope this makes sense)
|
|
 
Eric Gisin said:
You need a separate box for a firewall. It only needs an old pentium running
NT. Sygate is much better than the features built into Win 2K3. However, it
costs as much as a dedicated router with NAT.
Click to expand...

I'm going to get a quote on a Watchguard Firebox..if they shoot that down
then I'll look at the Sygate. I'm hoping they'll change their mind.
 
I've set up some firewalls from ZyXEL. Seems to work fine, easy to
configure. They may be as low as $ 500 (ZyWALL-10).

-Olaf-
 
Back
Top