August 19, 2004
Small Business Server 2003 MVP out there?
Is there a SBS 2003 MVP out there that reads my blog?
I am looking for a security-conscious individal who may have some time to do some thoughtful reflection with me on the intricities of putting a SBS2003 server on the Net with OWA and OMA. This individual should live in the lower mainland of British Columbia, closer to the Abbotsford/Chilliwack/Hope area.
Experience in setting up Active Directory with two factor authentication (RSA SecurID or Authenex A-Key) and the usage of ISA 2000/2004 is recommended, but not essential.
If you fit the description, drop me a line. I might have some work for you.
Posted by SilverStr at August 19, 2004 07:28 AM
Dana, try pinging the SBS Diva, Susan Bradley. She knows her stuff ;)
Just pinged up Dana with an MVP in his area, Steven Banks and another MVP, Jeff Middleton as well.
As I said to Dana, I'd recommend ISA 2000 at this time as we SBSers won't get a wizardized ISA 2004 until SBS sp1 comes out which is waiting on Windows 2003 sp1 [got that roadmap?]
IMHO if you open up for OWA, you DON'T have to open up port 80, you can fully function with a port 443. Opening up Sharepoint for annonymous access [oh yeah we do that too] is what I think is our potentially weakest issue going on in the future.
Before I'd budget for RSA keyfobs, I'd budget for a patch management solution as WUS/MUS isn't ready and SUS is not enough. I'm a died in the wool www.Shavlik.com gal myself.
Because we are all on one box, because we are doing OWA, we can't do high security hardening and we have to say with Enterprise or Legacy settings. We track pretty closely as a matter of fact with those CIS benchmarks.
This one vendor did a "test" of security issues with SBS 2003 http://www.predatorwatch.com/vulnerability_alerts.html the problem is they are/were scanning it for vulnerabilities from the inside where all our "squishy ports" are.
Honestly, patching, antivirus, firewall AND Passphrases and we do just fine out here.