SBS Devs: Server Core + ISA 2007 = Kick ass SMB Firewall

Here is a thought for the SBS devs on campus. I just fell in love with the thought of Longhorn Server Core. For those of you that don't know, it is basically a minimal install of Windows Server WITHOUT the UI, and without the shiny client apps. God forbid... its a SERVER OS performing SERVER functions without the fluff. Thats right. No media player on a server. Cmd line at its best. Want UI? Use an MMC snapin. Thats what the technology is for!

With Longhorn Server Core you can make the system perform one of the following roles:

• Domain Controller (Full or Read Only)
  
• DNS Server
  
• DHCP Server
  
• File Server
  

There is talk they will add a web server role to support IIS7. Right now there is no managed code support, so no ASP.NET support. Apparently its in the works though.

I have another role suggestion. Firewall. There is always discussion in the SBS community about moving the ISA firewall off of SBS, decoupling the functionality and letting us move the license to another machine. Maybe its a pipe dream. But this would be an OPPORTUNE time to do something about it. In Cougar, wouldn't it be nice if another CD shipped which was Server Core with ISA 2007 (we aren't ever getting ISA 2006) preinstalled... with hooks in the SBS Management Console to admin the new member server through MMC? You wouldn't even need as much power on the Core server as it would be designed to ONLY function as the role of Firewall/Proxy for the business. We would finally have ISA off of the SBS box, and performing the firewalling task without interrupting the rest of the network.

Just a thought.

You have the technology. You just need to make the business case. Here's one. Invest in making that work, and then offer it in cheap external device. :) Don't want to be a hardware vendor? Find one of your partners to do it. I'd buy it if it was around the same price as a Sonicwall TZ170 or a Watchguard Firebox.