Originally posted by adb22791 It's always good to have a second 3rd party firewall when dealing with Windows
Yeah, I just don't know. We managed close to 100 servers on other networks without a firewall and yet to have a probelm. Don't get me wrong, I am pro-firewall, but you just have to ask your self sometimes.........
██ Ray Womack @ atOmicVPS LTD ██ Linux & Windows Cloud Hosting Solutions Powered by OnApp
██ Fully Managed [Shared] ► [Reseller] ► [Cloud VPS] ► [Dedicated]
██ Featuring the atOmicSTACK™ ● Speed ● Performance ● Reliability
Thanks for the advice guys. The one thing that has me worried about a second firewall is locking myself out. I can see how it would be easy to do. The machine gets to the colocator and whamo, first thing off I have another bill for a trouble ticket to get through that. I read of quite a few people that did that.
I did some quick testing and what's nice about the built-in firewall is that the blocking prompts appear thru the remote desktop. I tried sygate's and zone alarm freebies and their blocking prompts do not.
I suspect that after I install VCN I will be able to see them but still, I like the redundancy of seeing the firewall blocking prompts through both remote methods.
I like Sygates firewall, but some people have suggested Kerio which has a web-interface to mange it.
I doubt you can lock yourself out of that, but the disadvantage is that your mangement interface is exposed to the internet at large.
My preference is to connect from a static IP, and add that to an always-allow list.
Never trust on the build in Firewall of Microsoft. Alway's use an external advanced Firewall. The build in firewall has no statefull packet inspection (worms can still try to infect your system) no DOS attack defending mechanisme inside. By a Watchguard or Cisco PIX and you will sleep much better...
Originally posted by old sneakers If I run Win 2003 Standard on a machine I am about to colocate, is the Sp1 firewall adequate, assumming I only install game servers and don't install IIs or any other server applications?
A hardware firewall i.e cisco, sonic, sitara would be nice,
then again it has to match your perceived risk and assets
of your business. If its just gaming, go for the default or
simple software based firewall to deny all and only allow
your gaming server traffic, dns, windows allow-list etc.
As amps said, it can't prevent DDOS as it requires mitigation
done by your upstream, provider or provider's upstream.