My existing client environment – very simple (two W/S and a server – W2k, SQL 2000, IIS5.0). Its client server. This LAN will hook up to Internet. Data is very sensitive and critical. I’m recommending a firewall & anti virus. It is good to install software firewall in the web server and also anti virus? Or should I prepare a dedicated PC with firewall sitting in front of the Web Server? Is hardware firewall always better? I’m aware of Security Patching, Hardening, People Management. I need help on the least best configuration to secure my Web Server in terms of Security Devices. Budget estimation USD 2000 or less.
