However, as you say, SBS comes with both Exchange and ISA Server -- and you can't separate them. In fact, opinion is split just about equally among SBS gurus, use ISA on SBS, or don't use it and provide instead a hardware-based firewall for your network. Personally, I'd do the former, but I recognize the need to reduce expenses -- and I do run a personal firewall on my laptop when I'm away from the office. This is, however, a far cry from running the mail server on the same system.
If running ISA Server on your SBS server is the solution you've decided upon, go for it. It can provide solid protection. However, if something does knock over the ISA Server, the attacker has your e-mail server (and your domain controller). In a network with a separate firewall, the attacker would have to take another step to reach them, and that might just give you the time you need to disconnect from the Internet and fix the firewall.
Dig Deeper on Enterprise software
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.