I was wondering: I am building a small network with three servers for a small office:
1) DC/DNS/DHCP/File Server
2) Exchange Server
3) IIS/FTP/Application Server
These servers are going to access the internet via PAT (port forwarding on an ADSL router sharing one static public IP to the internal private network). A hardware firewall like ASA is out of the question. So i was wondering: is PAT secure enough. I know that ISA does application firewalling and packet inspection but is it really necessary to invest to another server and the required licenses? Why should i do so?