You knew something was wrong. Users complained they were getting duplicate messages… email with large attachments weren’t coming through… browsing the web was becoming hit and miss.

A check of the firewall log confirmed it. The firewall’s drowning in a sea of port scans initiated by virus-infected zombies. You could simply add another firewall; but, since zombies already seem to have your number, that firewall may quickly reach its limit as well.

An alternative: Move the biggest virus-target, incoming SMTP, to its own pipeline on a totally different segment. Within a couple of weeks, you’ll be gazing over (relatively) calm seas.

“But a new segment’s expensive”, you say,”And I’d still need another firewall and my mail server would be isolated and…”

Apparently nobody sent you the memo. Since qwest bought its new chairman, US bandwidth charges have plummeted. For example, you can install a new DSL line for around fifty bucks a month, complete with static IP addresses. 1.5 Mbps down/896 Kbps up. Another fifty buys the DSL modem-firewall. Its DMZ provides more than enough protection for a hardened spam, email and content filtering appliance. Point your anti-spam appliance at your in-house mail server, adjust DNS records and firewall settings appropriately, then take a nap. You’ve earned it.

You’ll be amazed at how much email a small dedicated pipe can handle. So start small, then add bandwidth as you need it.