We have a small business that will possibly be getting a T1 connection for our phone and internet services. They will issue a cisco router for our connection, that they will repair, replace, and manage. My question is it possible to assign the static IP that they give me to my Linux firewall, or does it have to be assigned to the Cisco router? Which is the better configuration?

they have to route a subnet through the cisco router. Then assign a public ip to your firewall. It require more network knowledge to make sure your FW ruleset will be reliable. If they don't provide a subnet, the IP will be assigned to their router acting as gateway for your network. Not a very secure nor flexible solution. Danny

If they don't provide a subnet (just one static IP address), why couldn't I just connect the router to my external NIC on my Linux firewall, then provide NAT using my Linux Firewall?

Your ISP should assing you a single or range of IP addresses. The router is nothing to do with you. Essencially the ISP's network extends as far as your provided router and your firewall should connect directly to this router. Your fiewall needs one external IP and any webservers that need to be access from the internet also need external IP's. These externally accessable servers should sit on a network connected to a seperate network card in your firewall(called a DMZ). your internal network is attached to a third network card so that if a webserver is compromised your internal network is not.

My ISP has told me that I can use my Linux Firewall/Gateway in place of their router. Also, I will not be running a web server, however, I will be running SBS 2003 which has Exchange server built in. In order to use Exchange with SMTP, will I need to give my SBS 2003 a static public IP, or can this server have a Private IP, and the mail traffic to my Exchange server be forward to the private IP of the LAN (which would be the address of my Exchange server, that is actually the same private IP as my SBS server).