Windows 2000 should be considered inherently insecure in today's world. Threats have had 16+ years of evolution since it was released. Having no direct connection to the internet closes off one route of attack, but I strongly recommend against relying upon Win2k for data of any worth, no matter what security product is installed upon it. There are far too many unpatched vulnerabilities that are extremely well known.
With thanks and best regards,
Mick