[isalist] Re: Error during install
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Sat, 12 Aug 2006 09:05:43 -0700
http://www.ISAserver.org
-------------------------------------------------------
..because SBS represents a significant revenue stream and they said "we
want ISA".
Fortunately, not every "wewant" is noticed; otherwise, SBS would be an
unsupportable mishmash of horrific applications.
The SBS voice is loud; otherwise there would be no SBS product team and
the whole deployment would be a collection of whitepapers. You shoulda
heard the noise created when ISA 2004 wasn't part of SBS 2003 RTM, but
had to wait until SP1.
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thomas W Shinder
Sent: Saturday, August 12, 2006 8:58 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Error during install
http://www.ISAserver.org
-------------------------------------------------------
Yep, I'll never figure out why they made that decision.
Maybe someday, they'll re-brand the Windows Firewall for Window Server
and call it ISAexpress and charge them extra for that ;)
Laterz,
GMT
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Saturday, August 12, 2006 10:53 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Error during install
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Sad to say, he never tried (no great surprise, there).
> I saw a few attempts from other sources, though.
>
> For the complete record, "the real world" includes much more than SBS.
> The fact that MS chooses to increase the revenue stream with this
> product in no way demonstrates that this is a "desirable" deployment.
> In point of fact, this is the single hardest deployment to attempt and
> represents a very large security compromise for any of the products
> assembled therein. It has to be; these products were neither designed
> nor tested to function this way except in SBS. Anyone trying to
> emulate an SBS deployment by themselves is in for a nasty shock.
>
> You yourself have argued that neither ISA nor its OEM offerings are
> priced for SBS; this is intentional because it's designed as an
> Enterprise product. SBS folks get it (and other products) for damn
> near free.
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> Sent: Saturday, August 12, 2006 12:50 AM
> To: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
> Cc: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Error during install
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> ...and last I heard Tony Su never did hack into Mr. Harrison's server
> either....
>
> Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> > For the record it's called SBS 2003 "Premium" not
> Enterprise in case
> > you want to google... and I've yet to see a SBS box get
> hacked. ISA
> > is ISA. And Microsoft has not built a "vulnerable" product.
> >
> > We get nailed from stupid users running with admin rights. We get
> > nailed with professionals that don't use the connect to Internet
> > Wizard to set up the firewall and set it up incorrectly.
> That's how
> > we get nailed. As has been stated.. a properly configured network
> > will be just fine.
> > We're not big business, we're small business and it's a reasonable
> > risk. Day in and day out Amy Babinchak, an ISA
> professional showcases
>
> > that ISA works for small businesses.
> >
> > Make ISA on a standalone box into a reasonable price range in the
> > Cougar or Centro era and let's talk.
> >
> > Folks these days either go with a hardware firewall on the outside
> > for a smidge of paranoia protection, ISA in a two nic setup
> ...or they
>
> > do a one nic with a Sonicwall because ISA just is not cost
> > effective... or ..quite bluntly.. they don't trust it.
> >
> > Those of us who believe in ISA (and yes that's those of us who run
> > real businesses in the real world) we show every day that it can
> > protect even when it's on the same server with the DC.
> >
> > It works.
> >
> > So out here in the real world.... it's ISA or you lose the sale.
> >
> > That's the real world out here.
> >
> > There are..however.. those in the SBS mvp community like Jeff
> > Middleton who want it off the SBS box because of the annoying ways
> > that it interferes with troubleshooting issues.
> >
> > Will I want it on the same box in the Cougar era? Ask me when that
> > ships (whenever that may ship) I might be doing Centro by
> that time
> > which probably will peel off that server role. Who knows.
> I evaluate
>
> > my risks and threats and right now I'm comfortable with ISA
> on the box
>
> > with Dana Epp's Firewall dashboard adding more reports that give me
> > the info I need.
> >
> >
> > From: "John T \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
> > Subject: [isalist] Re: Error during install
> > Date: Fri, 11 Aug 2006 00:26:48 -0700
> >
> > As the good doctor has said, most ISA professionals will
> tell you that
>
> > including ISA server with SBS Enterprise was a dumb idea.
> >
> >
> > John T
> >
> > eServices For You
> >
> >
> >
> > "Seek, and ye shall find!"
> >
> >
> >
> > -----Original Message-----
> > From: isalist-bounce@xxxxxxxxxxxxx
> > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of ISA
> > Sent: Thursday, August 10, 2006 8:15 PM
> > To: isalist@xxxxxxxxxxxxx
> > Subject: [isalist] Error during install
> >
> >
> >
> > OK, this is where I get confused. I thought ISA 2004 was
> impenetrable
> > when properly configured. Why should it make a difference
> that AD is
> > running on the same box?
> >
> >
> >
> > How does SBS 2003 Ent do it? Are there different versions
> of ISA 2004
> > (one out of the retail box and one that comes with SBS 2003)?
> >
> > Has MS built a vulnerable product i.e. SBS 2003 Ent? If so,
> that would
>
> > be a shame being that it is a quickly growing market.
> >
> >
> >
> > Regardless of 'why' I don't have the answers to my own
> questions - I
> > usually
> > follow Tom's advice to the T. And while following Tom's
> advised (HAVE
> > DC, NO
> > ISA) I have purchased Sonic Walls instead; at an increasing rate.
> > Oh..and I
> > make some additional cash at it too. Client pays $600/$700
> vs. $3,000
> > $4,000
> > with ISA.
> >
> >
> >
> >
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
> All mail to and from this domain is GFI-scanned.
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
