http://www.ISAserver.org ------------------------------------------------------- I suppose that voice was even louder for 2006? I'm sure they need Kerberos Constrained Delegation and Web Farm Load balancing ;) Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > Sent: Saturday, August 12, 2006 11:06 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Error during install > > http://www.ISAserver.org > ------------------------------------------------------- > > ..because SBS represents a significant revenue stream and > they said "we > want ISA". > Fortunately, not every "wewant" is noticed; otherwise, SBS would be an > unsupportable mishmash of horrific applications. > The SBS voice is loud; otherwise there would be no SBS > product team and > the whole deployment would be a collection of whitepapers. > You shoulda > heard the noise created when ISA 2004 wasn't part of SBS 2003 RTM, but > had to wait until SP1. > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Thomas W Shinder > Sent: Saturday, August 12, 2006 8:58 AM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Error during install > > http://www.ISAserver.org > ------------------------------------------------------- > > Yep, I'll never figure out why they made that decision. > > Maybe someday, they'll re-brand the Windows Firewall for Window Server > and call it ISAexpress and charge them extra for that ;) > > Laterz, > GMT > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > > Sent: Saturday, August 12, 2006 10:53 AM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: Error during install > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > Sad to say, he never tried (no great surprise, there). > > I saw a few attempts from other sources, though. > > > > For the complete record, "the real world" includes much > more than SBS. > > The fact that MS chooses to increase the revenue stream with this > > product in no way demonstrates that this is a "desirable" > deployment. > > In point of fact, this is the single hardest deployment to > attempt and > > > represents a very large security compromise for any of the products > > assembled therein. It has to be; these products were > neither designed > > > nor tested to function this way except in SBS. Anyone trying to > > emulate an SBS deployment by themselves is in for a nasty shock. > > > > You yourself have argued that neither ISA nor its OEM offerings are > > priced for SBS; this is intentional because it's designed as an > > Enterprise product. SBS folks get it (and other products) for damn > > near free. > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] > > On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] > > Sent: Saturday, August 12, 2006 12:50 AM > > To: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] > > Cc: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: Error during install > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > ...and last I heard Tony Su never did hack into Mr. > Harrison's server > > either.... > > > > Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote: > > > For the record it's called SBS 2003 "Premium" not > > Enterprise in case > > > you want to google... and I've yet to see a SBS box get > > hacked. ISA > > > is ISA. And Microsoft has not built a "vulnerable" product. > > > > > > We get nailed from stupid users running with admin > rights. We get > > > nailed with professionals that don't use the connect to Internet > > > Wizard to set up the firewall and set it up incorrectly. > > That's how > > > we get nailed. As has been stated.. a properly > configured network > > > will be just fine. > > > We're not big business, we're small business and it's a > reasonable > > > risk. Day in and day out Amy Babinchak, an ISA > > professional showcases > > > > > that ISA works for small businesses. > > > > > > Make ISA on a standalone box into a reasonable price range in the > > > Cougar or Centro era and let's talk. > > > > > > Folks these days either go with a hardware firewall on > the outside > > > for a smidge of paranoia protection, ISA in a two nic setup > > ...or they > > > > > do a one nic with a Sonicwall because ISA just is not cost > > > effective... or ..quite bluntly.. they don't trust it. > > > > > > Those of us who believe in ISA (and yes that's those of > us who run > > > real businesses in the real world) we show every day that it can > > > protect even when it's on the same server with the DC. > > > > > > It works. > > > > > > So out here in the real world.... it's ISA or you lose the sale. > > > > > > That's the real world out here. > > > > > > There are..however.. those in the SBS mvp community like Jeff > > > Middleton who want it off the SBS box because of the > annoying ways > > > that it interferes with troubleshooting issues. > > > > > > Will I want it on the same box in the Cougar era? Ask me > when that > > > ships (whenever that may ship) I might be doing Centro by > > that time > > > which probably will peel off that server role. Who knows. > > I evaluate > > > > > my risks and threats and right now I'm comfortable with ISA > > on the box > > > > > with Dana Epp's Firewall dashboard adding more reports > that give me > > > the info I need. > > > > > > > > > From: "John T \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx> > > > Subject: [isalist] Re: Error during install > > > Date: Fri, 11 Aug 2006 00:26:48 -0700 > > > > > > As the good doctor has said, most ISA professionals will > > tell you that > > > > > including ISA server with SBS Enterprise was a dumb idea. > > > > > > > > > John T > > > > > > eServices For You > > > > > > > > > > > > "Seek, and ye shall find!" > > > > > > > > > > > > -----Original Message----- > > > From: isalist-bounce@xxxxxxxxxxxxx > > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of ISA > > > Sent: Thursday, August 10, 2006 8:15 PM > > > To: isalist@xxxxxxxxxxxxx > > > Subject: [isalist] Error during install > > > > > > > > > > > > OK, this is where I get confused. I thought ISA 2004 was > > impenetrable > > > when properly configured. Why should it make a difference > > that AD is > > > running on the same box? > > > > > > > > > > > > How does SBS 2003 Ent do it? Are there different versions > > of ISA 2004 > > > (one out of the retail box and one that comes with SBS 2003)? > > > > > > Has MS built a vulnerable product i.e. SBS 2003 Ent? If so, > > that would > > > > > be a shame being that it is a quickly growing market. > > > > > > > > > > > > Regardless of 'why' I don't have the answers to my own > > questions - I > > > usually > > > follow Tom's advice to the T. And while following Tom's > > advised (HAVE > > > DC, NO > > > ISA) I have purchased Sonic Walls instead; at an increasing rate. > > > Oh..and I > > > make some additional cash at it too. Client pays $600/$700 > > vs. $3,000 > > > $4,000 > > > with ISA. > > > > > > > > > > > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > All mail to and from this domain is GFI-scanned. > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > All mail to and from this domain is GFI-scanned. > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx