Here is one for you to know Mike, any network address range defined in the LAT ( Local Address Table ) is considered by ISA to be trusted, I only mention this because you made reference to your DMZ and multi-homed ISA configuration, I would assume you would like to secure both interfaces, so don't define what you want secure in the LAT. -----Original Message----- From: Mike Scott [mailto:mscott@xxxxxxxxxx] Sent: Monday, December 15, 2003 3:34 PM To: [ISAserver.org Discussion List] Subject: [isalist] ISA Multi-Homed Requirement? http://www.ISAserver.org We are in the process of implementing an ISA server primarily to secure our Exchange traffic better than it is. We currently have our Exchange Server on our DMZ with entries in our Cisco PIX firewall to allow the inside network to see it and access it. We are being told that the only way to configure ISA for what we want would be to multi-home our ISA Server. Is that correct and if so, are there any security risks we are opening ourselves up to by having this configuration? I'm in an office that is becoming more and more paranoid regarding our security setup and they've been told over and over that multi-homing is bad...Any light you could shed would be great. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gmaks@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')