Re: ISA or a hardware firewall

Hi Guys,

Its Andy again. I posed the question ISA or hardware firewall. I much
appreciate your comments. I seem to have stumbled upon another ongoing
thread along the lines of "ISA doesn't have an <Open Port> button". My
feeling is that for a small organization such as ours we are better sticking
with ISA given that we use OWA and have a desire to publish small internal
web pages (accessing data on an SQL server) and publishing some Sharepoint
services. Dare I say it but I like the Microsoft integration and feel secure
behind the rules that I create. 

We could of course use both and implement a DMZ (in fact we probably should
implement a DMZ) but this will take additional manpower and it is that that
we are lacking.

Thanks Jim for pointing out that the third party support for ISA is
unequalled. You are right and I would not have got to where I am without the
help of this list and in particular without Tom's book and constant informed
help to the list!

Lastly - our ISA reports have stopped working. The logs are still being
created and I have tried everything from within the ISA Management GUI to
get them working. I think it started when I demoted our ISA server from
being a Domain Controller (Installed by as such by our first not so helpful
IT consultants). It's not a big deal as I don't really like the format of
the default reports (We can always trawl through the logs if we suspect some
excessive activity!) and I plan to rebuild the server anyway some free
weekend.

Again thanks for your help!

Many thanks

Andy Fairley
Cellist, Library and Information Services Manager
Opera North

www.operanorth.co.uk


-----Original Message-----
From: Ray Dzek [mailto:rdzek@xxxxxxxxxxxxxxx] 
Sent: 26 January 2004 16:57
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: ISA or a hardware firewall

http://www.ISAserver.org

Fix SIP support for VOIP, and then we'll discuss hero worship on a limited
basis.  Until then... pbbbbbbbbbttttt.

----- Original Message ----- 
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@webelists
Sent: Monday, January 26, 2004 8:17 AM
Subject: [isalist] Re: ISA or a hardware firewall


> http://www.ISAserver.org
>
> Hi Tom,
>
> That's true, but we're going to address that in the next revision.
> It'll be an addition to the UI and when clicked, the user's Windows and
ISA license(s) will be revoked.
> <G>
>
>  Jim Harrison
>  MCP(NT4, W2K), A+, Network+, PCG
>  http://www.microsoft.com/isaserver
>  http://isaserver.org/Jim_Harrison
>  http://isatools.org
>
>  Read the help, books and articles!
> ----- Original Message ----- 
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Friday, January 23, 2004 15:55
> Subject: [isalist] Re: ISA or a hardware firewall
>
>
> http://www.ISAserver.org
>
> Hi Jim,
>
> Unfortunately, ISA has no Open Port [patent refused] button. :)
>
> Tom
>
> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Thursday, January 22, 2004 11:58 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: ISA or a hardware firewall
>
> http://www.ISAserver.org
>
> 1. there is no other "firewall" on the market that can differentiate
> between real RPC publishing and Blaster attacks.  Period (yes, I'm gonna
> toot that horn till my lips fall off).
> 2. there is no other "firewall" or proxy on the market that has a single
> clue as to how to support OWA, OMA, ActiveSync or SPS.
> 3. I triple-dog-dare you to find another firewall or proxy product where
> you have not just one, but six (go ahead; count 'em!) different
> communities to turn to for real support; not just the "you must be an
> expert to ride this ride" mentality.
>
> Does that help?
>
>   Jim Harrison
>   MCP(NT4, W2K), A+, Network+, PCG
>   http://isaserver.org/Jim_Harrison/
>   http://isatools.org
>   Read the help / books / articles!
>
>
> On Fri, 23 Jan 2004 00:34:58 -0000
>  "andy fairley" <andy@xxxxxxxxxxxx> wrote:
> http://www.ISAserver.org
>
> Dear ISA list
>
> I helped install and configure Backoffice 2000 for our small (70 user)
> company. I have always been part time but the configuration and dealings
> with ISA have always mine. We now have a new System Administrator who is
> having trouble getting his head round ISA and wants to ditch it and buy
> a hardware firewall. I am stuck here. I need some help with the running
> of the firewall but have never had to use anything other than ISA. If he
> gets the hardware box then that is fine - its his!!! However I am a
> concerned that the flexibility and power of ISA will be missed. For
> instance in publishing OWA I know that that https requests to our IP
> address will be dropped unless they are formed properly. This seems like
> good security to me. We are now thinking about publishing some
> sharepoint services as well (more questions about this could well
> follow!!!!) and I think this would be easier and more locked down with
> ISA..
>
> So the big question - ISA or a hardware firewall - for or against.
>
> Remember - vote for and I keep the hassle and, against and it goes
> elsewhere!
>
> But seriously, we would like some serious advice on why one should use
> ISA or a hardware firewall.
>
> Many thanks
>
> Andy Fairley
> Cellist, Library and Information Services Manager Opera North
>
> www.operanorth.co.uk
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
> Security Resource Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx To unsubscribe send a blank email to
> $subst('Email.Unsub')
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
> Security Resource Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
> $subst('Email.Unsub')
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
rdzek@xxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
andy@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')



Other related posts: