[isapros] Re: ISA, Exchange 2007 and Perimeter Networks

  • From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
  • To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
  • Date: Fri, 12 Jan 2007 15:51:28 -0800

Interesting... Probably a good idea for us to actually articulate what we
really mean when we say DMZ.

I guess to some it means ³free for all network² but for me, it should be the
network where you have the most restrictive policies controlling each
service so that it is obvious when malicious traffic hits the wire.
Thoughts>
t


On 1/12/07 3:30 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to all:

> That¹s what I thought, now it¹s what I know?.
>  
> 
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
> Behalf Of Jim Harrison
> Sent: Friday, January 12, 2007 6:35 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
>  
> Aside from normal router & switch ACLs, ISA is the single line of defense.
> ³..we don¹t need no stinking DMZs²
>  
> 
> From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
> Behalf Of Steve Moffat
> Sent: Friday, January 12, 2007 12:12 PM
> To: isapros@xxxxxxxxxxxxx
> Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
>  
> Ahh?just had a thought.
>  
> It¹s all labeling.
>  
> Jason, and others (not Jason¹s fault), have been using the term DMZ.
>  
> Historically, is the term DMZ not taken literally as being completely
> firewalled off from the trusted networks, and what Jason is talking about is
> trusted network segmentation.
>  
> I betcha that¹s why the Exchange team don¹t support it?they think it¹s a
> typical run of the mill DMZ?
>  
> Jim, isn¹t MS¹s Internal network segmented by usin ISA?? Including your mail
> servers?
>  
> S 
> All mail to and from this domain is GFI-scanned.
>

Other related posts:

  1. Home
  2. isapros
  3. Archive
  4. 01-2007