[isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Sat, 13 Jan 2007 11:22:51 -0600
It's interesting how the canaille misinterprets the term DMZ, like they
do for most things :)
Think about the Korean DMZ -- is that really a "free for all" place? Or
one of the most monitored and secured areas in the world, where nothing
happens without someone knowing about it almost immediately?
That what you get when the Syphco reps teach a generation of "port
openers"....
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- Microsoft Firewalls (ISA)
________________________________
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thor (Hammer of God)
Sent: Friday, January 12, 2007 5:51 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
Interesting... Probably a good idea for us to actually
articulate what we really mean when we say DMZ.
I guess to some it means "free for all network" but for me, it
should be the network where you have the most restrictive policies
controlling each service so that it is obvious when malicious traffic
hits the wire. Thoughts>
t
On 1/12/07 3:30 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to
all:
That's what I thought, now it's what I know....
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
Sent: Friday, January 12, 2007 6:35 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter
Networks
Aside from normal router & switch ACLs, ISA is the
single line of defense.
"..we don't need no stinking DMZs"
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat
Sent: Friday, January 12, 2007 12:12 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter
Networks
Ahh...just had a thought.
It's all labeling.
Jason, and others (not Jason's fault), have been using
the term DMZ.
Historically, is the term DMZ not taken literally as
being completely firewalled off from the trusted networks, and what
Jason is talking about is trusted network segmentation.
I betcha that's why the Exchange team don't support
it...they think it's a typical run of the mill DMZ...
Jim, isn't MS's Internal network segmented by usin ISA??
Including your mail servers?
S
All mail to and from this domain is GFI-scanned.
Other related posts:
- » [isapros] ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
- » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks