[isapros] Re: ISA, Exchange 2007 and Perimeter Networks

• From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• To: <isapros@xxxxxxxxxxxxx>
• Date: Fri, 12 Jan 2007 19:06:07 -0500

I tried to articulate this in my response to Jason when I said, 

 

"What's the reasoning behind CAS not in the DMZ? Where to they want it?
Handing nude off the router? Behind a firewall? If the later, then just
drop the out dated DMZ language. Most firewall admins think that DMZ
means nude off the other port on my nat box"

 

It is time to stop using the term DMZ when we're talking about an ISA
firewall and probably come up with new terminology. 

 

Protected Perimeter Network (PPN) Has a nice ring to it, I think.

 

Amy Babinchak

Harbor Computer Services

 

 

________________________________

From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Thor (Hammer of God)
Sent: Friday, January 12, 2007 6:51 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter Networks

 

Interesting... Probably a good idea for us to actually articulate what
we really mean when we say DMZ.

I guess to some it means "free for all network" but for me, it should be
the network where you have the most restrictive policies controlling
each service so that it is obvious when malicious traffic hits the wire.
Thoughts>
t


On 1/12/07 3:30 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to all:

That's what I thought, now it's what I know....
 

From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
<mailto:isapros-bounce@xxxxxxxxxxxxx%5d>  On Behalf Of Jim Harrison
Sent: Friday, January 12, 2007 6:35 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter Networks

Aside from normal router & switch ACLs, ISA is the single line of
defense.
"..we don't need no stinking DMZs"
 

From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
<mailto:isapros-bounce@xxxxxxxxxxxxx%5d>  On Behalf Of Steve Moffat
Sent: Friday, January 12, 2007 12:12 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: ISA, Exchange 2007 and Perimeter Networks

Ahh...just had a thought.
 
It's all labeling.
 
Jason, and others (not Jason's fault), have been using the term DMZ.
 
Historically, is the term DMZ not taken literally as being completely
firewalled off from the trusted networks, and what Jason is talking
about is trusted network segmentation.
 
I betcha that's why the Exchange team don't support it...they think it's
a typical run of the mill DMZ...
 
Jim, isn't MS's Internal network segmented by usin ISA?? Including your
mail servers?
 
S 

All mail to and from this domain is GFI-scanned. 

 

 

• References:
  • [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
    • From: Thor (Hammer of God)

Other related posts:

• » [isapros] ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks
• » [isapros] Re: ISA, Exchange 2007 and Perimeter Networks

1. Home
2. isapros
3. Archive
4. 01-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---