RE: Any Updates on the Book ?
- From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 24 Sep 2004 00:27:18 -0700
And you think your special? He went and published the 2000 ISA and Beyond
book before I gave him the chapter on Site to Site ISA to Sonicwall.
Oh wait, that is still not working.
;)
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -----Original Message-----
> From: josephk [mailto:josephk@xxxxxxxxx]
> Sent: Thursday, September 23, 2004 1:53 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Any Updates on the Book ?
>
> http://www.ISAserver.org
>
> I've not even completed my chapter on SQL yet for Thomas! How can he
> publish his book
> Without that chapter??
>
> Thank you,
>
> Joseph
>
> -----Original Message-----
> From: Aman Bedi [mailto:gurkirpal.bedi@xxxxxxxxxxx]
> Sent: Thursday, September 23, 2004 1:52 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Any Updates on the Book ?
>
>
> http://www.ISAserver.org
>
> Hey Tom
>
> Hows your book coming along ?
> When can we expect it in our hands ?
>
>
>
> Scanbuy Inc
> Aman Bedi | Systems/Network Administrator
> 54 West 39th Street, 4th Floor, New York, NY 10018 | Fax +1(212)
> 202-4318 | Phone +1(212) 278-0178 ext 234 | www.scanbuy.com
>
> PRIVILEGED & CONFIDENTIAL
> The information contained in this email message is intended only for use
> of the person or entity to whom it is addressed. The contained
> information is CONFIDENTIAL and LEGALLY PRIVILEGED and exempt from
> disclosure under applicable laws. If you read this message and are not
> the addressee, you are notified that use, dissemination or reproduction
> of this message is prohibited. If you have received this message in
> error, please notify the sender immediately.
> ------------------------------------------------------------------------
> ----
> ------------------------------------------------------------------------
> ----
> -------------------------------------
>
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Thursday, September 23, 2004 4:42 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Front End Firewall
>
> http://www.ISAserver.org
>
> Hi Stephen,
>
> It doesn't matter where you put it -- front-end, back-end, unihomed,
> trihomed, in the basement or co-lo ISP -- its still going to be the
> hardest box on your network. The templates don't confer any magic, they
> just create some network rules and default policy.
>
> I will guarantee that the ISA firewall is just as secure, and easily
> arguable more secure, than the Sonicwall. But like all firewalls, you
> need to understand how they work to get the most out of them. Out of the
> box, no one is getting into your network or to the Internet, they also
> aren't going to get to the ISA firewall either.
>
> Remember, the Templates ARE NOT SMART -- YOU ARE SMART. Learn how the
> ISA firewall works and you'll beat the pants of the templates!
>
> HTH,
>
> Tom
> www.isaserver.org/shinder
> Get the book!
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7 MVP -- ISA Firewalls
>
>
>
> -----Original Message-----
> From: Stephen Herrera [mailto:sherrera@xxxxxxxxxx]
> Sent: Thursday, September 23, 2004 3:15 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Front End Firewall
>
>
> http://www.ISAserver.org
>
> Hi Tom,
> I setup the server with the vanilla install and imported my rules and
> they all work. This is not how I really want to install my ISA server
> though. I like the fact of being able to set it up giving it the
> knowledge of where it lies on the network. Setting it up this default
> way makes me wonder what security I am giving up by not having it know
> that it is the front end firewall. Almost as if I am duping it into
> working. Plus, I would rather install it correctly the first time rather
> than try and make a huge type of configuration change later on down the
> line.
>
> What doesn't make sense to me or the knowledge I am lacking is that even
> when ISA server itself creates its own rule for the perimeter network to
> have unrestricted external access the traffic is still not allowed to
> pass. I have finally convinced my corporate office to drop Sonicwall and
> switch to ISA and I would really like to have this understood before I
> go out there and implement it for them.
>
> Steve
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Thursday, September 23, 2004 11:29 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Front End Firewall
>
> http://www.ISAserver.org
>
> Hi Stephen,
>
> The templates are useful if you already know what you're doing. They're
> less useful if you don't already know how everything works.
>
> Try setting your Network Rules and Access Rules manually and see how
> that works.
>
> HTH,
>
> Tom
> www.isaserver.org/shinder
> Get the book!
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7 MVP -- ISA Firewalls
>
>
>
> -----Original Message-----
> From: Stephen Herrera [mailto:sherrera@xxxxxxxxxx]
> Sent: Thursday, September 23, 2004 1:15 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Front End Firewall
>
>
> http://www.ISAserver.org
>
> Ok I thought I was going crazy trying to setup my Front End ISA2k4
> Firewall in a back to back setup. It seems by default no matter what
> rules I put in the perimeter network (DMZ) will not be allowed any
> access out. I went through the template wizard and selected the open all
> traffic just to test this theory and even though it created the rule DMZ
> traffic was not allowed access to the Internet.
>
> I then ran the template again using the back end firewall (all same ip
> schemes) and now that ISA believe my private IPs were internal not
> perimeter everything worked fine. What am I missing to be able to allow
> my DMZ to go out?
>
> Steve
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> sherrera@xxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gurkirpal.bedi@xxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading
> Network Software Directory: http://www.serverfiles.com No.1 Exchange
> Server Resource Site: http://www.msexchange.org Windows Security
> Resource Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
