RE: Bluecoat Dupes ISAserver.org to Promote False Adver tising and Fraudulant Claims
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 6 Feb 2006 11:50:09 -0600
Inline...
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder>
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx]
Sent: Monday, February 06, 2006 7:41 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Bluecoat Dupes ISAserver.org to Promote False
Adver tising and Fraudulant Claims
http://www.ISAserver.org
Well, I am a part time ISA firewall admin. However I do see some stuff
that is wrong myself.
1) "It runs on Windows hence you have to deal with security issues
of the whole platform"
This is debatable, but certainly not a major issue.[Thomas W. Shinder]
Agree. The "runs on Windows" is BS. Otherwise, you could say the same
thing about your Exchange/SQL/SMS/etc servers. And with ISA installed,
nothing gets on the box unless you allow it.
2) No visibility into SSL traffic.
Wrong, no? I thought it was passed to the HTTP traffic filter at the
Proxy endpoint...[Thomas W. Shinder] The morons at Bluecoat must have
never heard of ISA firewall's SSL bridging feature!
3) No ability to Manage P2P/IM.
I'm not sure what they mean, unless they provide layer 7 inspection of
P2P and IM protocols...[Thomas W. Shinder] You can do it without
add-ons, and if you extend the ISA firewall with third party products,
you get the same level of control as Bluecoat.
4) Limited policy control
That, I disagree with. With the amount of dirty fingers ISA can have
deep inside the active directory and windows pies when using
fwclient...[Thomas W. Shinder] Ha! This is really where they stuck both
feet, both hands, and that other thing (they must have very flexible
spines) in their mouths. ISA provides more granular access control than
any other firewall that I'm aware of, bar none. Only the abjectly
clueless could have made such an assertion.
5) Performance abilities are limited.
I have no idea really - however I don't trust "independent paid-for
analysis", especially when you bring up two of them. I don't trust them,
ever, especially if they're from Yankee, after the "get the facts"
bulls**t campaign.[Thomas W. Shinder] Yep, and performance is so easily
manipulated, that its a meaningless asseration. Get me a Bluecoat box
and I'll build an ISA box with the requisite specs that will blow the
Bluecoat away. Its all entirely depending on your test protocol and the
hardware you throw at it.
So I am eagerly waiting for Tom to clarify things up at a more
experienced level :-)[Thomas W. Shinder] Already started and its going
to be fun.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
