RE: Connection Issue
- From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 29 Aug 2003 11:07:36 -0700
True, good points. It all comes down to what a MS security tech told us at a
conference. Security is like a triangle, with the points being cost,
functionality and security. Some where in the triangle is the point for each
company. Our job is to find that point.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-----Original Message-----
From: Quillman Shawn (RBNA/CIT1.1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx]
Sent: Friday, August 29, 2003 10:14 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Connection Issue
Due to obvious security issues I won't discuss the configuration of our
corporate firewalls. However, there is quite an advantage to having a
multiple-system firewall. A vulnerability of one system is typically not
going to be a vulnerability in another system so your protection against
attack is greatly increased with mixed systems. ISA can handle itself, I
agree. But if/when something does get through ISA another wall behind it
would give admins more time to react to the breach before the internal
network is compromised. Same reason they built castles with an outer wall.
The biggest question then is how willing is your company to throw the
required resources at a multiple-system firewall? More systems require more
money and they add a great deal of complexity to the solution. From a pure
security standpoint it is the best solution. You just have to weigh it
against your purse and your corporate culture.
-Shawn
-----
Other related posts:
