Hi Ara, NO. What he's saying is that you can benefit from additional application layer inspection. So-called "hardware" firewalls with simple stateful packet filtering definitely do not protect your network. So, you use ISA firewalls with AV, AS, etc. to complete the ISA firewall's role as a unified threat management device. But even without the additional stateful application layer inspection, its built-in layer 7 inspection makes is far more secure than simple hardware stateful filtering devices (some of which cost you over $30,000, although you get NetBEUI support with those 'advanced' firewalls) HTH, Tom www.isaserver.org/shinder <http://www.isaserver.org/shinder> Get the book! Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: Ara Avvali [mailto:ara@xxxxxxxxxx] Sent: Wednesday, October 06, 2004 8:40 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FW: Microsoft: Many Firewalls are leaking http://www.ISAserver.org So this follows my concern on forums that you can't just trust a single Microsoft solution and has to be mixed with other protections ________________________________ From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: October 6, 2004 9:34 AM To: [ISAserver.org Discussion List] Subject: [isalist] FW: Microsoft: Many Firewalls are leaking http://www.ISAserver.org ________________________________