> I hate to say so, but there is some truth to his statements. > How many times have we heard the cry of "why can't ISA protect me from > an internal virus attack?" That is the whole point that people such as the infamous Andrew does not understand, security must and is a multi tied and layered approach. Can you believe this, a self appointed computer geek that is on the radio here in Southern California had the gall to tell a caller that if you have a good properly setup firewall and you do not open e-mail attachements and you watch what you do and where you go, then yes you do not have to have AV on the desktop. Of course, this is the same person that has said on the radio that a simple DSL router doing NAT is a form of a firewall as NAT is an element of a firewall. What a bunch of crock. > 1. responding to every user who says "do it for me" with one weirdzard > or another Exactly why I would jump on people asking "please tell me what to do". > 2. marketing products as if they're the be-all, end-all of your security > technique Of course, having such easy requirements to becoming a Certified Partner and then have all that software for your use does not help either. I have a feeling that 25% of the people/companies out there "playing" with Exchange and ISA are doing so because "hey it is included in our package so we do not have to buy/pay/host some one for it so lets use it." Gee, I wonder what would happen if all of those Certified Partners were audited for server licenses and license usage. John T eServices For You