ISA 2000 Questions!
- From: tim S <tim724342@xxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 12 Aug 2004 11:39:42 -0700 (PDT)
I am fairly new to the ISA 2000 server. I am already reading few books
(except Tom Shinder's books, which I couldn't find any in my local Barnes and
Noble or other stores). Each time I read an ISA book, I come away with more
questions and confusion. So, if someone can address the following potential
FAQ questions, I would really appreciate it.
1) What exactly is the difference between SecureNAT(snat) and Firewall clients?
The only thing that I seem to grasp is that firewall client allows you to log
authentication information, accepts requests from Winsock apps and performs DNS
lookup itself.
2) Do snat and firewall clients contact firewall service on the ISA server or
each has its own service to contact in ISA.
3) And once they make contact with firewall service, if the request is for
webpage, do they always use HTTP redirector? If I disable the HTTP redirector,
how snat and firewall clients send out http request to internet assuming
webproxy client is not configured on these clients?
3.1) I read somewhere eventhough incoming request came from different external
NIC IP number, any outgoing response always goes out using the primary external
NIC IP. Is my understanding correct? If it is, how the internet clients know
that the response it receive is from correct source?
4)Do webproxy, firewall and snat clients have to go through the same rules and
policies before going out to the internet?
I mean do they go through each of the following policies each time a request
was made from internal clients?
a) protocol rule
b) Site and content rule
c) IP packet filterings
5)Can I still access HTTP pages on the internet, if I disable the webproxy
service? Or is web proxy service an absolute requirement for any internal
clients to go out to the internet websites?
Thank you
---------------------------------
Do you Yahoo!?
Express yourself with Y! Messenger! Free. Download now.
Other related posts:
