RE: ISA Multi-Homed Requirement?
- From: "Mark Hippenstiel" <M.Hippenstiel@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 15 Dec 2003 22:30:04 +0100
This is not quite clear, I take it that until now you don't have ISA
installed, and the PIX provides the DMZ right? Are you planning to
replace the PIX? Also, it seems you have a specific setup already in
mind (as you're being told that you need a multihomed ISA), could you
tell us a bit more about that?
-----Original Message-----
From: Glenn Maks [mailto:gmaks@xxxxxxxxx]
Posted At: Monday, December 15, 2003 9:44 PM
Posted To: www.isaserver.org
Conversation: [isalist] RE: ISA Multi-Homed Requirement?
Subject: [isalist] RE: ISA Multi-Homed Requirement?
http://www.ISAserver.org
Here is one for you to know Mike, any network address range
defined in the LAT ( Local Address Table ) is considered by ISA to be
trusted, I only mention this because you made reference to your DMZ and
multi-homed ISA configuration, I would assume you would like to secure
both interfaces, so don't define what you want secure in the LAT.
-----Original Message-----
From: Mike Scott [mailto:mscott@xxxxxxxxxx]
Sent: Monday, December 15, 2003 3:34 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA Multi-Homed Requirement?
http://www.ISAserver.org
We are in the process of implementing an ISA server primarily to
secure
our Exchange traffic better than it is. We currently have our
Exchange
Server on our DMZ with entries in our Cisco PIX firewall to
allow the
inside network to see it and access it. We are being told that
the only
way to configure ISA for what we want would be to multi-home our
ISA
Server. Is that correct and if so, are there any security risks
we are
opening ourselves up to by having this configuration? I'm in an
office
that is becoming more and more paranoid regarding our security
setup and
they've been told over and over that multi-homing is bad...Any
light you
could shed would be great.
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: gmaks@xxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: isaserver@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
