Re: ISA Multi-Homed Requirement?

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 15 Dec 2003 16:00:50 -0800

There are lots of DMZ options for ISA.
Check out the DMZ articles at www.isaserver.org for some details and ideas.
For instance, with ISA and RRAS / IPSec, there's no reason your DMZ has to
be external to ISA.
Since ISA has more application-layer smarts than most firewalls, you can
actually move away from the "tiered" DMZ model and create one more to your
business and security liking.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Mike Scott" <mscott@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, December 15, 2003 12:33
Subject: [isalist] ISA Multi-Homed Requirement?


http://www.ISAserver.org

We are in the process of implementing an ISA server primarily to secure
our Exchange traffic better than it is.  We currently have our Exchange
Server on our DMZ with entries in our Cisco PIX firewall to allow the
inside network to see it and access it.  We are being told that the only
way to configure ISA for what we want would be to multi-home our ISA
Server.  Is that correct and if so, are there any security risks we are
opening ourselves up to by having this configuration?  I'm in an office
that is becoming more and more paranoid regarding our security setup and
they've been told over and over that multi-homing is bad...Any light you
could shed would be great.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 12-2003