Hi John, Good point. It does bring up an interesting design issue. What traffic on a University network is secure? Even if you put the students on a DMZ public segment or "low security" segment maybe has a UPnP NAT in front of it, what about the student network? I can't image that any network that has students on it would be secure, as I'm sure they aren't exactly keenly aware or concerned with network use policy. Perhaps the best way to do things is to put the students on their own protected segment, which is away from any departmental resources and away from the Internet and the games segment. Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Monday, June 09, 2003 1:52 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA Online Gaming Help http://www.ISAserver.org > That said, I don't envy University firewall admins -- if the school > administration tells them that they must allow the students to play > games from behind the firewall, then you have to do what they tell you. > And then when the bandwidth situation deteriorates and whatever worm, > virus, exploit etc. comes on down through these gaming ports, then the > University admin takes the heat for that too. Exactly why I brought up about setting up a special room, on a different PHYSICAL network, behind a separate firewall and not behind the main firewall. That way, they are PHYSICALLY separated from the rest of the network and can do no harm. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')