Re: ISA Server & AD

  • From: Thor@xxxxxxxxxxxxxxx
  • To: isalist@xxxxxxxxxxxxx
  • Date: Thu, 2 Aug 2001 10:11:31 -0700

Assuming that the box will also be facing the Internet, it would be pretty

If anything happened to the Firewall service, then you would basically be
wide open.  Granted, I do not know of any current attacks out there on ISA,
but that does not mean they won't be found.

If I can camp out in your DC, not only do I own all the accounts and other
AD info, I can programmatically execute Group Policy elements that hose the
entire network all at once.

The only thing the client saves is a little money, but, to me anyway, they
would be taking an unnecessary risk.

Attonbitus Deus

----- Original Message -----
From: "Paul Nuernberger" <pen@xxxxxxxxx>
To: "[ Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, August 02, 2001 9:35 AM
Subject: [isalist] ISA Server & AD

> A customer wants to run ISA Server on the same W2k server that is his AD
> primary controller.
> I've not found any direct information re: this issue. Can anyone on the
> list point out the various pro's & cons of doing this ?
> I'm still on the front side of the learning curve of ISA Server (run lots
> of *nix firewalls), so any help is greatly appreciated.  I already use (&
> rely heavily upon) - super useful site.
> Paul Nuernberger
> Manager
> BARON Computers Inc.
> ------------------------------------------------------
> You are currently subscribed to this Discussion List as:
> To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts: