That's what I was thinking. Although, I have no problems going through the wizards. What I have a problem with is the dumb*ss defaults that are used. The "supportability" thing is a canard at best, and I won't say in mixed company what it is at worst. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Steve Moffat [mailto:steve@xxxxxxxxxx] > Sent: Monday, November 21, 2005 1:56 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA on SBS webcast > > http://www.ISAserver.org > > I have done it both ways....Takes an hour longer, but as the > total setup > time is a fixed rate...it don't cost the customer any extra... > > Steve > > -----Original Message----- > From: sbradcpa@xxxxxxxxxxx [mailto:sbradcpa@xxxxxxxxxxx] > Sent: Monday, November 21, 2005 2:12 PM > To: ISA Mailing List > Subject: [isalist] ISA on SBS webcast > > http://www.ISAserver.org > > Man the stereotypes in these threads :-) > > A couple of things of interest here.... > > At SMBnation last year Mike Iem asked someone from the ISA > team [not Jim > I'm sure prob dark side of marketing] to represent ISA at > SMBnation but > they didn't accept [I don't know if a booth fee was involved or not > ...just that there wasn't any ISA representation other than > Jim Harrison > and Amy and the rest of us going 'man...you should have > presented...why > was Sonicwall here?' > > ISA 2004 is finally a platform that the SBS consultant doesn't have to > read Excel files to figure out what's going on. ISA 2000 > wasn't ready. > 2004 is. You are seeing a maturing of ISA that finally has > the balance > of flexibility and monitoring/logging so that it makes sense now. > > You can see it in the marketplace as well, folks aren't going > ...oooh.... > ISA....isn't that hard? Now they are saying ...hey the cool stuff in > the monitoring tab and other such things..... > > Yes folks, this is about supportability. You don't own that SBS box, > you have a fiduciary responsibility to that business owner to > install a > system in a manner that Mothership Los Colinas doesn't go > "what the heck > did you do with that SBS setup?' > > I challenge all of you to take a SBS box [vmware or vpc] install it > with duhfaults [as a friend of mine would say on another > listserve] and > run the Connect to Internet wizard. > > Now... take a SBS box and stand it up manually...no wizards... all by > hand. > > Okay now calculate a bill and present each one to your customer. > > Which one is that client going to pay for? > > How much more security is he getting? > > Questions to ask yourself... is the manual method so much more secure > that > the client is willing to pay for your time? Open up the icwtext.log > file > and see the umpteen selections there. Can you honestly say that a > totally manual method is vastly superior over the using the wizard and > then adjusting to the clients needs? > > If the client is that keen on a secure setup... then more than likely > they'd be spending the money on additional hardware and operating > licenses to split services and what not. > > The 'balanced way' is to stand it up with the wizards and 'then' you > tweak. You get that box up to a known state and then you start adding > your needs. > > As an example....I have yet to be convinced that naming a SBS box > anything other than .local gives me any more choices for configuration > than I already have. Again, we're dealing with a small > business and for > the vast majority of them, I'm not seeing that they benefit from > deviation from the install routine. > > Once they are built... then yes, start building your own rule sets, > adjusting whatever you'd like, but I guess I'm just not convinced that > not using them is of benefit both in terms time spent to > manually setup > a SBS box and then to ensure it's been set up appropriately. > > Understand the wizards, but you'd be hard pressed to convince me that > not using them provides any greater benefit, value for what > you get and > bang for the buck. > > Like someone said on the Focus on MS list... let's stop with the > religious > wars. These days a firewall runs on an operating system. > One that can > be secure or insecure depending on how you set it up. > > I would still argue that for that business owner, you stand > up that SBS > box with the defaults and then you adjust. > > Make no mistake about it those in the SBS world are still fighting the > one nic/Sonicwall marketplace, but there are more and more folks that > never installed ISA 2000 that are now looking at ISA 2004 with an open > mind. > > In my opinion, the battle is now for my desktops... and my > battle is for > line of business apps that can't code worth a darn. > > There's a zero day IE exploit posted on www.incidents.org and > folks are > saying "quick run to Firefox". Uh.. how about we ensure that we are > taking the long term view of moving our desktops to LUA, for > now running > with IE in high security or using Michael Howard's Drop My Rights, and > then go beating up on vendors that can't code worth a darn. > > How about I ask again and all of us...including myself... start again > with an open mind. > > Drop the stereotypes and assumptions and start fresh. > > How about we attempt to understand each others viewpoints and the > marketplaces they are addressing? > > Susan > > > > Very well put! > > Joseph F. Danielsen, > MCSA - Exchange Messaging Specialist, MCP Network Blade Inc. > 49 Marcy Street > Somerset, NJ 08873 > 732-213-0600 > www.networkblade.com > > > > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Monday, November 21, 2005 9:16 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: ISA on SBS webcast > > http://www.ISAserver.org > > Hi Amy, > > Indeed! Acutally, I was quite surprized by their overall low level of > network awareness. > > That's why I was really getting into that SBS series on the > ISAserver.org site and doing the analysis on what I thought > was going on > with the installation routine and explaning the meaning of the options > to the folks. My take on things is that just 'cause someone > doesn't know > something doesn't mean he can't learn, and I wanted to make the > opportunity available to learn about some interesting and important > networking concepts, using the ISA firewall install and management as > the framework. > > But then I hear that SBS is about running wizards and never deviating > from them and the cr*ppy defaults they use, all for "supportability" > reasons, and then end up dealing with a fraternity of folks > like from a > CM Kornbluth novel pounding on me for providing forbidden information. > > Who knows, I might go back into that space in the future. > There's people > like you, and Joseph, and heck ME who actually deploy this thing for > people who aren't interested in being the lowest common denominator. > > Tom > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > **Who is John Galt?** > > > > > -----Original Message----- > > From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] > > Sent: Monday, November 21, 2005 7:38 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: ISA on SBS webcast > > > > http://www.ISAserver.org > > > > Let's just say that year before last when you graciously > wrangled me a > > > ticket into SMBNation it opened my eyes. I heard plenty of > pretty dumb > > > things about ISA that weekend and I thought to myself, where have > > these people come from? Then I thought, hey I'm pretty > smart! I didn't > > > know anyone cared about SBS but me. I wasn't quite as bad > as my friend > > > Mike "the island" (last name withheld) but I wasn't aware > that there > > was such a tight SBS community. I came in completely > innocent and left > > > completely appalled at the level of ISA ignorance. > > > > The tide has turned. There is a tremendous thirst for ISA knowledge > > among SBS consultants right now. > > > > Amy > > > > Harbor Computer Services > > Small Business Computer Specialists > > > > Client Blog: http://smalltechnotes.blogspot.com/ > > Tech Blog: http://isainsbs.blogspot.com/ > > Website: http://www.harborcomputerservices.net/ > > > > > > > > -----Original Message----- > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > > Sent: Sunday, November 20, 2005 6:24 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: ISA on SBS webcast > > > > http://www.ISAserver.org > > > > Looks like Amy is a supporter of Jim Harrison's Blue Ribbon > Campaign: > > > > http://www.msfirewall.org/isa2004/jimssbswork.htm > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org > > Blog: http://spaces.msn.com/members/drisa/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > > > -----Original Message----- > > > From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] > > > [mailto:sbradcpa@xxxxxxxxxxx] > > > Sent: Sunday, November 20, 2005 4:08 PM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] ISA on SBS webcast > > > > > > http://www.ISAserver.org > > > > > > Amy Babinchak's ISA 2004 "taco talk" is now available for viewing: > > > http://msmvps.com/bradley/archive/2005/11/20/76038.aspx > > > > > > Microsoft Office Live Meeting - View A Recording: > > > https://www120.livemeeting.com/cc/winserver_usergroup/view?id= > > > Q78FXW&pw=SqPq4%60P > > > > > > > > > Live meeting recording thanks to the WinServer community > group who > > > also is bringing you www.theworkingnetwork.com > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org > Discussion List > > > as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > isalist@xxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >