RE: ISAserver behind a router
- From: Jesús Vargas Bellido <jvargas@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 24 Jul 2002 14:27:05 +0200
Ok. Not at all.
I think your next step will be autenthificate outgoing web request for your
user domains to control site, content and protocol outgoing requests in
function of w2000 group and/or users.
Be care with this. Enable integrated autenticathion in outgoing web request
(server propierties), basic autenticathion is unsecure due to clear passwd text
through your network.
SecureNAT clients don't send autenthication credentials and Firewall clients
credentials don't pass trough HTTP redirector filter, so the best choice is
using WebProxy clients for HTTP, HTTPS and FTP request. If you install the
firewall client this take precedence over WebProxy so you'll dehabilitate the
FW and SecureNAT trought HTTP Redirector Filter (Application Filters -> HTTP
Filter -> Discard firewall requests) in order to disable this requests and
force the Web Proxy client use.
With this configuration you'll lost the cache function for Firewall and
SecureNat clients but will be able to log and to control your web trafic using
Windows users and groups.
I like ISA. I think is a powerful tool but sometimes complex product. I got MCP
certification for ISA and can sure it to you.
What's about H.323 Gatekeeper? Would you like talk and see your partners,
clients, etc free of phone charges using NetMeeting. I'm using it and it's
pretty and easy.
Bye.
Other related posts:
