To maximize security I am using the PIX on the outside, and the ISA inside the PIX between the PIX and the LAN. I am currently using this configuration for some 400 users The ISA caches and authenticates outgoing as well as providing a secondary security step. I also publish through the ISA implementing filters on the PIX for extra protection. There are several ways it can be done though. Don -----Original Message----- From: shivi [mailto:shivi@xxxxxxxxxxx] Sent: Sunday, 3 November 2002 11:20 PM To: [ISAserver.org Discussion List] Subject: [isalist] Integration with PIX http://www.ISAserver.org Hello There, I am in the process of Integrating ISA server with a PIX firewall and mainly wants the ISA server to provide caching. I have 2 designs in mind. Design 1 PIX with 3 interfaces in a DMZ mode. Interface 1-->Internet Interface 2-->Public servers (Email and web) Interface 3-->Local LAN Design 2 PIX with 2 interfaces Interface 1-->Internet Interface 2-->Local LAN Public servers between perimeter router and PIX public interface. Firstly, which interface gives the maximum security and efficiency? Secondly, where do a place the ISA server, which provides caching for the outgoing requests from the LAN. Thanks for your help guys. Shivi. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: dmccall@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This message is intended for the addressee named and may contain confidential information. If you are not the intended recipient, please delete it and notify the sender. Views expressed in this message are those of the individual sender, and are not necessarily the views of Baptist Community Services. 2