RE: Kind of OT: Software-based vs. Hardware-based Firewall
- From: "Han Valk" <Han.Valk@xxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 19 Oct 2004 09:15:24 +0200
I'm very disapointed at ISA2004. I thought Microsoft would have build in the
possibility to disable the #%$&$ NAT which they didn't at least not at the
cost of loosing filtering at the higher levels. Therefore in my opinion it
makes ISA2004 less suitable as an edge firewall in a scenario that uses a DMZ
between 2 firewalls. That so called routed is still NAT. I don't like the
argument that in the 'routed' scenario the ip-adresses are 'hidden' from the
internet, that is security by obscurity which is poor man's security.
Han.
> -----Original Message-----
> From: Ara.A [mailto:ara@xxxxxxxxxx]
> Sent: Tuesday, October 19, 2004 00:17
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Kind of OT: Software-based vs.
> Hardware-based Firewall
>
> http://www.ISAserver.org
>
> Wow. Nice article Tom
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: October 18, 2004 11:30 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Kind of OT: Software-based vs. Hardware-based
> Firewall
>
> http://www.ISAserver.org
>
> Hi Nef,
>
> Tell you boss to read it an weep :-)
>
> http://isaserver.org/articles/2004tales.html
>
> HTH,
>
>
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
> -----Original Message-----
> From: nperez@xxxxxxxxxxxxxxx [mailto:nperez@xxxxxxxxxxxxxxx]
> Sent: Monday, October 18, 2004 11:20 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Kind of OT: Software-based vs. Hardware-based
> Firewall
>
> http://www.ISAserver.org
>
> I'm trying to answer my boss' argument that hardware based firewalls
> (such
> as Cisco and Watchguard) have no real advantage over a software based
> firewall, such as ISA. My opinion (and this is just my
> opinion!) is that
> hardware based firewalls do have an advantage in terms of security and
> speed. It is more scalable, better throughput, faster then
> most software
> solutions, and no OS (Windows) which can have holes & bugs! We have a
> remote site that we connect to and I think implementing a
> hardware based
> firewall will enhance our security and throughput. We
> currently have it
> setup ISA to ISA on both ends.
>
> I know there will be some bias here - after all this is an ISA forum!
> But
> can anyone shed some light on this? Or direct me to some good
> resources?
> I
> didn't find much on isaserver.org.
>
> Thanks!
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> ara@xxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: han.valk@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
Other related posts:
