[isalist] Re: New Articles on Tales

• From: Jim Harrison <Jim@xxxxxxxxxxxx>
• To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 17 Aug 2009 13:08:38 -0700

http://www.ISAserver.org
-------------------------------------------------------

Not really - she's just stating the truth.
Remember - the majority of her clients are SBS / EBS folks.
These are the one that typically say "just make it work and oh, by the way - 
keep us secure if you can".
These folks have neither the time nor the inclination to become security-aware; 
much less expert other than depending on their firewall / proxy / AM solutions 
and the people (like Amy) that they hire to watch over them.

Frankly, I don't think you, Tim or I could survive as an SMB consultant; it 
takes a special person to derive actionable specification (much less 
satisfaction) from a "just do me right" customer requirement.  Come to think of 
it, we couldn't survive in the community as "those security guys"...  What does 
that say about us, I wonder..?


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Steve Moffat
Sent: Monday, August 17, 2009 9:58 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

That's a terrible response from you, an MVP at that too.  We "should" all be 
pro's like Tim. I do my best and at least I have "all" my clients using ISA....

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Amy Babinchak
Sent: Monday, August 17, 2009 12:59 PM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

The end user does care about security, just not in the same way that pros like 
you do. I've no problem with a least privilege discussion provided there's room 
for the rest of us living in a slightly different reality.

thanks,

Amy


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Thor (Hammer of God)
Sent: Monday, August 17, 2009 11:29 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Sure, but I was hoping the conversation could be escalated out of the "crazy 
man with one box" stories and on to the business models that drive the product 
we're all talking about.  The "oh just bolt TMG on it and it will be more 
secure" mentality keeps it in the realm of a host-based firewall toy; something 
I've been fighting against for years.

But you know, at least the guy was concerned about security.  It think there is 
a lesson there too.  Everyone saying the end user doesn't know and doesn't 
care, and yet we've got a guy who gives a damn enough to go out of his way and 
deal with the PITA of only having one box on the internet because of security.  
Crappy solution, but at least he was looking for one.

t

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Amy Babinchak
Sent: Monday, August 17, 2009 8:08 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Secure is in the eye of the beholder, isn't it? I talked a business owner that 
only allows 1 PC to be connected to the Internet because he wants his network 
to be secure. You want to send an email, you walk over and sit down at the 
"internet" computer. It's security vs function and ability to manage. Not every 
company has a Thor.

thanks,

Amy Babinchak

Harbor Computer Services | 248-850-8616 | Mobile 248-890-1794

Phone Number: 248-850-8616

Web   http://www.harborcomputerservices.net
Client Blog   http://smalltechnotes.blogspot.com
Tech Blog   http://securesmb.harborcomputerservices.net

Buy My House: http:// www.HomesByOwner.com/15490

Are you an IT Pro?  http://www.thirdtier.net


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Thor (Hammer of God)
Sent: Monday, August 17, 2009 10:55 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Oh, well if MSFT released it like that, then it must be secure.  Sorry, my bad.

t

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Amy Babinchak
Sent: Monday, August 17, 2009 5:41 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Doesn't matter really. The point is that Microsoft has a released firewall 
product called TMG with the EE installed on the domain member server. It's the 
same enough.

thanks,

Amy Babinchak

Harbor Computer Services | 248-850-8616 | Mobile 248-890-1794

Phone Number: 248-850-8616

Web   http://www.harborcomputerservices.net
Client Blog   http://smalltechnotes.blogspot.com
Tech Blog   http://securesmb.harborcomputerservices.net

Buy My House: http:// www.HomesByOwner.com/15490

Are you an IT Pro?  http://www.thirdtier.net


-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Steve Moffat
Sent: Monday, August 17, 2009 8:38 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Not the same TMG....

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Amy Babinchak
Sent: Monday, August 17, 2009 9:35 AM
To: ISA Mailing List
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Microsoft has a released product where the TMG (with EBS) also running the 
Exchange 2007 Edge role is a domain member.

thanks,

Amy Babinchak

Harbor Computer Services | 248-850-8616 | Mobile 248-890-1794

Phone Number: 248-850-8616

Web   http://www.harborcomputerservices.net
Client Blog   http://smalltechnotes.blogspot.com
Tech Blog   http://securesmb.harborcomputerservices.net

Buy My House: http:// www.HomesByOwner.com/15490

Are you an IT Pro?  http://www.thirdtier.net

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Han Valk
Sent: Monday, August 17, 2009 1:37 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org
-------------------------------------------------------

Ok I understand, that still leaves the point that some 'official' guidance from 
Microsoft would be nice.

Han.

________________________________
From: isalist-bounce@xxxxxxxxxxxxx [isalist-bounce@xxxxxxxxxxxxx] On Behalf Of 
Jim Harrison [Jim@xxxxxxxxxxxx]
Sent: Sunday, August 16, 2009 4:32 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org<http://www.isaserver.org/>
-------------------------------------------------------

There is no "always" or "never" to either of them. It's situational and 
requires that the deployment team perform their own threat modeling.
Exchange supports placing the edge role on a WG server to appease the "no 
domain members at the edge" tinfoil hat crowd, but when you combine it with 
TMG, the attack surface and thus the perceived threat of having the Exch edge 
role as a domain member is greatly reduced; even over that offered by Windows 
Firewall policies.

Jim

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Han Valk
Sent: Saturday, August 15, 2009 11:54 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: New Articles on Tales

http://www.ISAserver.org<http://www.isaserver.org/>
-------------------------------------------------------

As far as I know Exchange Edge is to be installed on a workgroup server while 
TMG does its best job when domain joined. So this is a bit of a contradiction 
to me. I would love to see guidance from Microsoft on that. Maybe this can be 
added to the Q&A in Understanding Email Protection on TMG.

Han.


> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jim Harrison
> Sent: Sunday, August 16, 2009 00:35
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] New Articles on Tales
>
> http://blogs.technet.com/isablog/archive/2009/08/15/new-tales-from-the
> -
> edge-articles.aspx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com<http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com<http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


--
ExchangeDefender Message Security: Click below to verify authenticity 
http://www.exchangedefender.com/verify.asp?id=n7HCZOeB031684&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


--
ExchangeDefender Message Security: Click below to verify authenticity 
http://www.exchangedefender.com/verify.asp?id=n7HChniQ000721&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


--
ExchangeDefender Message Security: Click below to verify authenticity 
http://www.exchangedefender.com/verify.asp?id=n7HF7rbs004934&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


--
ExchangeDefender Message Security: Click below to verify authenticity 
http://www.exchangedefender.com/verify.asp?id=n7HFx3pN028517&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx

• Follow-Ups:
  • [isalist] Re: New Articles on Tales
    • From: Steve Moffat
  • [isalist] Re: New Articles on Tales
    • From: Greg Mulholland

• References:
  • [isalist] New Articles on Tales
    • From: Jim Harrison
  • [isalist] Re: New Articles on Tales
    • From: Han Valk
  • [isalist] Re: New Articles on Tales
    • From: Jim Harrison
  • [isalist] Re: New Articles on Tales
    • From: Han Valk
  • [isalist] Re: New Articles on Tales
    • From: Amy Babinchak
  • [isalist] Re: New Articles on Tales
    • From: Steve Moffat
  • [isalist] Re: New Articles on Tales
    • From: Amy Babinchak
  • [isalist] Re: New Articles on Tales
    • From: Thor (Hammer of God)
  • [isalist] Re: New Articles on Tales
    • From: Amy Babinchak
  • [isalist] Re: New Articles on Tales
    • From: Thor (Hammer of God)
  • [isalist] Re: New Articles on Tales
    • From: Amy Babinchak
  • [isalist] Re: New Articles on Tales
    • From: Steve Moffat

Other related posts:

• » [isalist] New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Han Valk
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thomas W Shinder
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thomas W Shinder
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Greg Mulholland
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Han Valk
• » [isalist] Re: New Articles on Tales- Steve Moffat
• » [isalist] Re: New Articles on Tales- Amy Babinchak
• » [isalist] Re: New Articles on Tales- Steve Moffat
• » [isalist] Re: New Articles on Tales- Amy Babinchak
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Jim Harrison
• » [isalist] Re: New Articles on Tales- Jerry Young
• » [isalist] Re: New Articles on Tales- Steven Comeau
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Amy Babinchak
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Amy Babinchak
• » [isalist] Re: New Articles on Tales- Han Valk
• » [isalist] Re: New Articles on Tales- Thor (Hammer of God)
• » [isalist] Re: New Articles on Tales- Andrew Hodgson

1. Home
2. isalist
3. Archive
4. 08-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---