RE: OWA Publishing

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 4 May 2005 09:50:07 -0500

Hi David,

But then you lose out on the HTTP filtering done at the firewall if you
don't use SSL to SSL bridging. The ISA firewall is an "approved" man in
the middle, so its OK. Better to have an approved man in the middle then
no man at all who inspects the traffic before the attack hits the SSL
site.

Thanks! 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: David Farinic [mailto:davidf@xxxxxxx] 
Sent: Wednesday, May 04, 2005 9:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA Publishing

http://www.ISAserver.org

One of the reasons for SSL deploying is protection against man in the
middle attacks. SSL bridging might downgrade this protection/feature of
SSL we getting. 

My general advice is to enable only SSL sites you trust and disable rest
of them as it might be security wormhole. Another approach is to check
certificates of SSL sites accessed via ISA server (possible without SSL
bridging) 


Regards DavidF


-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, May 04, 2005 4:15 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA Publishing

http://www.ISAserver.org

Hi Jim,

There's got to be a way to do this. That's one of the major coolnesses
of SSL to SSL bridging. 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

  
This mail was checked for viruses by GFI MailSecurity. 
GFI also develops anti-spam software (GFI MailEssentials), a fax server
(GFI FAXmaker), and network security and management software (GFI
LANguard) - www.gfi.com 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing

1. Home
2. isalist
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---