RE: Question for the Gallery regarding VPN access

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 20 Jul 2005 10:29:46 -0500

I thought you liked Licorice? ;-)

Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
> Sent: Wednesday, July 20, 2005 10:21 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Question for the Gallery regarding VPN access
> 
> http://www.ISAserver.org
> 
> Yeh - and you're a terrible landlord, too...
> ;-p
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org
>    Read the help / books / articles!
> -------------------------------------------------------
>  
> 
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
> Sent: Wednesday, July 20, 2005 06:44
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Question for the Gallery regarding VPN access
> 
> http://www.ISAserver.org
> 
> Hi Jim,
> 
> GREAT! Its funny that I never thought of this until after I asked the
> question re: Server Publishing Rules. And here you mirrored 
> the thought
> I had for the first time today.
> 
> You're not one of the voices in my head, are you?
> 
> Tom
> www.isaserver.org/shinder
> Tom and Deb Shinder's Configuring ISA Server 2004
> http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
>  
> 
> > -----Original Message-----
> > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
> > Sent: Wednesday, July 20, 2005 8:15 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Question for the Gallery regarding VPN access
> > 
> > http://www.ISAserver.org
> > 
> > 1. stop trying to server-publish file shares (and web shares)
> > 2. use raw protocols that don't tolerate NAT (SvrPub)
> > 3. authenticate the user (SvrPub can't)
> > 4. reduce the ISA (and upstream) attack surface
> > 5. quarantine, baby!
> > 
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
> > Sent: Wednesday, July 20, 2005 6:03 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Question for the Gallery regarding VPN access
> > 
> > http://www.ISAserver.org
> > 
> > Hey guys,
> >  
> > I want to do an article on how you can use the ISA firewall 
> to provide
> > fined-tuned access control for VPN users.
> >  
> > To make is as topical as possible (within the limits of my 
> > abilities and
> > time), what are the top three reasons for you to give users 
> VPN access
> > to your network instead of creating Web or Server Publishing Rules?
> >  
> > Thanks!
> > Tom
> > www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
> > Tom and Deb Shinder's Configuring ISA Server 2004
> > http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
> > MVP -- ISA Firewalls
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org 
> Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > All mail to and from this domain is GFI-scanned.
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
>

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 07-2005