Re: Questions on fail over
- From: Jim Prato <jprato@xxxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 7 Oct 2003 12:14:37 -0500
Thanks for the reply.
jp
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Friday, October 03, 2003 2:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Questions on fail over
http://www.ISAserver.org
ISA fails "closed".
If any of the ISA services fail (of which there are four), then that traffic
no longer passes.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "Jim Prato" <jprato@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, October 03, 2003 08:56
Subject: [isalist] Questions on fail over
http://www.ISAserver.org
Hi Guys,
I have been doing considerable research regarding the use of ISA to provide
internet mail services of EXCHANGE by either:
publishing RPC for OUTLOOK access or
publishing EXCHANGE server running OWA.
In either case we would have a PIX firewall, with single ISA server behind
it, and all MS machines (EXCHANGE, other F and P, and DCs) behind it.
It has been stated that PIX fails closed and the question asked what if ISA
fails? How does it fail: open or closed?
Based on my research and taking note in the certifications ISA has earned, I
conclude it must fail closed, but that is not officially substantiated.
I feel confident in proposing one of these solutions, but I find myself
needing more compelling evidence to present to my peers and management.
Opponents to my proposal are calling for WEB MAIL or SQUIRREL mail in a
perimeter network, on either an MS IIS or LINUX APACHE machine.
I have taken MS ISA training, bought the books (including ISA ISA and BEYOND
and EXCHANGE 2000 24/7), monitored discussion on this list for several
months, and tried to gather as much information as I possibly can.
I have the MS TechNet article regarding the use of ISA to publish RPC and
reduce its vulnerabilities and associated top 20 (10 MS and 10 UNIX)
vulnerabilities list.
Any comments or direction greatly appreciated; or a pole.
Thanks.
jp
Jim Prato
MS LAN and E-Mail Administrator
Texas State Library
512-463-5451
JPrato@xxxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
All mail from this domain is virus-scanned with RAV.
www.ravantivirus.com
^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jprato@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
