RE: Removing Terminal Services from an ISA system

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 7 Nov 2003 11:31:31 -0600

Hi Bakari,
 
AV products marketed for ISA are typically inspecting traffic passing
through the firewall, not files located on the firewall.
 
HTH,
Tom
 
 
Thomas W Shinder
www.isaserver.org/shinder <http://www.isaserver.org/shinder>  
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp> 

 
        -----Original Message-----
        From: Bakari Allen [mailto:bakari.allen@xxxxxxxxx] 
        Sent: Friday, November 07, 2003 11:29 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: Removing Terminal Services from an ISA
system
        
        
        http://www.ISAserver.org
        
        Maybe I am grabbing the donkey by the tail here, but are you
suggesting that the ISA-aware AV products should not be installed on the
firewall to protect the network or just to protect the firewall itself?
         
        Bakari Allen
        ballen@xxxxxxxxx
         
        -----Original Message-----
        From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
        Sent: Friday, November 07, 2003 10:54 AM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: Removing Terminal Services from an ISA
system
         
        http://www.ISAserver.org
        Hi John,
         
        Excellent point. Maybe I should rethink my approach to AV on the
firewall. I figure that if no one has write access to the firewall from
a network location, and I don't run any client software on the firewall,
that I should be fairly safe. Can you think of a scenario that would
allow a virus onto the box given those parameters?
         
        (excluding the possibility that someone brings a virus infected
CD, floppy or USB "drive" to the firewall)
         
        Thanks!
        Tom

Other related posts: