RE: SMS client running on ISA
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 15 Nov 2005 13:24:14 -0800
SMS is neither "network" or "security", but "management".
Installing an application on your firewall absolutely *must* account for all
requirements.
If your management needs violate your basic security policies, then you need to
seek another avenue; not weaken your security structure in the guise of
"simplifying management".
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Troy Radtke [mailto:TRadtke@xxxxxxxxxxxx]
Sent: Tuesday, November 15, 2005 13:03
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMS client running on ISA
http://www.ISAserver.org
I don't even really think it's that, it's more like comparing apples and
carrots....
Network guys (like me) need to make sure everything can talk
to/do/connect/run/save/import/export/wash windows/make coffee for everyone.
Security guys (like me) need to make sure everything is secure regardless
sometimes of what stops working.
The thing is that one hat (network) makes everything do as much as it can. The
other hat (security) makes things do as little as possible because you don't
want any funny business.
Are the hats mutually exclusive? No, but they do have to distinct agendas that
can be made into one. It sort of a cross between them, like a carapple.....
Probably tastier that one too......
Troy
CCNP & W2k3 GPO Wizard
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Tuesday, November 15, 2005 1:37 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SMS client running on ISA
http://www.ISAserver.org
Hi Eric,
So it sounds like an issue that needs to be run up into the CIO/CTO area. I
know I've had to deal with this in a few organizations I've worked with, and
that's when the "Dr. Know It All" comes of some help :) I'm going to work on
this and see what I can do, if anything, to this into the CxO mindspace.
Thanks!
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> Sent: Tuesday, November 15, 2005 1:30 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: SMS client running on ISA
>
> http://www.ISAserver.org
>
> Thanks Tom,
> You are 100% correct. I've had this problem for some time and was
> recently verified at a CISSP meeting that others around the country
> are experiencing the same issue. I'm thinking that problem starts
> with the Managers/Directors. The networking guys will do what their
> managers tell them or allow them to do, but if they are either not
> given boundaries or told to try and take care of security issues then,
> well, I think we all know what happens then. I guess the biggest
> problem I face is the fact that I'm running 20 to 1. I becomes
> difficult to push security issues when I have 20 networking guys not
> on the same page or just plain working against me. Oh well, enough
> whining for one day.
> Thanks again.
> _______________________________________________
> Eric Poole, CISSP
> Senior Information Security Analyst
> Community Medical Centers
> 1140 "T" Street, Fresno, California 93721
> 559-459-6784 (phone) 559-459-2045 (fax)
>
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Tuesday, November 15, 2005 10:59 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: SMS client running on ISA
>
> http://www.ISAserver.org
>
> Hi Eric,
>
> You bring up a very good point. It's something that's been bubbling
> under the surface for quite a while, but it's becoming extremely clear
> that "networking guys" are the weak link in the security chain, and
> management of firewalls and other security devices need to be wrested
> from them. At one time they might have been able to handle network
> security, but with their "open a port" mentality, its obviously that
> they can't handle the responsibility. There's still plenty for them to
> do, but anything security related really needs to be removed from them
> and assigned to those who understand the servers and services that
> require the protection.
>
> Thanks!
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
> > -----Original Message-----
> > From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> > Sent: Tuesday, November 15, 2005 12:54 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: SMS client running on ISA
> >
> > http://www.ISAserver.org
> >
> > Well, that's the reason I've been preaching...I thought it was good
> > enough, but you know those networking guys.
> > _______________________________________________
> > Eric Poole, CISSP
> > Senior Information Security Analyst
> > Community Medical Centers
> > 1140 "T" Street, Fresno, California 93721
> > 559-459-6784 (phone) 559-459-2045 (fax)
> >
> >
> > -----Original Message-----
> > From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> > Sent: Tuesday, November 15, 2005 10:43 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: SMS client running on ISA
> >
> > http://www.ISAserver.org
> >
> > Other than that it is a bad idea to have something else
> making changes
>
> > on your firewall without your knowledge or say I can not
> think of any
> > reason not to.
> >
> > John T
> > eServices For You
> >
> > > -----Original Message-----
> > > From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> > > Sent: Tuesday, November 15, 2005 9:14 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] SMS client running on ISA
> > >
> > > http://www.ISAserver.org
> > >
> > > Anyone know of any issues of the Microsoft SMS client being
> > installed
> > > on ISA?
> > >
> > > Thanks in advance.
> > >
> > > _______________________________________________
> > > Eric Poole, CISSP
> > > Senior Information Security Analyst Community Medical Centers 1140
> > > "T" Street, Fresno, California 93721
> > > 559-459-6784 (phone) 559-459-2045 (fax)
> > >
> > > -------------------------------------------------------
> > > WARNING/CONFIDENTIAL:
> > > -------------------------------------------------------
> > > This email, including attachments, may contain information that is
> > privileged,
> > > confidential, and/or exempt from disclosure under applicable law
> > (including, but not
> > > limited to, protected health information). It is not intended for
> > transmission to, or
> > > receipt by, any unauthorized persons. If the reader of
> > this message
> > > is
> > not the
> > > intended recipient you are hereby notified that any dissemination,
> > distribution or
> > > copying of this communication is strictly prohibited. If
> > you believe
> > > this
> > email was sent
> > > to you in error, do not read it. Reply to the sender
> > informing them
> > of
> > the error and
> > > then destroy all copies and attachments of the message from your
> > system.
> > Thank
> > > you.
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org
> > Discussion List as:
> > > johnlist@xxxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org
> Discussion List as:
> > epoole@xxxxxxxxxxxxxxxxxxxx To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > -------------------------------------------------------
> > WARNING/CONFIDENTIAL:
> > -------------------------------------------------------
> > This email, including attachments, may contain information that is
> > privileged, confidential, and/or exempt from disclosure under
> > applicable law (including, but not limited to, protected health
> > information). It is not intended for transmission to, or
> receipt by,
> > any unauthorized persons. If the reader of this message is not the
> > intended recipient you are hereby notified that any dissemination,
> > distribution or copying of this communication is strictly
> prohibited.
>
> > If you believe this email was sent to you in error, do not read it.
> > Reply to the sender informing them of the error and then
> destroy all
> > copies and attachments of the message from your
> > system. Thank you.
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org
> Discussion List as:
>
> > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> epoole@xxxxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> -------------------------------------------------------
> WARNING/CONFIDENTIAL:
> -------------------------------------------------------
> This email, including attachments, may contain information that is
> privileged, confidential, and/or exempt from disclosure under
> applicable law (including, but not limited to, protected health
> information). It is not intended for transmission to, or receipt by,
> any unauthorized persons. If the reader of this message is not the
> intended recipient you are hereby notified that any dissemination,
> distribution or copying of this communication is strictly prohibited.
> If you believe this email was sent to you in error, do not read it.
> Reply to the sender informing them of the error and then destroy all
> copies and attachments of the message from your
> system. Thank you.
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tradtke@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
