RE: Some question on ISA Server funtionality
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 14 Apr 2004 04:43:52 -0500
Hi Radien,
ISA NATs from LAT to non-LAT hosts. Routes from LAT to LAT hosts or
non-LAT to non-LAT hosts.
Packet filters control LAT to LAT and non-LAT to non-LAT communications.
Protocol Rules control LAT to non-LAT communications.
No granular control of IP address bindings with LAT. Access control via
packet filters is like with Linux, just weak packet filtering without
strong access control.
Firewall Client enables strong user/group based authenticated outbound
access and secondary connection management using a generic Winsock
proxy. Far superior to primative packet filtering which is ignorant of
application layer and authenticated access control.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: radien@xxxxxxxxx [mailto:radien@xxxxxxxxx]
Sent: Wednesday, April 14, 2004 5:14 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Some question on ISA Server funtionality
http://www.ISAserver.org
Dear All
I'm a linux guy, and trying to underestand ISA Server 2000.
I read ISA Server 2000's documentation. There are something that can't
Understand.
See, It's what I think about ISA server and I'm not sure about them,
+Am I right about them:
------------------------------------------------------------------------
--------
It seems ISA Server NATs outgoing traffic by default.
It seems ISA Server uses fire client software to detect RELATED packets
(related to an application that has existing connection(s)) to for those
protocols that do not have a defined application filter.
------------------------------------------------------------------------
--------
+And here my questions:
------------------------------------------------------------------------
--------
How to NAT to many (more than one) IP's? (Specific or mapping to a
range)
How about ordinary routing between different networks?? specially if you
want put some access control or filtering on passing trough traffic.
What is the order of processing "IP Packet Filter" rules, for a packet?
------------------------------------------------------------------------
--------
Thx in advance
Regards
__Radien__
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
