RE: Surfcontrol SNat and firewall clients - revisted. hotfix1

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 30 Sep 2005 14:03:51 -0700

Traffic between internal networks *is* outgoing because it uses access rules.
"incoming" is published traffic and is reported to plugins as such.
If you were to use a publishing rule between internal networks, then the filter 
would be relatively ignorant.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------

________________________________________
From: Crockett, Gregory [mailto:Gregory.Crockett@xxxxxxxxx] 
Sent: Friday, September 30, 2005 13:57
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Surfcontrol SNat and firewall clients - revisted. hotfix1

http://www.ISAserver.org
The version of SC before the hotfix disregarded incoming HTTP traffic - only 
outgoing authenticated web proxy client traffic.  Now this hotfix monitors 
firewall, and anonymous snat clients, as well as the web proxy clients.  This 
traffic rapidly increases the msde db.
 
greg
 
________________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Friday, September 30, 2005 3:21 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
 
http://www.ISAserver.org
Ah - that's mo' clearer.
Bear in mind that the SC plugin is hooked into the web proxy filter, which is 
notified of *all* HTTP traffic.
Consequently, no matter where the call originated or is destined, the SC filter 
will hear of it.
 
-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 
________________________________________
From: Crockett, Gregory [mailto:Gregory.Crockett@xxxxxxxxx] 
Sent: Friday, September 30, 2005 13:16
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
 
http://www.ISAserver.org
These clients are routed through ISA to different subnets.
 
________________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Friday, September 30, 2005 1:46 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
 
http://www.ISAserver.org
What's the point of making internal clients go to ISA to reach internal 
resources?
 
-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 
________________________________________
From: Crockett, Gregory [mailto:Gregory.Crockett@xxxxxxxxx] 
Sent: Friday, September 30, 2005 06:01
To: [ISAserver.org Discussion List]
Subject: [isalist] Surfcontrol SNat and firewall clients - revisted. hotfix1
 
http://www.ISAserver.org
Some months ago Surfcontrol released a hotfix for their version 5 on ISA 2004 - 
I just learned of the release and installed.  Yes, it now monitors SNAT and 
firewall clients.  Our install monitors and interacts with incoming web request 
to our internal web sites.  Has anyone else seen this with this hotfix?
 
greg
 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
gregory.crockett@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
gregory.crockett@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.

Other related posts:

• » Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1
• » RE: Surfcontrol SNat and firewall clients - revisted. hotfix1

1. Home
2. isalist
3. Archive
4. 09-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---