RE: To client or not to client?
- From: Joe Pochedley <JoePochedley@xxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 25 Oct 2001 15:34:18 -0400
Ray,
I guess it partly depends on whether you want to be able to track, or
restrict access based on user names... When using secure NAT, anything
going through the firewall client will be allowed or denied based on IP
addresses. If you want to restrict the abilities of a group of users, you
will need to set them with static IP addresses, or on their own subnet, or
with DHCP reservations, etc etc etc for secure NAT to restrict the access...
Using the FW client, you can restrict any traffic by user name...
If you're content to let all the users run wild on the internet, or are
going to use the same access policy for all users, secure NAT will work just
fine...
I'm sure there are other pluses for the FW client, but that's the first
thing that comes to mind...
Joe Pochedley
-----Original Message-----
From: Ray Dzek [mailto:rdzek@xxxxxxxxxxxxxxx]
Sent: Thursday, October 25, 2001 12:22 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] To client or not to client?
http://www.ISAserver.org
Is there a compelling reason to install the FW client instead of just
setting up the browser to use web proxy? If Secure NAT is on, everything
seems to work just fine. After having installed the Proxy 2.0 client, I'm
not looking forward to doing that again if there is no substantial benefit.
Ray Dzek
Network Operations / Helpdesk
Specialized Bicycle Components
15130 Concord Circle
Morgan Hill, CA 95037
Ph: 408-782-5420
Fx: 408-782-5421
Pg: 408-589-4250
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
JoePochedley@xxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
