I mean: The rule should define the direction. Not the protocol. HTTP is HTTP it doesn't matter what direction it moves in. If I create a new protocol I have to choose what direction (inbound or outbound). Then I create a rule and assign that protcol to that. Its just seems a$$ about. I have spoken to many full time firewall admins about this and it always comes up. -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Saturday, February 11, 2006 1:46 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org "Define the direction"? They are directional - what exactly do you mean? -------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------- -----Original Message----- From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Thursday, February 09, 2006 9:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org And since we are talking about I would have liked to see the access rules define the direction, not the protocol. That sort of doesn't make a whole deal of sense to me, though I learn to live with it. Do you know if there has been any talk or feedback on that. -----Original Message----- From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Friday, February 10, 2006 4:40 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Yeah points taken but I from my POV I just would have liked to see a better rulebase matrix in the UI, maybe.. And also, I'm all for extending the functionality of stuff with non native toosl but if you can specify traffic from and to an ip, surely its not that much to do provide both in the same window? I thought I'd get that response to checkpoint from you :) Given up on the music quiz have ya?? Tis easy -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Friday, February 10, 2006 4:23 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Remember - I called it "good" up until the "simplify the SQL" request. I totally agree with the "reverse-engineer my rules" idea, and it's one that has been mentioned before. The funny (to me, at least) part is that you can already do this yourself if you have a nodding familiarity with: 1. XML 2. XSLT Exporting the ISA configuration is the first part and (now) brain-dead simple, but unfortunately, most folks don't know what power lies dormant on their desktops after they do this. I take Checkpoint - right out the door...:-) -------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------- -----Original Message----- From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Thursday, February 09, 2006 9:07 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org But Jim this is my point (and i take yours) surely we dont want to get to the stage where we turn "enterprise level" firewall admins away from ISA because it has shortcomings that are relativeley easy to fix. I thought the whole idea was to bring people in not push them to checkpoint and the like. Of course i dont know the marketing strategies of MS. Whilst these issues may or may not occur in an sbs type environment, they are bound to in larger enterprises. I understand the balance between a firewall that serves small - medium - enterprise networks but where does the allegiance lie, if any? Who are they more willing to please? Take Checkpoint as an example, its filtering capabilities are pretty darn good. Whilst we dont want to get into a feature comparison, i would have thought that allot of the target audience with ISA 2004 would have been relatively the same, again i dont know percentages or marketing strategies. If you tell me that this is not the case i will shut my cake hole. But if it is the case i would have thought if I were evaluating a firewall product I would love to be able to get an overview of rules by group, or department, Or client, Or service etc etc and other features. I take your point that it is then my choice, but for those of us who really like ISA as a product and use it, defend it, implement and test it etc I just saw it as a way of trying to improve the features so that they dont fall short in the enterprise level market. I know they don't need my help but I just thought i'd bring it up. Maybe i'm wrong but its just my 0.2c Greg Mulholland ________________________________ From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Fri 10/02/2006 3:47 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Now you sound like the unmentionable crowd. Enterprise level applications rarely give you what you want before you know to ask for it... In general, Enterprise-level admins know what they want and need from an application before they buy it. It's the hobbyist or "push-button" admins that end up needing hand-holding weirdzards. ..but that's just my opinion... -------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -------------------------------------------- -----Original Message----- From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Thursday, February 09, 2006 6:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Sorry Jim you are right. I kind forgot about the export import stuff :) my bad but as far as the sql stuff I know plenty of TransactSQL, more than enough to do what I want (And that is exactly what I did), but a) I want the query in real time, not having to rerun it manually - and b) I want the application to give me the tools I need to manage it. I don't think its an appropriate position for an enterprise level product that you should have to write your own SQL queries to do something very simple which they almost got right, but not quite.. (And your stuffed if you are writing to a flat file.) Greg Mulholland ________________________________ From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Fri 10/02/2006 12:30 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Hey, ya bonehead - you were doing great until the "save queries" statement. When was the last time you actually looked at the UI? "Save query" is part of the current feature set... ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Thursday, February 09, 2006 17:08 To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Thanks bonehead :p Actually while im on it. I'd like to be able to configure monitoring to say show me all records that are either from OR to a particular IP at the same time. You cant do it. I can say show me all records from a particular IP on its own. Or all records to a particular IP on its own. But not together! Also i'd love to be able to "save" predefined queries!!! Greg Mulholland ________________________________ From: Steve Moffat [mailto:steve@xxxxxxxxxx] Sent: Fri 10/02/2006 11:27 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: feature request http://www.ISAserver.org Good request batboy...... ________________________________ From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] Sent: Thursday, February 09, 2006 8:08 PM To: ISA Mailing List Subject: [isalist] feature request http://www.ISAserver.org Jim or Tom or anyone Is there any possibility of putting in a feature request for new versions. Or at least Jim if you have any feedback. 1. The ability to create rule groups. For instance, if I want to get a window into the overall structure of the rulebase I would like to be able to have a group for my dmz rules a group for my internal rules. But more than that, if I have a rulebase of 300+ rules (which wouldn't be that uncommon in larger businesses) I would like to be able to group them into some logical structure for different internal lans, vpn rules, dmz rules, custom defined groups ie test lab etc etc 2. The ability to select an object, ie my computer or the mailserver and show all rules pertaining to that object. This would be kind of handy for cleaning up things. I could select a machine and see what rules are configured for it. This would give you an extra step of troubleshooting. Say if you are trying to publish a box and it aint working, you could select the object and see if the necessary rules has been created. Rather than scrolling a list of 300+ rules to find "the one". Thanks Greg Mulholland ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: greg@xxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx