RE: feature request
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 10 Feb 2006 14:28:23 -0800
That was attempted, but the sad fact is; it's not that simple.
Complex protocols like FTP, IM, RTSP, MMS, FTFP, etc. are all "complex";
meaning the direction is contextual and not so simply defined at that level.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Friday, February 10, 2006 14:25
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
I mean:
The rule should define the direction. Not the protocol. HTTP is HTTP it doesn't
matter what direction it moves in.
If I create a new protocol I have to choose what direction (inbound or
outbound). Then I create a rule and assign that protcol to that. Its just seems
a$$ about. I have spoken to many full time firewall admins about this and it
always comes up.
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Saturday, February 11, 2006 1:46 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
"Define the direction"?
They are directional - what exactly do you mean?
--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
--------------------------------------------
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Thursday, February 09, 2006 9:49 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
And since we are talking about I would have liked to see the access rules
define the direction, not the protocol. That sort of doesn't make a whole deal
of sense to me, though I learn to live with it.
Do you know if there has been any talk or feedback on that.
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Friday, February 10, 2006 4:40 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Yeah points taken but I from my POV I just would have liked to see a better
rulebase matrix in the UI, maybe..
And also, I'm all for extending the functionality of stuff with non native
toosl but if you can specify traffic from and to an ip, surely its not that
much to do provide both in the same window?
I thought I'd get that response to checkpoint from you :)
Given up on the music quiz have ya?? Tis easy
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Friday, February 10, 2006 4:23 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Remember - I called it "good" up until the "simplify the SQL" request.
I totally agree with the "reverse-engineer my rules" idea, and it's one that
has been mentioned before.
The funny (to me, at least) part is that you can already do this yourself if
you have a nodding familiarity with:
1. XML
2. XSLT
Exporting the ISA configuration is the first part and (now) brain-dead simple,
but unfortunately, most folks don't know what power lies dormant on their
desktops after they do this.
I take Checkpoint - right out the door...:-)
--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
--------------------------------------------
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Thursday, February 09, 2006 9:07 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
But Jim this is my point (and i take yours) surely we dont want to get to the
stage where we turn "enterprise level" firewall admins away from ISA because it
has shortcomings that are relativeley easy to fix. I thought the whole idea was
to bring people in not push them to checkpoint and the like. Of course i dont
know the marketing strategies of MS. Whilst these issues may or may not occur
in an sbs type environment, they are bound to in larger enterprises. I
understand the balance between a firewall that serves small - medium -
enterprise networks but where does the allegiance lie, if any? Who are they
more willing to please?
Take Checkpoint as an example, its filtering capabilities are pretty darn good.
Whilst we dont want to get into a feature comparison, i would have thought that
allot of the target audience with ISA 2004 would have been relatively the same,
again i dont know percentages or marketing strategies. If you tell me that this
is not the case i will shut my cake hole.
But if it is the case i would have thought if I were evaluating a firewall
product I would love to be able to get an overview of rules by group, or
department, Or client, Or service etc etc and other features.
I take your point that it is then my choice, but for those of us who really
like ISA as a product and use it, defend it, implement and test it etc I just
saw it as a way of trying to improve the features so that they dont fall short
in the enterprise level market. I know they don't need my help but I just
thought i'd bring it up.
Maybe i'm wrong but its just my 0.2c
Greg Mulholland
________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Fri 10/02/2006 3:47 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Now you sound like the unmentionable crowd.
Enterprise level applications rarely give you what you want before you know to
ask for it...
In general, Enterprise-level admins know what they want and need from an
application before they buy it.
It's the hobbyist or "push-button" admins that end up needing hand-holding
weirdzards.
..but that's just my opinion...
--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
--------------------------------------------
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Thursday, February 09, 2006 6:49 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Sorry Jim you are right. I kind forgot about the export import stuff :) my bad
but as far as the sql stuff I know plenty of TransactSQL, more than enough to
do what I want (And that is exactly what I did), but a) I want the query in
real time, not having to rerun it manually - and b) I want the application to
give me the tools I need to manage it. I don't think its an appropriate
position for an enterprise level product that you should have to write your own
SQL queries to do something very simple which they almost got right, but not
quite.. (And your stuffed if you are writing to a flat file.)
Greg Mulholland
________________________________
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Fri 10/02/2006 12:30 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Hey, ya bonehead - you were doing great until the "save queries"
statement.
When was the last time you actually looked at the UI?
"Save query" is part of the current feature set...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Thursday, February 09, 2006 17:08
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Thanks bonehead :p
Actually while im on it. I'd like to be able to configure monitoring to say
show me all records that are either from OR to a particular IP at the same
time. You cant do it. I can say show me all records from a particular IP on
its own. Or all records to a particular IP on its own.
But not together!
Also i'd love to be able to "save" predefined queries!!!
Greg Mulholland
________________________________
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Fri 10/02/2006 11:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: feature request
http://www.ISAserver.org
Good request batboy......
________________________________
From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx]
Sent: Thursday, February 09, 2006 8:08 PM
To: ISA Mailing List
Subject: [isalist] feature request
http://www.ISAserver.org
Jim or Tom or anyone
Is there any possibility of putting in a feature request for new versions. Or
at least Jim if you have any feedback.
1. The ability to create rule groups. For instance, if I want to get a window
into the overall structure of the rulebase I would like to be able to have a
group for my dmz rules a group for my internal rules. But more than that, if I
have a rulebase of 300+ rules (which wouldn't be that uncommon in larger
businesses) I would like to be able to group them into some logical structure
for different internal lans, vpn rules, dmz rules, custom defined groups ie
test lab etc etc
2. The ability to select an object, ie my computer or the mailserver and show
all rules pertaining to that object. This would be kind of handy for cleaning
up things. I could select a machine and see what rules are configured for it.
This would give you an extra step of troubleshooting.
Say if you are trying to publish a box and it aint working, you could select
the object and see if the necessary rules has been created.
Rather than scrolling a list of 300+ rules to find "the one".
Thanks
Greg Mulholland
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
