I have ISA, Cisco ASA 5510, and Sonicwall. I have also used Ipchains on Linux. They all do a spiffy job of keeping Thomas out of my network. I do not really have a preference of one over another. They each have their +/-'s. ISA is great in a windows centric environment. But we run Windows, Mac, Solaris, and Linux and I host several non-IIS web sites. ISA is awesome for its ability to front-end your Exchange 2003 servers with RPC over HTTPS connections. ISA is also great for handling your VPN connections. My ISA pet peeves: I still think that having to use 3rd party add-on's on ISA for content filtering is lame. Also it is a pain in the ___ to track traffic back to internal users unless you are using running in authentication mode which for me seems like it would be a major consideration when purchasing a "windows" firewall. I do not see any valid reason why when running ISA without authentication for my Mac, and Linux boxes I still can't collect user data for all the windows users. I've been on the receiving end of ISA hater comments. I've had PIX snobs actually yell at me for being stupid enough for using a microsoft product as my front end firewall for our windows environment. As far as security goes, my ISA box has never let me down. There are the usuall stupid reboots required for the security patches-de-jour for the OS. My ISA is NOT behind any other firewall. It stands alone. When configured and monitored properly nearly any firewall will be fine. When mis-configured and not monitored any firewall will be a liability. Good luck in your hunt. -----Original Message----- From: Vitali [mailto:Vitali@xxxxxxxxxxxxxxxxxx] Sent: Thursday, November 17, 2005 3:54 AM To: [ISAserver.org Discussion List] Subject: [isalist] is ISA a solution? http://www.ISAserver.org I am considering whether to use ISA, Cisco PIX or some UNIX systemas a firewall. what would members of the list recommend? Regards, Vitaly