Think of it like your server naming conventions. Each customer has different needs and desires, so this is where you have to concentrate. Given the choice, I tend toward the "protocol [from X] to Y" format, such as: "RDP to Jason", or "Kitty Porn Server to Internet" (KPS being a custom protocol, if course). This way, the main details are in a short name. If I need any further info, such as "1d10t ISV thinks 'allow all' is a good idea", it goes in the "Description" field. From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones Sent: Tuesday, May 15, 2007 6:16 AM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: ISA Rule Names Happy for answers to both questions if you think there are two J Just trying to get some feedback on naming standards for both clarity and purpose... From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: 15 May 2007 14:03 To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: ISA Rule Names Maybe I'm listening with the wrong eye, but this sounds like two different questions? "What naming convention works for you?" is a bit different than "I want to find out what rules apply to <blah>"... As far as rule names, keep it short, but clear. This way, it makes sense on first glance. Details should be in the "Description" field. We're working on a "rule-alyzer" that should make Greg (and many others) happy, but no firm release date yet. From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Greg Mulholland Sent: Tuesday, May 15, 2007 3:55 AM To: isapros@xxxxxxxxxxxxx Subject: [isapros] Re: ISA Rule Names Jason I have been waiting for an easier way to handle large rulesets in ISA for a few releases now. Im praying 2008 holds the key. I would like the filtering or sorting of rules to be a little better so I can find what I am looking for without having to go through 4000 rules to find what im looking for. I generally try to give as concise a name but whilst still providing me the info of what the rule does without having to open it up. I'd also like to know how other places do it. Ive seen it work in "dare I say it" checkpoint and there rule filtering is great! Tom, Jim, im sure you cant say but will there be any improvements/changes on this front in 2008. A nod or a wink will suffice! Greg From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones Sent: Tuesday, 15 May 2007 8:07 PM To: isapros@xxxxxxxxxxxxx Subject: [isapros] ISA Rule Names Hi All, Quick off the wall question... I was wondering if any of you use some form of system for naming ISA rules. As you can imagine, in a complex environment it is often quite easy to get to a large number of rules and hence the actual rules name become more important to understating which rule does what . Up until now, I have always used quite wordy names like 'Allow Access from Exchange Frontend Servers to Exchange backend Servers' or similar. I have also used prefixes like 'Inbound:' or 'Outbound:' or 'Management:' to try and give a basic indicator to the rule purpose. Am I better having simple rule names (maybe based upon application or function?) and do all the wordy stuff in the rule description field??? Any comments or suggestions would be really welcome, especially from people who have used ISA with large rule sets, maybe for big company edge ISA firewall. How do MS do it for their edge ISAs?? I know it is not that important at the end of the day, but just curious for feedback... Thanks JJ All mail to and from this domain is GFI-scanned. All mail to and from this domain is GFI-scanned.