[isapros] Re: Poll - Securing DC's with ISA
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Thu, 29 Jun 2006 14:30:27 -0500
Well, there's always the problem with certificate autoenrollment :)
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones
Sent: Thursday, June 29, 2006 10:03 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Poll - Securing DC's with ISA
Hi Tom,
Thanks for the feedback - I know we have discussed this a bit
before ;-)
Yeah I know about the different arrays bit, but wondered if
anyone had any good stories to tell on do's and don'ts.
No issues just wondered how things well things worked AD
replications wise with two dc's at two different sites with two
different ISA arrays - just looking for any experience really...
JJ
Jason Jones | Silversands Limited | T: 01202 360489 | M: 07971
500312 | F: 01202 360900 | E: jason.jones@xxxxxxxxxxxxxxxxx
<mailto:jason.jones@xxxxxxxxxxxxxxxxx>
________________________________
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
Sent: 29 June 2006 15:21
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Poll - Securing DC's with ISA
Hi Jason,
I haven't used the custom UUIDs for DC protection, I've always
used the RPC (all interfaces).
You almost always have to have different arrays for different
sites, since the internal and external interfaces are on different
network IDs.
What issues with AD replication have you run into?
Thanks!
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
________________________________
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones
Sent: Thursday, June 29, 2006 7:55 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Poll - Securing DC's with ISA
Hi,
Quick poll as I am interested in how many of you have
used/are using ISA to protect domain controllers in production
environments? Have you found it painful or painless in production?
If this is something you have done, are you simply using
the RPC filter in its native form or have you filtered to the UUID
level?
How have you coped with DC's that are located across
different sites - using different arrays I assume?
Does AD replication make this difficult?
Based upon forums and discussions with my MS contacts,
it seems difficult to get much feedback on this...
Thanks for any feedback :-)
Cheers
JJ
Jason Jones | Silversands Limited | T: 01202 360489 | M:
07971 500312 | F: 01202 360900 | E: jason.jones@xxxxxxxxxxxxxxxxx
<mailto:jason.jones@xxxxxxxxxxxxxxxxx>
Other related posts:
