[isapros] Re: SCCM and ISA - Worth a shot!

  • From: Jason Jones <Jason.Jones@xxxxxxxxxxxxxxxxx>
  • To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
  • Date: Fri, 19 Oct 2007 08:50:26 +0100

Hi t,

I was hoping to do the former and then use KCD, but from what I gather SCCM is 
using computer based certs - I believe this makes things harder?. Not really 
comes across this scenario before...I currently have it working in the lab 
using server publishing, but I cannot bear the thought of doing this for 
customers...


From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On 
Behalf Of Thor (Hammer of God)
Sent: 18 October 2007 22:15
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: SCCM and ISA - Worth a shot!

While I've not used SCCM, I've done a good bit of work with different 
certificate-based authentication models.  Are you considering using a 
web-listener configured for SSL Client Certificate Authentication, or just 
web-publishing to a back-end web server where it will do its own 
certificate-to-user mapping?

t

From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jason Jones
Sent: Thursday, October 18, 2007 1:11 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: SCCM and ISA - Worth a shot!

Did this Q get hidden within Amy's posts or is it a big fat "don't know"? J

From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jason Jones
Sent: 17 October 2007 00:49
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] SCCM and ISA - Worth a shot!

Hi,

Has anyone used ISA with System Centre Configuration Manager (SCCM) yet? 
Specifically when using Native mode (e.g. full-on PKI mode).

The initial documentation is a little patchy and seems to contradict itself 
between using Web Publishing and Server Publishing when using Internet based 
clients that cannot back into the CM server. The SCCM documentation talks about 
lots of perimeter and internet-facing scenarios, but I want to try and use an 
ISA based model in a similar way to protecting Exchange or SharePoint. A quote 
from Jim comes to mind "..we don't need no stinking DMZs"

Ideally I want to use Web Publishing, but all communications in SCCM utilise 
client certificate based authentication.

Am I right in thinking I can use ISA Web publishing combined with KCD to secure 
access from CM clients to the CM server?

Answers that tell me that I have to use Server Publishing will make me cry, so 
please be sensitive

Thanks in advance...

Cheers

JJ

Other related posts:

  1. Home
  2. isapros
  3. Archive
  4. 10-2007