Yeah, as Ron stated, check the NSA Document on the ISA Server,
it is more of Proxy with some packetfiltering ability, and NSA only puts
it in an scenario with eg FW-1 as outer perimeter, the DMZ in the middle
and ISA as last line of defense between DMZ and LAN.
DO NOT use it as 3homed FW stand alone!
> Bewary if ISA server in this role. Consider it more of a 'personal
> firewall' only able to 'monitor' what comes from the outside. You have no
> control over what is sent out. M$ altered their web pages to accomodate
> this. You might find an "ISA" query on the bugtraq archives to be
> knowledge worthy.
>
> Thanks,
>
> Ron DuFresne
>
> On Thu, 13 Sep 2001, Chris Patterson wrote:
>
> > Is anyone here familiar with the new MS ISA Server? I need to know if a
> > single ISA server will act as a firewall for a public and private IP
> > scheme (30 public and 126 private) with three NICs in a machine.
> > Separate the NICs by physical networks: 1 - external, 1 - Internal
> > Public, 1 - Internal Private.
> >
> >
> > Or am I just wasting my time trying to get a MS product to work like its
> > advertised? As a firewall....
> >
> >
> > Chris Patterson
> > Network Administrator
> > Axiom Systems
> > Http://Www.AxiomSys.Com
> > The Truth Is Out There. Go Find It. Http://Www.2600.Com
> >
> >
> >
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
> OK, so you're a Ph.D. Just don't touch anything.
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
--
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
