People,
Can I make a small request - if you're going to refer to other stuff (eg
bugtraq posts or NSA documents) would you please include a solid reference
or some sort of link?
I'd be interested in dragging this discussion out a bit more. Does anyone
have evidence that's not just MS-bashing to suggest that ISA is unsuitable
as a competitor to the well-known Enterprise Firewalls?
Cheers,
--
Ben Nagy
Network Security Specialist
Marconi Services Australia Pty Ltd
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, September 15, 2001 12:58 AM
> To: Ron DuFresne
> Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED];
> [EMAIL PROTECTED]
> Subject: Re: MS ISA Server
>
>
> Yeah, as Ron stated, check the NSA Document on the ISA Server,
> it is more of Proxy with some packetfiltering ability, and
> NSA only puts it in an scenario with eg FW-1 as outer
> perimeter, the DMZ in the middle and ISA as last line of
> defense between DMZ and LAN. DO NOT use it as 3homed FW stand alone!
>
> > Bewary if ISA server in this role. Consider it more of a 'personal
> > firewall' only able to 'monitor' what comes from the outside. You
> > have no control over what is sent out. M$ altered their
> web pages to
> > accomodate this. You might find an "ISA" query on the bugtraq
> > archives to be knowledge worthy.
> >
> > Thanks,
> >
> > Ron DuFresne
> >
> > On Thu, 13 Sep 2001, Chris Patterson wrote:
> >
> > > Is anyone here familiar with the new MS ISA Server?[...]
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls