http://www.networkcomputing.com/showArticle.jhtml?articleID=15000512
Is the article I mentioned, you'll notice that it talks about ISA 2000, not 2004. This is the article I remember, I sometimes get numbers mixed up though. This probably invalidates what I said earlier, but such is life when version numbers change. I believe these guys could be convinced to test 2004 if the demand was high enough, but I somehow doubt that'll happen. I do think ISA 2004 can stand up just as well as ISA 2000. -----Original Message----- From: Abe Getchell [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 16, 2005 17:57 To: Nick Wells Cc: [email protected] Subject: Re: ISA Server or Firewall Appliance? > I've been using ISA 2004 on a box that's been facing the internet since it's > was released as a public beta. I've run other firewall "appliances" as well > as both m0n0wall and pfSense (pfSense is a variant of m0n0wall optimized for > use on standard PC hardware) and I've really found it to have the best > featureset. I also read an article on Network Computing or Windows Magazine > that put ISA2004 as one of the fastest firewalls, almost achieving "full" > 1000Base-TX speeds. Do you have a link to an online version of this article? I'd like to see their testing criteria. It's not that I don't believe you... well, yeah, it is that I don't believe you. You're just some guy on the Internet, after all. > I think ISA's real redemption comes from the hardware that it runs on, > standard (sometimes cheap) PC components. If you get a power surge on an > Ethernet card (because only in the engineer's dreamworld does the Ethernet > cable get it's on surge arrestor) and blow the card, there's a $20 > replacement at the local computer store. On the other hand, you have the > sleek, integrated units that you have to throw away or RMA if something gets > zapped, and you won't be able to troubleshoot it to the same degree you'd be > able to troubleshoot an ISA server. Personally, I see this as a negative. That cheap $20 Ethernet card you mention being easy to replace is also more likely to go down do to a failure than something built with enterprise class components... not just with whatever parts came off the boat from <insert Southeast Asian country here> last week. The fact that ISA can run on commodity hardware means that it is more prone to a hardware failure, and that isn't acceptable in a high-availability environment... and who's business isn't these days? Abe -- Abe Getchell [EMAIL PROTECTED] http://abegetchell.com/ --------------------------------------------------------------------------- ---------------------------------------------------------------------------
