Hi Andy,
IAG is licensed on a per client basis, but there are number of options
available. ISA is installed on it as a host based firewall, but you
would never configure the ISA components. The ISA configuration is done
automatically when you configure the IAG SSL VPN. So, the IAG is used
*only* for SSL VPN, not as an inbound or outbound firewall as ISA would
be used.
Right now, IAG is only available as a hardware offering from from select
OEMs.
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- Microsoft Firewalls (ISA)
________________________________
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 07, 2008 6:17 AM
To: NT System Admin Issues
Subject: RE: RPC over HTTPS
Dr. Tom,
How is IAG licensed, is it part of ISA 2006 natively or what?
Thanks,
Shook
http://www.linkedin.com/in/andyshook
________________________________
From: Thomas W Shinder [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 07, 2008 12:07 AM
To: NT System Admin Issues
Subject: RE: RPC over HTTPS
Of course you can control this.
IAG.
From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 06, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: RPC over HTTPS
It is a valid concern, and no - I'm not aware of any way to
prevent it on a machine-by-machine basis.
Regards,
Michael B. Smith
MCSE/Exchange MVP
http://TheEssentialExchange.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 06, 2008 7:53 PM
To: NT System Admin Issues
Subject: RPC over HTTPS
We are getting ready to roll out RPC over HTTPS for email. For
quite awhile we have had most of our users internal to the company and
have just used the Outlook client to access Exchange natively. As we
have brought remote offices online the VPN tunnels enabled similar
access. Then we had a few roaming users that we gave VPN access to for
their email. And of course everyone has OWA for access from home, and
ActiveSync for access from their mobile devices.
There is one overwhelming concern we have with enabling RPC over
HTTPS though, and I am wondering if anyone has any commentary on this,
or suggestions. By allowing RPC over HTTPS we are enabling our staff to
download all of their company email on a machine which may or may not be
within our control. Sure, with OWA they can access their email from home
and selectively grab a message here and there, but with RPC over HTTPS
they can grab an entire mailbox and do whatever they want with it. This
is definitely one of those areas that could come back to haunt us later.
For the short term we would only set it up on company laptops of
course, however there is nothing stopping someone from copying those
settings to their own personal machine. Or is there? Is there any
solution that can be implemented so we control which computers can
access our Exchange over RPC?
Thanks,
Jeff
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
