RE: [fw-wiz] PIX -> ISA -> OWA Configuration
From: Thomas W Shinder (tshinder_at_tacteam.net)
Date: 05/13/05
- Previous message: Brian Loe: "RE: [fw-wiz] Extreme Problem with PIX Config"
- Maybe in reply to: woodsd001_at_hawaii.rr.com: "[fw-wiz] PIX -> ISA -> OWA Configuration"
- Next in thread: Jeremiah Cornelius: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <firewall-wizards@honor.icsalabs.com> Date: Fri, 13 May 2005 13:16:03 -0500
Since the ISA firewall was designed to protect OWA, what would be the
rationale for not using an ISA firewall?
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: firewall-wizards-admin@honor.icsalabs.com
[mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Chris
Blask
Sent: Monday, May 09, 2005 8:44 PM
To: vbwilliams@neb.rr.com; Paul Melson
Cc: woodsd001@hawaii.rr.com; firewall-wizards@honor.icsalabs.com
Subject: Re: [fw-wiz] PIX -> ISA -> OWA Configuration
Hi folks!
At 10:47 AM 5/7/2005, Victor Williams wrote:
>Personally, I didn't see any reason to state the obvious when it was
there
>for everyone to see.
>
>There is no *safe* or *best* way to deploy that architecture as far as
I'm
>concerned. The sooner everyone just accepts that, the better off
everyone
>will be.
Everyone that counts (the folks who pay for all this stuff) don't give a
mongoose's hooter what architecture is used, they just want their apps
to
work where they need them. On this one I agree with them
whole-heartedly:
I'd like to be able to read my email displayed on the fannies of
migratory
waterfowl. I'll settle for bioptic HUD glasses that can overlay the
text
as opposed to actually laser-printing on loons, but it better be no less
secure than a workstation in a cube however it gets done.
>I've found personally that a correctly implemented VPN solution is 1000
>times better than trying to get OWA deployed and *safe*.
The only problem with VPNs are kiosks and other Not-My-Computer
situations. Webmail will be implemented (even, I shudder to say, OWA)
because we haven't yet made VPNs fully portable.
If you have to use OWA, I'd use one of the mail firewalls out there
(BorderWare or IronMail, for example) in front of it. Something like
that
gives you a break in the chain between your MaxiSoft servers and the
World,
and a dev team to maintain it and pester when you feel antsy.
-cheers!
-chris
Chris Blask
chris@blask.org
blaskworks.blogspot.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Brian Loe: "RE: [fw-wiz] Extreme Problem with PIX Config"
- Maybe in reply to: woodsd001_at_hawaii.rr.com: "[fw-wiz] PIX -> ISA -> OWA Configuration"
- Next in thread: Jeremiah Cornelius: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
