RE: Something about ISA Server 2000...

From: Jim Harrison (SPG) (jmharr@microsoft.com)
Date: 10/25/01 

Subject: RE: Something about ISA Server 2000...
Date: Thu, 25 Oct 2001 12:46:00 -0700
Message-ID: <9D884881F5E1F24FB845967851720FC302210BE7@red-msg-12.redmond.corp.microsoft.com>
From: "Jim Harrison (SPG)" <jmharr@microsoft.com>
To: "Los, Ralph" <rlos@EnvestNet.com>, "Progenit Service S.r.l." <agente_progenit@public.iunet.it>, <focus-ms@securityfocus.com>

Hi All,

        I'd be very interested in your ISA horror stories. I've also
been working with it for about a year now and I'm very happy with it.
Most of the "unhappiness" I've encountered so far has been related to
setup and functionality misunderstandings or general expectations.

* Jim Harrison
MCP(NT4, 2K), A+, Network+

-----Original Message-----
From: Los, Ralph [mailto:rlos@EnvestNet.com]
Sent: Thursday, October 25, 2001 08:56
To: 'Progenit Service S.r.l.'; focus-ms@securityfocus.com
Subject: RE: Something about ISA Server 2000...

Giancarlo,

        Unfortunately, yes I have both experience and opinion. I
started to play around with ISA 2000 a while ago, and now I run 3
CheckPoint FW-1's. Nothing beats a CheckPoint, in my book, BUT,
Netscreen is a great little box, and Watchguard is worth the price as
well for smaller offices.

        I'd stay away from ISA as a firewall, trust me, it's not
something you want to have to deal with...<shudder>....and I'm a
Microsoft fan.

Regards

Ralph M. Los
Asst. Vice-President, Internet Systems and Security EnvestnetPMC
rlos@envestnet.com
(312) 827-3945 (direct)
(312) 296-9003 (wireless w/voicemail)
* If you haven't been hacked, you don't know where your vulnerabilities
lie*

-----Original Message-----
From: Progenit Service S.r.l. [mailto:agente_progenit@public.iunet.it]
Sent: Thursday, October 25, 2001 5:10 AM
To: focus-ms@securityfocus.com
Subject: Something about ISA Server 2000...

Hi all,

has someone an opinion (good or bad....)concerning ISA Server 2000
installed as firewall? How many differences are among this software
solution from Microsoft and Check Point Firewall-1, Netscreen 10/100,
Watchguard or Cisco PIX?

Any help would be appreciated.

Thanks

---------------------------------------------------------------
Giancarlo Ballestracci
Technical Support
Progenit Service S.r.l. Agenzia TENOVIS-NEWTEL Telecommunications -
Information Security - New Technologies Tel 055-456336 Fax 055-452330
---------------------------------------------------------------

Relevant Pages

  • Re: CEICW fails - several errors
    ... The firewall isn't used when ISA is installed. ... On the WAN NIC of your server the DNS has to point to the LAN IP. ... I immediately checked and ISA Server ...
    (microsoft.public.windows.server.sbs)
  • RE: ISA2004 client firewall slow webpage loading
    ... have you configured this new client as web proxy client? ... configure ISA server as your Proxy ... stop the Microsoft Firewall service. ...
    (microsoft.public.windows.server.sbs)
  • Re: CEICW fails - several errors
    ... On the WAN NIC of your server the DNS has to point to the LAN IP. ... Ethernet adapter Internet Connection: ... I immediately checked and ISA Server ... Management said that Web Proxy, Firewall and ...
    (microsoft.public.windows.server.sbs)
  • ISA Spoofing Issue Using Second Firewall with One to One NAT
    ... Two tier firewall implementation segmenting the Internet, ... ISA Server configured with packet filters ... facing firewall's one to one NAT are seen as a spoof by ISA. ...
    (NT-Bugtraq)
  • RE: [fw-wiz] Strange setup
    ... I have done similar designs with a Cisco PIX and ISA server. ... configure the firewall to only a allow traffic on ports 80 and 443 from ... the ISA server is on the internal network and a static NAT ... > Internet hosts). ...
    (Firewall-Wizards)