RE: ISA Server or Firewall Appliance?
From: Nick Wells (nick_at_clandestineresearch.com)
Date: 11/17/05
- Previous message: Daniel Kuhlmann: "Re: Renaming Administrator account"
- In reply to: Abe Getchell: "Re: ISA Server or Firewall Appliance?"
- Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: ISA Server or Firewall Appliance?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Nov 2005 23:33:00 -0500
http://www.networkcomputing.com/showArticle.jhtml?articleID=15000512
Is the article I mentioned, you'll notice that it talks about ISA 2000, not
2004. This is the article I remember, I sometimes get numbers mixed up
though.
This probably invalidates what I said earlier, but such is life when version
numbers change. I believe these guys could be convinced to test 2004 if the
demand was high enough, but I somehow doubt that'll happen.
I do think ISA 2004 can stand up just as well as ISA 2000.
-----Original Message-----
From: Abe Getchell [mailto:mailing.list.spooler@gmail.com]
Sent: Wednesday, November 16, 2005 17:57
To: Nick Wells
Cc: focus-ms@securityfocus.com
Subject: Re: ISA Server or Firewall Appliance?
> I've been using ISA 2004 on a box that's been facing the internet since
it's
> was released as a public beta. I've run other firewall "appliances" as
well
> as both m0n0wall and pfSense (pfSense is a variant of m0n0wall optimized
for
> use on standard PC hardware) and I've really found it to have the best
> featureset. I also read an article on Network Computing or Windows
Magazine
> that put ISA2004 as one of the fastest firewalls, almost achieving "full"
> 1000Base-TX speeds.
Do you have a link to an online version of this article? I'd like to see
their testing criteria. It's not that I don't believe you... well, yeah,
it is that I don't believe you. You're just some guy on the Internet,
after all.
> I think ISA's real redemption comes from the hardware that it runs on,
> standard (sometimes cheap) PC components. If you get a power surge on an
> Ethernet card (because only in the engineer's dreamworld does the Ethernet
> cable get it's on surge arrestor) and blow the card, there's a $20
> replacement at the local computer store. On the other hand, you have the
> sleek, integrated units that you have to throw away or RMA if something
gets
> zapped, and you won't be able to troubleshoot it to the same degree you'd
be
> able to troubleshoot an ISA server.
Personally, I see this as a negative. That cheap $20 Ethernet card you
mention being easy to replace is also more likely to go down do to a
failure than something built with enterprise class components... not
just with whatever parts came off the boat from <insert Southeast Asian
country here> last week. The fact that ISA can run on commodity hardware
means that it is more prone to a hardware failure, and that isn't
acceptable in a high-availability environment... and who's business
isn't these days?
Abe
-- Abe Getchell abegetchell@gmail.com http://abegetchell.com/ --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Daniel Kuhlmann: "Re: Renaming Administrator account"
- In reply to: Abe Getchell: "Re: ISA Server or Firewall Appliance?"
- Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: ISA Server or Firewall Appliance?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
