Re: Security comparison
From: Lily (lsho@iname.com)
Date: 01/03/03
- Next message: jbkeithley: "Re: 128 bit encryption"
- Previous message: Lanwench [MVP - Exchange]: "Re: pop up ads"
- In reply to: Karl Levinson [x y] mvp: "Re: Security comparison"
- Next in thread: Karl Levinson [x y] mvp: "Re: Security comparison"
- Reply: Karl Levinson [x y] mvp: "Re: Security comparison"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Lily" <lsho@iname.com> Date: Thu, 2 Jan 2003 17:21:58 -0800
Thanks both of you reply.
Another question, if I do put ISA Server behind my router
A. But my router Aalready established a VPN connection
with my other router B. How do I allow ISA server with two
NICs to route network traffic from internal network B to
internal network A? It seems everything is block from ISA,
I don't really know how to set it up.
Thanks,
Lily
>-----Original Message-----
>
>"Lily" <lsho@iname.com> wrote in message
>news:O4oyLhlsCHA.2628@TK2MSFTNGP09...
>> I was wondering, how does a DSL VPN router (such as D-
Link DI-804V or
>> similar brand) security compare to a software firewall
such as Microsoft
>> ISA/Proxy Server? Is it similar? or which one would you
recommend? I had a
>> Internet connection as well as VPN tunnel from both VPN
router, I was
>> wondering whether I need to put another ISA Server
behind the router.
>
>It really depends on what your environment is and what
your needs are.
>Microsoft ISA server includes proxy and caching features
as well, which can
>speed internet performance in some cases. It probably
also integrates
>better with Windows domains for authentication than other
products, which
>may or may not be a good thing. ISA server costs around
$1500 for the
>software alone, plus the server to put it on, so you
should be really sure
>that you need a proxy server first, otherwise you're
probably paying too
>much. I personally think the ISA server is not the
simplest GUI out there
>and would probably have more of a learning curve for
you. You should go to
>www.google.com and read up on what a proxy server /
application level
>firewall is and how it is different from a stateful
firewall and a NAT
>router, to see which one you need.
>
>> It seems these day most of the VPN router already have
some sort of
>firewall
>> feature. Such as NAT, IPSec VPN etc, if so, wouldn't
this router aleady
>> block all ports? Where would be the security hole is?
>
>I'm not familiar with that router, but NAT routers that
just rely on NAT as
>a "firewall" only block inbound connections, not outbound
connections.
>Whether or not your firewall is stateful can also make a
big difference.
>
>Other firewall solutions you might want to consider are
below. Also, a
>firewall alone is not enough to keep you secure, so other
things you should
>consider for security are also below.
>
>http://securityadmin.info/faq.htm#firewall
>http://securityadmin.info/faq.htm#harden
>
>
>.
>
- Next message: jbkeithley: "Re: 128 bit encryption"
- Previous message: Lanwench [MVP - Exchange]: "Re: pop up ads"
- In reply to: Karl Levinson [x y] mvp: "Re: Security comparison"
- Next in thread: Karl Levinson [x y] mvp: "Re: Security comparison"
- Reply: Karl Levinson [x y] mvp: "Re: Security comparison"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
