RE: MS ISA Server

Mon, 17 Sep 2001 06:08:01 -0700 

I haven't read the whole guide, but just in case you haven't found it
already, the NSA guide mentioned below can be found at
http://nsa2.www.conxion.com/ after clicking through a few "OK, I agree" and
"I understand the limitations of liability" links.

Randy Graham
-- 
The Internet?  Bah!  Is that thing still around?  -- Homer Simpson
http://www.securitynewbie.com/ - for people like me


> -----Original Message-----
> From: Ben Nagy [mailto:[EMAIL PROTECTED]]
> Sent: Monday, September 17, 2001 2:35 AM
> To: [EMAIL PROTECTED]
> Subject: RE: MS ISA Server
> 
> 
> People,
> 
> Can I make a small request - if you're going to refer to 
> other stuff (eg
> bugtraq posts or NSA documents) would you please include a 
> solid reference
> or some sort of link?
> 
> I'd be interested in dragging this discussion out a bit more. 
> Does anyone
> have evidence that's not just MS-bashing to suggest that ISA 
> is unsuitable
> as a competitor to the well-known Enterprise Firewalls? 
> 
> Cheers,
> 
> --
> Ben Nagy
> Network Security Specialist
> Marconi Services Australia Pty Ltd
> Mb: +61 414 411 520  PGP Key ID: 0x1A86E304 
> 
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
> > Sent: Saturday, September 15, 2001 12:58 AM
> > To: Ron DuFresne
> > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; 
> > [EMAIL PROTECTED]
> > Subject: Re: MS ISA Server
> > 
> > 
> > Yeah, as Ron stated, check the NSA Document on the ISA Server, 
> > it is more of Proxy with some packetfiltering ability, and 
> > NSA only puts it in an scenario with eg FW-1 as outer 
> > perimeter, the DMZ in the middle and ISA as last line of 
> > defense between DMZ and LAN. DO NOT use it as 3homed FW stand alone!
> > 
> > > Bewary if ISA server in this role.  Consider it more of a 
> 'personal 
> > > firewall' only able to 'monitor' what comes from the 
> outside.  You 
> > > have no control over what is sent out.  M$ altered their 
> > web pages to 
> > > accomodate this.  You might find an "ISA" query on the bugtraq 
> > > archives to be knowledge worthy.
> > > 
> > > Thanks,
> > > 
> > > Ron DuFresne
> > > 
> > > On Thu, 13 Sep 2001, Chris Patterson wrote:
> > > 
> > > > Is anyone here familiar with the new MS ISA Server?[...]
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
> 
> 
> 
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to