> -----Original Message----- > From: Mikael Olsson [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 16, 2002 14:35 > To: Noonan, Wesley > Cc: '[EMAIL PROTECTED]' > Subject: Re: Microsoft ISA server (Was: Re: Replacing my old PIX Classic) > > > "Noonan, Wesley" wrote: > > [lot's of "you're wrong, Ron"]
No, just on two points. > Right, let's turn this discussion around and get some perspective. > > Can you tell us why ISA server is a good firewall? I will certainly try. I'm no ISA expert however. It's a pretty decent caching server, reducing bandwidth needs. It scales something fierce, both up and out. I've read reports of it scaling out to 32 nodes and over 1Gbps in bandwidth. It integrates tightly with existing windows networks It is generally easier to manage for shops that already have an investment in MS technologies and skillsets. Built in VPN capabilities. Stateful packet inspection and application level proxying Native support for multiple interfaces Tiered management that can be delegated at different levels to different users/groups Going on third party info here (may be wrong), but as of today it has experienced fewer vulnerabilities from the date it was shipped till now than either the PIX or FW1, and no vulnerabilities have caused a security compromise (when it fails, it fails closed). It is highly extensible with a slew of third party add-ons for everything from access control to IDS to monitoring to hardening to logging and reporting. A good resource for ISA is www.isaserver.org if you want more info or depth. Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS Senior QA Rep. BMC Software, Inc. (713) 918-2412 [EMAIL PROTECTED] http://www.bmc.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
