> -----Original Message----- > From: Schouten, Diederik (Diederik) [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 16, 2002 10:21 > To: 'Noonan, Wesley'; Schouten, Diederik (Diederik); 'Rink, Jesse'; > '[EMAIL PROTECTED]' > Subject: RE: Replacing my old PIX Classic > > > > Can someone plase tell me why poeple like the Microsoft ISA Server? > > > > Because it works? Because last time I checked it had not a > > single exploit logged? > > > > > Without a proper firewall protecting the ISA Server its just going to > be > > > the single point of failure. > > > > Are you really this uninformed, or are you just playing the > > part on the net? > > Basicly, I do not like all in one software based security tools. > Especialy when they run on top of a M$ OS.
So you have no technical point, just a religious one? Nothing wrong with that, but it should be clarified. > There have been issues with for example fragmented UDP floods. Sure, lot's of vendors have been susceptible to that. IIRC I saw a linux warning float across bugtraq a couple of months ago (maybe Solaris...). > Sorry, I can't find the link, but in the network diagrams of one of their > succes stories it shows a 3d party firewall protecting the ISA server. This is news??? Didn't we *just* have a discussion on this list about how it is prudent to use different vendors firewalls in a tiered method? Isn't that the "best practice" implementation of a firewall solution? Don't people generally recommend to use a stateful packet filtering firewall on the outer perimeter and a proxy based solution on the inner perimeter to get the best combination of speed and security? Microsoft demonstrates this "best practice" in their docs, and suddenly they are getting slammed for it? Do you want them to focus on and be serious about security or don't you? > Sure there are many advantages, being able to use the login information > of users etc... Yes, that can be a big factor. > Call me a winer, I just don' like the Microsoft environment and wished > there was more capable competition. There isn't. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
