> -----Original Message----- > From: Schouten, Diederik (Diederik) [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 16, 2002 10:59 > To: 'Noonan, Wesley'; Schouten, Diederik (Diederik); 'Rink, Jesse'; > '[EMAIL PROTECTED]' > Subject: RE: Replacing my old PIX Classic > > > > Basicly, I do not like all in one software based security tools. > > > Especialy when they run on top of a M$ OS. > > > > So you have no technical point, just a religious one? Nothing > > wrong with that, but it should be clarified. > > Its not a purpose build firewall and thats all, for me that is enough.
What??!?!? Have you ready *anything* about ISA? Saying that it is not a purposely built firewall is like saying Unix is not a purposely built enterprise OS. Both statements are so wrong on so many levels you can't begin to correct them. > > This is news??? Didn't we *just* have a discussion on this list about > how > it > > is prudent to use different vendors firewalls in a tiered method? Isn't > that > > the "best practice" implementation of a firewall solution? > > Don't people generally recommend to use a stateful packet filtering > firewall > > on the outer perimeter and a proxy based solution on the inner perimeter > to > > get the best combination of speed and security? Microsoft demonstrates > this > > "best practice" in their docs, and suddenly they are getting slammed for > it? > > Do you want them to focus on and be serious about security or don't you? > > Is it a firewall or a proxy? It is a proxy firewall. > If you are going for a dual combination anyway, why not get a real > firewall > and a real proxy/cache server? ;) Because ISA is all of that? > I don't want them to focus on security, let them stick to what they do > best. > Let them fix the memory/cpu consuming OS's first. The developers that work on the OS are doing that, I am sure. These aren't the same people building ISA. > Sure, Microsoft based Network management is as easy as it can get, we live > in a point and click society anyway... but I prefer my admins to be > Unix/BSD > focussed and do Microsoft on the side, just to make sure they don't forget > the roots of networking and get lost when the solution to the problem they > are facing is not somehwere in a help file. Funny, I prefer to have admins who know the products they maintain. If they maintain MS stuff, I could care less if they know Unix, and vice-versa. Nice to have? Sure. Necessary? Not even slightly. Heck, I would love to see Unix admins that would read the help files though. They might know that ISA is a purposely built, full featured as real as it gets firewall ;-) > I'm not saying all admins are the same, but we all know how companies > select > their staff at the moment... Sure, but a tight market is changing that. The good are still employed. Those who have failed to adapt are dying. > > > Call me a winer, I just don' like the Microsoft environment and > wished > > > there was more capable competition. > > > > There isn't. > > OS wise? Phah. > They build indeed the most supported platforms for applications, > unfortunatly. Kind of funny hold old Unix with at least twice as much time in use has not been able to grasp that ring... > Let's just hope they stick to software and don't get involved too much in > networking hardware. Too much?? They aren't involved at all. Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS Senior QA Rep. BMC Software, Inc. (713) 918-2412 [EMAIL PROTECTED] http://www.bmc.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
