Hardware vs Software Firewall - Pros and Cons?

[Greg]

Archived from groups: comp.security.firewalls (More info?)

I am running Norton Internet Security Personal Firewall - but was
wondering - would security, speed, and memory requirements be any better
using a router with a hardware firewall?

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Greg" <rezlab_nospam@sbcglobal.net> wrote in message
news:6eyIc.9810$nh1.9702@newssvr25.news.prodigy.com...
> I am running Norton Internet Security Personal Firewall - but was
> wondering - would security, speed, and memory requirements be any better
> using a router with a hardware firewall?

Yes! Freeing up your computer to do your computing and leaving firewalls to
other hardware devices will definately improve your system's performance.
BTW, I use only a NAT router and a good AV program and my network is up 24/7
without issue. Safe computing is the best defense.

 

[Paris]

Archived from groups: comp.security.firewalls (More info?)

If you're talking about using a NAT router like the popular Lynksis,
D-link..... as a "hardware firewall" you would get more speed, BUT those
security systems are only good for keeping bad traffic out they don't stop
programs like torjan horse, keyloggers etc from communicating out to the
Internet. A solution involving both your Norton software and a NAT router
would be best.


"Greg" <rezlab_nospam@sbcglobal.net> wrote in message
news:6eyIc.9810$nh1.9702@newssvr25.news.prodigy.com...
> I am running Norton Internet Security Personal Firewall - but was
> wondering - would security, speed, and memory requirements be any better
> using a router with a hardware firewall?
>
>
>

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Paris wrote:

> If you're talking about using a NAT router like the popular Lynksis,
> D-link..... as a "hardware firewall" you would get more speed, BUT those
> security systems are only good for keeping bad traffic out they don't stop
> programs like torjan horse, keyloggers etc from communicating out to the
> Internet.

Neither do Personal Firewalls stop malware.

> A solution involving both your Norton software and a NAT router
> would be best.

A solution involving a skilled user *is* best.

Wolfgang
--
A foreign body and a foreign mind
never welcome in the land of the blind.
from 'Not one of us', (c) 1980 Peter Gabriel

 

[Paris]

Archived from groups: comp.security.firewalls (More info?)

Maybe in this specific case a life and a girlfriend would be "best"
;-0
"Wolfgang Kueter" <wolfgang@shconnect.de> wrote in message
news:ccuvtf$ff0$3@news.shlink.de...
> Paris wrote:
>
> > If you're talking about using a NAT router like the popular Lynksis,
> > D-link..... as a "hardware firewall" you would get more speed, BUT
those
> > security systems are only good for keeping bad traffic out they don't
stop
> > programs like torjan horse, keyloggers etc from communicating out to the
> > Internet.
>
> Neither do Personal Firewalls stop malware.
>
> > A solution involving both your Norton software and a NAT router
> > would be best.
>
> A solution involving a skilled user *is* best.
>
> Wolfgang
> --
> A foreign body and a foreign mind
> never welcome in the land of the blind.
> from 'Not one of us', (c) 1980 Peter Gabriel

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

yes, it would. Hardwaer based firewalls are designed to handle these
specific areas of operation and do this faster than software based fws.
However, they are also more expensive

"Greg" <rezlab_nospam@sbcglobal.net> wrote in message
news:6eyIc.9810$nh1.9702@newssvr25.news.prodigy.com...
> I am running Norton Internet Security Personal Firewall - but was
> wondering - would security, speed, and memory requirements be any better
> using a router with a hardware firewall?
>
>
>

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

A hardware firewall, like a router, protects against incoming.
It doesn't prevent outgoing; whereas a good software firewall will do
both.

On Mon, 19 Jul 2004 16:21:11 +0200, "Observer" <abc@def.com> wrote:

>yes, it would. Hardwaer based firewalls are designed to handle these
>specific areas of operation and do this faster than software based fws.
>However, they are also more expensive
>
>"Greg" <rezlab_nospam@sbcglobal.net> wrote in message
>news:6eyIc.9810$nh1.9702@newssvr25.news.prodigy.com...
>> I am running Norton Internet Security Personal Firewall - but was
>> wondering - would security, speed, and memory requirements be any better
>> using a router with a hardware firewall?
>>
>>
>>
>

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <p0vnf0pfojnpn6h5h8pc2qtglle6ba3a5c@4ax.com>, Nobody You Need
To Know <> says...
> A hardware firewall, like a router, protects against incoming.
> It doesn't prevent outgoing; whereas a good software firewall will do
> both.

A router is NOT a firewall, you can't suggest that a ROUTER is a
firewall. A hardware firewall WILL block outbound and inbound
connections based on defined rule sets. If you had said "A ROUTER, not
like a firewall, does not limit outbound" then you would have been on
the right track.

In most cases, many of the new routers provide the ability to block
outbound by port (or port range), but many do not, and that does NOT
make them a firewall by definition. None of the routers I've seen and
determine type of traffic, only block ports.

NOTE: ANY hardware firewall blocks in BOTH directions. Routers are just
simple network translation devices that are over-hyped by marketing
types as Firewalls.

A good software firewall, running on a personal computer, is very easily
compromised by the owner of the computer as the are very often required
to answer questions about permitting services/applications from
accessing in/out bound ports. Most users, the non-technical ones, that
don't have more than one computer, end up allowing their entire private
lan to be trusted, which is the same as not having a personal firewall.

> On Mon, 19 Jul 2004 16:21:11 +0200, "Observer" <abc@def.com> wrote:
>
> >yes, it would. Hardwaer based firewalls are designed to handle these
> >specific areas of operation and do this faster than software based fws.
> >However, they are also more expensive
> >
> >"Greg" <rezlab_nospam@sbcglobal.net> wrote in message
> >news:6eyIc.9810$nh1.9702@newssvr25.news.prodigy.com...
> >> I am running Norton Internet Security Personal Firewall - but was
> >> wondering - would security, speed, and memory requirements be any better
> >> using a router with a hardware firewall?
> >>
> >>
> >>
> >
>
>

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Nobody You Need To Know wrote:
>
> A hardware firewall, like a router, protects against incoming.
> It doesn't prevent outgoing; whereas a good software firewall will do
> both.

Which hardware "firewall" can't do egress filtering?

Thor

--
http://www.anta.net/

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Nobody You Need To Know <> wrote in
news0vnf0pfojnpn6h5h8pc2qtglle6ba3a5c@4ax.com:

> A hardware firewall, like a router, protects against incoming.
> It doesn't prevent outgoing; whereas a good software firewall will do
> both.
>

In the link, it explains a network FW which FW appliances and some
routers do meet the requirements.

There are a few other things in the link you may want to learn about FW
(s) hardware and software.

http://www.firewall-software.com/firewall_faqs/what_does_firewall_do.html

Duane

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

I'm sorry but I consider this threat a nonsense. What is a hardware
firewall? In computing since 70s the hardware runs software and it is the
software the one to perform a task... like being a firewall.

So? Again... what a hardware firewall is? Is CISCO PIX a hardware firewall?
CISCO PIX 515e is an Intel 486 hardware. Any diference with a Intel 486
rackable PC? They (CISCO) run something like IOS firewall. The PC can run
many FW software.

What about the appliances tha run a tyne Linux distro tu run firewall? Are
they hard or soft? A full nonsense.

So the question could be... what fw is best? That's all.

Best Regards,
Fidelio


> "Greg" <rezlab_nospam@sbcglobal.net> wrote in message
> news:6eyIc.9810$nh1.9702@newssvr25.news.prodigy.com...
> > I am running Norton Internet Security Personal Firewall - but was
> > wondering - would security, speed, and memory requirements be any better
> > using a router with a hardware firewall?

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Tue, 20 Jul 2004 09:26:57 +0200, Fidelio spoketh

>I'm sorry but I consider this threat a nonsense. What is a hardware
>firewall? In computing since 70s the hardware runs software and it is the
>software the one to perform a task... like being a firewall.
>
>So? Again... what a hardware firewall is? Is CISCO PIX a hardware firewall?
>CISCO PIX 515e is an Intel 486 hardware. Any diference with a Intel 486
>rackable PC? They (CISCO) run something like IOS firewall. The PC can run
>many FW software.
>
>What about the appliances tha run a tyne Linux distro tu run firewall? Are
>they hard or soft? A full nonsense.
>
>So the question could be... what fw is best? That's all.
>
>Best Regards,
>Fidelio
>

"Hardware firewall" has become (like it or not) synonymous with firewall
appliance. Now the problem is how to define a firewall appliance ...

The way I try to put it is: A firewall appliance is a dedicated unit
that does not run a user-oriented operating system, has no regular
computer connections (ie keyboard, mouse, monitor) other than ethernet
and a console/serial port, and it's only task is to work as a firewall.

That makes Pix a firewall appliance, as well as all the watchguards,
sonicwalls, the Nokia Checkpoint boxes and the Symantec gateway security
boxes. Checkpoint installed on a 1U Windows (or Unix) server does not
meet these criteria.

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Fidelio wrote:

> What is a hardware
> firewall? In computing since 70s the hardware runs software and it is the
> software the one to perform a task... like being a firewall.

You're right - the terms "hardware firewall" and "software firewall" are
technically incorrect. However, it is obvious that there is a need to
distinguish between workstation software such as ICF, Sygate or Tiny, and,
OTOH, external, dedicated firewalls.

> What about the appliances tha run a tyne Linux distro tu run firewall? Are
> they hard or soft?

From a penetrability viewpoint, probably the greatest difference is that
Linux firewalls often are used to protect other hosts, whereas Windows
"software firewalls" are typically used to protect only the workstation they
are running on.

Two important questions to ask are:

- can the firewall be axiomatically compromised by obtaining superuser
access on a/the host it protects?

- is the firewall always able to map connection attempts to specific
processes?

Maybe you would like to write a draft specification of which terminology
should be universally adopted.

Thor

--
http://www.anta.net/

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <g7vpf0tr6sfr45kdrqlbllbmh4fbfqm1ig@4ax.com>,
badnews@hansenonline.net says...
> "Hardware firewall" has become (like it or not) synonymous with firewall
> appliance. Now the problem is how to define a firewall appliance ...
>
> The way I try to put it is: A firewall appliance is a dedicated unit
> that does not run a user-oriented operating system, has no regular
> computer connections (ie keyboard, mouse, monitor) other than ethernet
> and a console/serial port, and it's only task is to work as a firewall.
>
> That makes Pix a firewall appliance, as well as all the watchguards,
> sonicwalls, the Nokia Checkpoint boxes and the Symantec gateway security
> boxes. Checkpoint installed on a 1U Windows (or Unix) server does not
> meet these criteria.

Very good example Lars - I'll have to remember this in the fight to
explain the different to people that are either trolls or just want to
argue.

One other thing I use to separate "appliances" from non-appliances - can
you install any other (non-firewall) application on the device, if you
can, then it's not a firewall appliance. I can't think of one appliance
that I could install MS Office or SendMail on.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Leythos" <void@nowhere.com> wrote in message
news:MPG.1b66d3cb97a0967f98a7bb@news-server.columbus.rr.com...
> In article <g7vpf0tr6sfr45kdrqlbllbmh4fbfqm1ig@4ax.com>,
> badnews@hansenonline.net says...
> > "Hardware firewall" has become (like it or not) synonymous with firewall
> > appliance. Now the problem is how to define a firewall appliance ...
> >
> > The way I try to put it is: A firewall appliance is a dedicated unit
> > that does not run a user-oriented operating system, has no regular
> > computer connections (ie keyboard, mouse, monitor) other than ethernet
> > and a console/serial port, and it's only task is to work as a firewall.
> >
> > That makes Pix a firewall appliance, as well as all the watchguards,
> > sonicwalls, the Nokia Checkpoint boxes and the Symantec gateway security
> > boxes. Checkpoint installed on a 1U Windows (or Unix) server does not
> > meet these criteria.
>
> Very good example Lars - I'll have to remember this in the fight to
> explain the different to people that are either trolls or just want to
> argue.
>
> One other thing I use to separate "appliances" from non-appliances - can
> you install any other (non-firewall) application on the device, if you
> can, then it's not a firewall appliance. I can't think of one appliance
> that I could install MS Office or SendMail on.
>
> --
> --
> spamfree999@rrohio.com
> (Remove 999 to reply to me)

I'm not familiar with "hardware firewalls", never having used one. The term
appliance seems a little awkward, but any way that you describe it, it would
necessarily have to be software driven. The only question I would have
would be the updating of the software in the "appliance" (hardware
firewall). How often is this updated and how? Thinking further, I used a
2Wire DSL interface for a while a couple of years ago. Would this be
classified as a "hardware firewall/appliance" that is being talked about?

DDDD

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <3d92b$40fd0d2c$45234d07$26840@allthenewsgroups.com>,
someone@some.one says...
>
> "Leythos" <void@nowhere.com> wrote in message
> news:MPG.1b66d3cb97a0967f98a7bb@news-server.columbus.rr.com...
> > In article <g7vpf0tr6sfr45kdrqlbllbmh4fbfqm1ig@4ax.com>,
> > badnews@hansenonline.net says...
> > > "Hardware firewall" has become (like it or not) synonymous with firewall
> > > appliance. Now the problem is how to define a firewall appliance ...
> > >
> > > The way I try to put it is: A firewall appliance is a dedicated unit
> > > that does not run a user-oriented operating system, has no regular
> > > computer connections (ie keyboard, mouse, monitor) other than ethernet
> > > and a console/serial port, and it's only task is to work as a firewall.
> > >
> > > That makes Pix a firewall appliance, as well as all the watchguards,
> > > sonicwalls, the Nokia Checkpoint boxes and the Symantec gateway security
> > > boxes. Checkpoint installed on a 1U Windows (or Unix) server does not
> > > meet these criteria.
> >
> > Very good example Lars - I'll have to remember this in the fight to
> > explain the different to people that are either trolls or just want to
> > argue.
> >
> > One other thing I use to separate "appliances" from non-appliances - can
> > you install any other (non-firewall) application on the device, if you
> > can, then it's not a firewall appliance. I can't think of one appliance
> > that I could install MS Office or SendMail on.
> >
> > --
> > --
> > spamfree999@rrohio.com
> > (Remove 999 to reply to me)
>
> I'm not familiar with "hardware firewalls", never having used one. The term
> appliance seems a little awkward, but any way that you describe it, it would
> necessarily have to be software driven. The only question I would have
> would be the updating of the software in the "appliance" (hardware
> firewall). How often is this updated and how? Thinking further, I used a
> 2Wire DSL interface for a while a couple of years ago. Would this be
> classified as a "hardware firewall/appliance" that is being talked about?

The appliances are updated either through a serial port or through the
GUI provided by the vendor. All firewalls, as well as most computing
devices, are driven by some type of firmware or software. In the case of
an appliance, it's mostly firmware (something contained in a re-
programmable chip) that is loaded by a boot-block of code. The firmware
method only allows the updating with the same type of firmware - meaning
that I could not load OS2 in my Firewalls firmware and end up with an
OS2 computer.

The appliance route is a dedicated device that can not be used for
anything else (notice, I didn't say "is not used for anything else").

In the case of the WatchGuard firewalls, I have a vendor provided
application suite that runs on a computer, it interfaces with the
firewall over specific ports/protocols. The interface lets me monitor,
change rules, update firmware, etc...

The DSL router that you are provided (or Cable Modem) by your ISP is
considered a "hardware" appliance, as is your managed network switch,
your managed network aware tape vault. Your network switch (unmanaged)
is considered to be just hardware.

About 5 years ago the marketing types decided to start pushing Routers
with NAT as firewalls, they only offered inbound blocking, not because
of firewall rules, but, because of the way that NAT works. Routers that
provide NAT are not firewalls, they are routers. Sure, you can update
the firmware in them, but they are just routers - some of them are nicer
than others and provide some enhanced features, but, they are still just
routers.

A software firewall is something that gets installed on a
Computer/Server/Workstation that MAY also have other software installed
on it - even if it doesn't have anything other than an OS and the
application, it's still a software firewall (based on what we're
discussing here). In the early days I used a Windows NT box with Sygate
and two NIC's as a dedicated solution - it was a NAT/Proxy type
solution. I considered it to be just NAT/Proxy and nothing more, and not
an appliance, it was a software solution.

If I install ISA (MS's Firewall) on a dedicated computer, just for
acting as a firewall, it's still not an appliance, it's just a software
firewall (much like NIS or ZoneAlarm or the others).


--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Tue, 20 Jul 2004 12:35:03 GMT, Leythos spoketh

>
>If I install ISA (MS's Firewall) on a dedicated computer, just for
>acting as a firewall, it's still not an appliance, it's just a software
>firewall (much like NIS or ZoneAlarm or the others).
>

Perhaps it would be a better idea to compare ISA to another network
firewall such as Checkpoint or Symantec Enterprise Firewall rather than
a desktop security suite...

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <scsqf01u3fks0d7ldngafo680udfa3al47@4ax.com>,
badnews@hansenonline.net says...
> On Tue, 20 Jul 2004 12:35:03 GMT, Leythos spoketh
>
> >
> >If I install ISA (MS's Firewall) on a dedicated computer, just for
> >acting as a firewall, it's still not an appliance, it's just a software
> >firewall (much like NIS or ZoneAlarm or the others).
> >
>
> Perhaps it would be a better idea to compare ISA to another network
> firewall such as Checkpoint or Symantec Enterprise Firewall rather than
> a desktop security suite...

Yes, that's more like ISA, and to be fair, I don't really expect any of
the home/soho users to install ISA, FW1 or SEF on their computers. I
guess I was being to literal.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Tue, 20 Jul 2004 20:00:42 GMT, Leythos spoketh

>In article <scsqf01u3fks0d7ldngafo680udfa3al47@4ax.com>,
>badnews@hansenonline.net says...
>> On Tue, 20 Jul 2004 12:35:03 GMT, Leythos spoketh
>>
>> >
>> >If I install ISA (MS's Firewall) on a dedicated computer, just for
>> >acting as a firewall, it's still not an appliance, it's just a software
>> >firewall (much like NIS or ZoneAlarm or the others).
>> >
>>
>> Perhaps it would be a better idea to compare ISA to another network
>> firewall such as Checkpoint or Symantec Enterprise Firewall rather than
>> a desktop security suite...
>
>Yes, that's more like ISA, and to be fair, I don't really expect any of
>the home/soho users to install ISA, FW1 or SEF on their computers. I
>guess I was being to literal.
>
>--

unless they buy Windows SBS 2003 server, they're not likely to install
ISA either...

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

> I'm not familiar with "hardware firewalls", never having used one. The term
> appliance seems a little awkward, but any way that you describe it, it would
> necessarily have to be software driven. The only question I would have
> would be the updating of the software in the "appliance" (hardware
> firewall). How often is this updated and how? Thinking further, I used a
> 2Wire DSL interface for a while a couple of years ago. Would this be
> classified as a "hardware firewall/appliance" that is being talked about?
>
> DDDD

A hardware firewall is one that looks kinda like a router (a box) that
sits on ur desk. the internet connection from the DSL hub goes through
this (in and then out) and to the router or hub, which splits ur
connections for all of your computers. this is running all of the time
on every connection sent in and out. expenseive ones even have POP3
scanning.

If anybody finds any good hardware firewall that is under $400 let me
know. thanks a lot.

peace

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Tue, 20 Jul 2004 18:13:13 -0400, Lars M. Hansen
<badnews@hansenonline.net> wrote:


>
>unless they buy Windows SBS 2003 server, they're not likely to install
>ISA either...
>

ISA runs just fine on server 2k and above.


greg

--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <bd8sf095s8ls3e5klp2eq5be6916cc9lsu@4ax.com>, me@privacy.net
says...
> On Tue, 20 Jul 2004 18:13:13 -0400, Lars M. Hansen
> <badnews@hansenonline.net> wrote:
>
>
> >
> >unless they buy Windows SBS 2003 server, they're not likely to install
> >ISA either...
> >
>
> ISA runs just fine on server 2k and above.

Yea, but the only people I see with ISA are the ones running SBS. There
are so many better options out there that there is no real good reason
to run ISA.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Wed, 21 Jul 2004 12:09:01 GMT, Leythos <void@nowhere.com> wrote:

>In article <bd8sf095s8ls3e5klp2eq5be6916cc9lsu@4ax.com>, me@privacy.net

>> ISA runs just fine on server 2k and above.
>
>Yea, but the only people I see with ISA are the ones running SBS. There
>are so many better options out there that there is no real good reason
>to run ISA.
>

Take a look at ISA 2004, its a significant improvement on what MS has
laughingly called a firewall previously.

The centralised management and L7 inspection is very impressive.



greg


--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Wed, 21 Jul 2004 09:55:14 +0100, Greg Hennessy spoketh

>On Tue, 20 Jul 2004 18:13:13 -0400, Lars M. Hansen
><badnews@hansenonline.net> wrote:
>
>
>>
>>unless they buy Windows SBS 2003 server, they're not likely to install
>>ISA either...
>>
>
>ISA runs just fine on server 2k and above.
>
>
>greg

I wasn't trying to imply that it didn't work with anything else, merely
that ISA server comes with the SBS package (at least one of them), and I
can see that if someone want to set up just a small site, then that
might be a good avenue...

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

I tested the beta release of ISA 2004 and I agree is very impressive
product. Anyway I could add that this new ISA MUST be installed over Windows
2003 Server not over 2000. And Microsoft took long time to produce the SP1
for W2003 so this makes ISA 2004 unsafe if you are not very careful while
installing W2003 and ISA.

ISA 2004 is not a bad security product... the only problem is that is based
over a operating system with serious problems on security...or I must say
serious problem while configuring the security.

I'm planning for my organization a solution of two firewall (sandwitch like)
and the external one will be ISA 2004 almost for sure and the internal one
will be the one I trust. I think this will give us a chance to test how
strong is ISA 2004.

Best Regards,
Fidelio

"Greg Hennessy" <me@privacy.net> escribió en el mensaje
news:t4qsf096cm9k0g61elgpesbcdf8btbvug6@4ax.com...
> On Wed, 21 Jul 2004 12:09:01 GMT, Leythos <void@nowhere.com> wrote:
>
> >In article <bd8sf095s8ls3e5klp2eq5be6916cc9lsu@4ax.com>, me@privacy.net
>
> >> ISA runs just fine on server 2k and above.
> >
> >Yea, but the only people I see with ISA are the ones running SBS. There
> >are so many better options out there that there is no real good reason
> >to run ISA.
> >
>
> Take a look at ISA 2004, its a significant improvement on what MS has
> laughingly called a firewall previously.
>
> The centralised management and L7 inspection is very impressive.
>
>
>
> greg
>
>
> --
> Konnt ihr mich horen?
> Konnt ihr mich sehen?
> Konnt ihr mich fuhlen?
> Ich versteh euch nicht