ISA Opinions

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I am working on a security specialty in my MCSE track. I just started
studying ISA 2000.

Microsoft's claims in the early chapters of the study kit are pretty
impressive. But things are seldom as good as they first appear.

What are the good points and not so good points about using ISA server? Is
it better, worse or just different from a hardware firewall?

Myrt
--
7TA9241

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Whether or not a firewall runs on hardware, software, sodium ions, or
anything else is not the question: the question is, does the firewall I am
looking at provide layer 7 filtering and inspection of traffic? If it
doesn't then it's not going to provide the maximum benefit that firewalls
*need* to provide these days.

Perimeter security however is not the end all be all of network security.
ISA does what it can to address a specific array of threats in a particular
setting. A PIX has it's own issues and particular sets of threats it
mitigates. Frequently, I see these devices working together to provide a
perimeter "defense in depth" approach.



"mwebb" <mwebb@discussions.microsoft.com> wrote in message
news:B82492D7-111E-43D7-8260-1E1AFA63C4CC@microsoft.com...
>I am working on a security specialty in my MCSE track. I just started
> studying ISA 2000.
>
> Microsoft's claims in the early chapters of the study kit are pretty
> impressive. But things are seldom as good as they first appear.
>
> What are the good points and not so good points about using ISA server? Is
> it better, worse or just different from a hardware firewall?
>
> Myrt
> --
> 7TA9241

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

*grin*

Exactly.

Personally, I use a Fortigate, then an ISA server. Both have their pros,
and both have their cons.

Matt Gibson - GSEC

"Steve Clark [MSFT]" <bogus@microsoft.com> wrote in message
news:ePbLo9JNFHA.3156@TK2MSFTNGP15.phx.gbl...
> Whether or not a firewall runs on hardware, software, sodium ions, or
> anything else is not the question: the question is, does the firewall I am
> looking at provide layer 7 filtering and inspection of traffic? If it
> doesn't then it's not going to provide the maximum benefit that firewalls
> *need* to provide these days.
>
> Perimeter security however is not the end all be all of network security.
> ISA does what it can to address a specific array of threats in a
> particular setting. A PIX has it's own issues and particular sets of
> threats it mitigates. Frequently, I see these devices working together to
> provide a perimeter "defense in depth" approach.
>
>
>
> "mwebb" <mwebb@discussions.microsoft.com> wrote in message
> news:B82492D7-111E-43D7-8260-1E1AFA63C4CC@microsoft.com...
>>I am working on a security specialty in my MCSE track. I just started
>> studying ISA 2000.
>>
>> Microsoft's claims in the early chapters of the study kit are pretty
>> impressive. But things are seldom as good as they first appear.
>>
>> What are the good points and not so good points about using ISA server?
>> Is
>> it better, worse or just different from a hardware firewall?
>>
>> Myrt
>> --
>> 7TA9241
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

For what it does ISA is pretty impressive especially for application
filtering. ISA 2004 is a major improvement over ISA 2000 if functionality
and ease of use including much better VPN support to manage VPN user access
to network and internet resources. Unless you have a short time horizon, go
with ISA 2004. The exam for it is supposed to be out early in April. I don't
know when there will be MCSE study guide out for it by Dr. Tom Shinders book
on ISA 2004 is excellent and he answers your question in great detail with
comparisons to current firewall offerings. --- Steve


"mwebb" <mwebb@discussions.microsoft.com> wrote in message
news:B82492D7-111E-43D7-8260-1E1AFA63C4CC@microsoft.com...
>I am working on a security specialty in my MCSE track. I just started
> studying ISA 2000.
>
> Microsoft's claims in the early chapters of the study kit are pretty
> impressive. But things are seldom as good as they first appear.
>
> What are the good points and not so good points about using ISA server? Is
> it better, worse or just different from a hardware firewall?
>
> Myrt
> --
> 7TA9241