[Dshield] (no subject)

Tom Geairn tgeairn at newviewconsulting.com
Wed Mar 27 15:36:41 GMT 2002

Hash: SHA1

Bob, Kevin, et all:

Overall, I've done approximately 30 ISA Server installs in the past
12 months.  These have all gone smoothly and in every case the
product has exceeded the client's expectations.  

I agree with Kevin, in part, though.  The correct set-up of ISA
Server is NOT a trivial task.  It requires all of the knowledge
needed to set-up a firewall, along with thorough knowledge of
everything you want to publish from behind it.  Throw in the fact
that MS basically went to the nth degree in making it flexible
(creating about 1000 different ways to do the same thing) and many
smaller companies get frightened off.

In those 30 installs (including approx. 50 servers total), I have
never, NOT ONCE, seen a successful breach of the ISA firewall.  Some
of these machines are at sites being hit continuously by attempted
hacks.  Another plus is that using the proxied publishing for web and
SMTP servers (while complex to set up properly) prevented my clients
from experiencing any degradation on their actual web and email
servers during codered, nimda, etc.  

As far as a filter for ISA, I have written one that requires ISA to
log activity in an SQL Server DB.  I then use a stored procedure to
parse the entries and produce a more readily reportable format. 
Another procedure takes the data, throws it into a Dshield format,
and emails it.  I wrote this for a client, but they are not using it
(I don't think).  If there is sufficient demand out there, I will put
together something that doesn't require SQL Server.  Any requests?

- -Tom Geairn
NewView Consulting, LLC

- -----Original Message-----
From: list-admin at dshield.org [mailto:list-admin at dshield.org] On
Behalf Of Bob Savage
Sent: Wednesday, March 27, 2002 6:53 AM
To: list at dshield.org
Subject: RE: [Dshield] (no subject)

And is anyone else out there even USING ISA server?


Version: PGP 7.1


More information about the list mailing list