[unisog] Microsoft ISA Server

Curtis Kline ckline at housing.ucsb.edu
Wed Jul 24 21:42:42 GMT 2002


We also looked at that product as a firewall for our administrative
network. One major drawback: Network Address Translation is required
between the inside and outside interfaces. It is a proxy server at heart
(it's really just MS Proxy Server 3.0) and it cannot act like a router
between those interfaces.

It can in fact route packets without terminating the TCP connection
between the 'DMZ' and the outside interface, but traffic destined for
the inside interface must be proxied.

Those reasons, among others, caused us to go another route.


______________________________________
Curtis Kline
Residential Network Coordinator
University of California Santa Barbara
805.893.4016 Voice
805.893.4766 FAX
 

+ -----Original Message-----
+ From: Pat Wilson [mailto:paw at noh.ucsd.edu] 
+ Sent: Wednesday, July 24, 2002 2:18 PM
+ To: unisog at sans.org
+ Subject: [unisog] Microsoft ISA Server
+ 
+ 
+ 
+ Anyone have experience with MS ISA Server, especially as a stateful
+ firewall?  One of the Microsoft shops here is looking at it...
+ Is it worth the time/trouble/cost?  What are the major downsides?
+ 
+ Thanks.
+ 
+ 
+ Pat Wilson
+ Network Security Manager
+ UCSD ACS/Network Operations
+ paw at ucsd.edu
+ 6F3A AE75 F931 3A19 D207 19F3 DB9B 29DC 2C3F E015
+ 
+ 



More information about the unisog mailing list