- Posts: 17
- Thank you received: 0
Firewall and ISA Server function.
17 years 11 months ago #18497
by taq
Firewall and ISA Server function. was created by taq
I have a situation and need your comment.
Existing network setup consists of firewall and ISA server. The control is to allow or disallow users to access the internet through ISA server.
Planning is to remove the ISA server. Can a firewall allow and disallow internal users from accessing the internet as currently what ISA server is doing?
The reason is simple, we don't want to maintain OS and server. If firewall can do proxying, than we may want to do that.
Thanks.
Existing network setup consists of firewall and ISA server. The control is to allow or disallow users to access the internet through ISA server.
Planning is to remove the ISA server. Can a firewall allow and disallow internal users from accessing the internet as currently what ISA server is doing?
The reason is simple, we don't want to maintain OS and server. If firewall can do proxying, than we may want to do that.
Thanks.
17 years 11 months ago #18502
by TheBishop
Replied by TheBishop on topic Re: Firewall and ISA Server function.
Some can. As a minimum you'll need one that provides an http proxy with some sort of user authentication scheme in addition to being just a firewall. Of the top of my head you can do this with both Cyberguard and Checkpoint. The above, of course, will only give you control over your browsing. If you want to control everything destined for the internet that's going to be trickier. To do that with a firewall alone you'd probably need clients with fixed IP addresses but the administrative overhead and complexity would be silly. Hence things like ISA server!
17 years 11 months ago #18513
by DaLight
Replied by DaLight on topic Re: Firewall and ISA Server function.
To add what the Bishop said, ISA server is much more than a firewall. It performs has the functionality of a firewall, web caching and proxy server, bandwidth manager. It can also act as an application proxy for non-http protocols like SMTP. In addition, even though VPN functionality is built into Windows 2000/2003 server, ISA has a number of enhancements which make it easier to deploy VPNs.
I suppose your final decision will be influenced by how much functionality the replacement firewall possesses, and how much of the ISA server "extras" you really need.
I suppose your final decision will be influenced by how much functionality the replacement firewall possesses, and how much of the ISA server "extras" you really need.
17 years 11 months ago #18514
by Smurf
Its worth also noting that the Bandwidth Management was dropped from ISA in ISA 2004 upwards because it didn't work properly in ISA 2000
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Firewall and ISA Server function.
To add what the Bishop said, ISA server is much more than a firewall. It performs has the functionality of a firewall, web caching and proxy server, bandwidth manager. It can also act as an application proxy for non-http protocols like SMTP. In addition, even though VPN functionality is built into Windows 2000/2003 server, ISA has a number of enhancements which make it easier to deploy VPNs.
Its worth also noting that the Bandwidth Management was dropped from ISA in ISA 2004 upwards because it didn't work properly in ISA 2000
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 11 months ago #18515
by DaLight
Replied by DaLight on topic Re: Firewall and ISA Server function.
Actually, it's back to a limited extent in ISA 2006.Its worth also noting that the Bandwidth Management was dropped from ISA in ISA 2004 upwards because it didn't work properly in ISA 2000
17 years 11 months ago #18517
by Smurf
Kewl, do you have a link for me to take a look ? I can only find this link on new features which doesn't mention it ?
www.microsoft.com/isaserver/prodinfo/whatsnew.mspx
Cheers fella
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: Firewall and ISA Server function.
Actually, it's back to a limited extent in ISA 2006.
Kewl, do you have a link for me to take a look ? I can only find this link on new features which doesn't mention it ?
www.microsoft.com/isaserver/prodinfo/whatsnew.mspx
Cheers fella
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.133 seconds