Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: ISA Server or Firewall Appliance?

from [Derick Anderson] Network Security [Permanent Link]
Subject: RE: ISA Server or Firewall Appliance?
Date: Wed, 16 Nov 2005 12:03:51 -0500 
 


-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] 
[mailto:sbradcpa@pacbell.net] 
Sent: Tuesday, November 15, 2005 8:52 PM
To: James Eaton-Lee
Cc: Marcos Marrero; focus-ms@securityfocus.com
Subject: Re: ISA Server or Firewall Appliance?

The annoying SBSer with ISA on her box is going to challenge 
you on that one.

What exactly doesn't feel quite right?  Why does it not feel right?

In my network I like it because it's on a platform that I can 
monitor easier. Control better.  Patch easier.  [WSUS will 
soon support ISA as a matter of fact]

Isn't the same true for big networks?

I think we all need to let go of our OS perceptions and look 
at the realities of operating systems these days and what 
not.  If we can't control it...understand it...I'm not sure 
it's not helping in the security fabric of my network.

Our firewalls are not our perimeters any more.

http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?Eve
ntID=1032286231&EventCategory=3&culture=en-US&CountryCode=US



I'll add my two cents - I've never used ISA (or Cisco, Juniper,
WatchGuard, etc.), in fact I've only ever used netfilter on Debian
Linux, with no GUI and as few packages installed as necessary. I believe
in deploying servers with the minimum number of services required for it
to function as intended.

I don't need a GUI to configure my firewall, nor do I need Remote
Desktop or IIS or a JVM or DCOM or wallpaper or Windows startup sounds
or a certification from Cisco. However, I did need to spend a lot of
time learning how network protocols, NAT, connection tracking and
netfilter work. I think it was well worth the investment.
Performance-wise, I believe Netfilter is adequate: 200,000 pps/20,000
new requests per second, with filtering, connection tracking, and NAT on
an Opteron-based system (Intel was significantly slower). 

I think it depends on whether you need something to work now, securely,
or whether you can trade off time for a minimal installation, which is
theoretically more secure than one which brings the trappings of a
user-oriented operating system, like Windows or Red Had/SUSE.

Derick Anderson

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: More... On the topic of Windows Hardening, MS05-018?, enine
Next by Date:  RE: Renaming Administrator account, Laura A. Robinson
Previous by Thread:  Re: ISA Server or Firewall Appliance?, Thor (Hammer of God)
Next by Thread:  RE: ISA Server or Firewall Appliance?, James Eaton-Lee
Indexes:  [Date] [Thread] [Top] [All Lists]