Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: ISA Server or Firewall Appliance?

from [Nick Wells] Network Security [Permanent Link]
Subject: RE: ISA Server or Firewall Appliance?
Date: Wed, 16 Nov 2005 23:33:00 -0500 
http://www.networkcomputing.com/showArticle.jhtml?articleID=15000512

Is the article I mentioned, you'll notice that it talks about ISA 2000, not
2004.  This is the article I remember, I sometimes get numbers mixed up
though.

This probably invalidates what I said earlier, but such is life when version
numbers change.  I believe these guys could be convinced to test 2004 if the
demand was high enough, but I somehow doubt that'll happen.

I do think ISA 2004 can stand up just as well as ISA 2000.

-----Original Message-----
From: Abe Getchell [mailto:mailing.list.spooler@gmail.com] 
Sent: Wednesday, November 16, 2005 17:57
To: Nick Wells
Cc: focus-ms@securityfocus.com
Subject: Re: ISA Server or Firewall Appliance?


I've been using ISA 2004 on a box that's been facing the internet since

it's

was released as a public beta.  I've run other firewall "appliances" as

well

as both m0n0wall and pfSense (pfSense is a variant of m0n0wall optimized

for

use on standard PC hardware) and I've really found it to have the best
featureset.  I also read an article on Network Computing or Windows

Magazine

that put ISA2004 as one of the fastest firewalls, almost achieving "full"
1000Base-TX speeds.


Do you have a link to an online version of this article? I'd like to see 
their testing criteria. It's not that I don't believe you... well, yeah, 
it is that I don't believe you. You're just some guy on the Internet, 
after all.


I think ISA's real redemption comes from the hardware that it runs on,
standard (sometimes cheap) PC components.  If you get a power surge on an
Ethernet card (because only in the engineer's dreamworld does the Ethernet
cable get it's on surge arrestor) and blow the card, there's a $20
replacement at the local computer store.  On the other hand, you have the
sleek, integrated units that you have to throw away or RMA if something

gets

zapped, and you won't be able to troubleshoot it to the same degree you'd

be

able to troubleshoot an ISA server.


Personally, I see this as a negative. That cheap $20 Ethernet card you 
mention being easy to replace is also more likely to go down do to a 
failure than something built with enterprise class components... not 
just with whatever parts came off the boat from <insert Southeast Asian 
country here> last week. The fact that ISA can run on commodity hardware 
means that it is more prone to a hardware failure, and that isn't 
acceptable in a high-availability environment... and who's business 
isn't these days?

Abe

-- 
Abe Getchell
abegetchell@gmail.com
http://abegetchell.com/




---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Renaming Administrator account, Daniel Kuhlmann
Next by Date:  Re: What server hardening are you doing these days?, Ansgar -59cobalt- Wiechers
Previous by Thread:  Re: ISA Server or Firewall Appliance?, Abe Getchell
Next by Thread:  Re: ISA Server or Firewall Appliance?, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Indexes:  [Date] [Thread] [Top] [All Lists]