Ok – for anyone who has hung around microsoft.public.backoffice.smallbiz2000 and microsoft.public.windows.server.sbs, you probably realize that I’m a really big ISA fan.  While I’m not necessarily against hardware firewalls, I’m constantly irked by the people who automatically discount ISA because it isn’t a hardware firewall.  I’m so sick of the snot-nosed drivel ‘…but it runs on a Windows server and I can’t trust anything running on Windows to protect me.’  


BULL!   That just makes my blood boil.  And anyone paying attention to security trends knows that our threat vectors are increasingly from our own users versus the ‘traditional’ external hacks.  That’s one of the reasons why I love ISA – its AD integration for advanced internet access policies for user/group membership, etc.  And that’s just the tip of the iceberg for the features in ISA 2004. 


For those of you who are also big ISA fans and want a little ammo for the next time you encounter ‘that’ hardware firewall guy (and you know who I’m talking about – we’ve all got ’em), check this article out:


ISA Firewall Fairy Tales – What Hardware Firewall Vendors Don’t Want You to Know (v1.02):
http://isaserver.org/articles/2004tales.html