397

As a firewall administrator your primary concern is access control. You want to control exactly what services internal network users can access on other networks, and you want exact control over what services external users can access on the internal network. That’s the reason you have a firewall. If you don’t want someone to access a specific service on the Internet, then you either do not allow it (the preferred method) or you explicitly block it (the less preferred method). This isn’t a radical approach and is something inherent in all good firewall policies. For example, you have created a … Continue reading The Evils of SSL Tunneling

 By Thomas W Shinder M.D. Got questions? Discuss this article over athttp://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=30;t=000170 Like the ISA Server 2000 firewall, the ISA firewall (ISA Server 2004) supports RADIUS authentication for VPN clients. RADIUS authentication is most useful when the ISA firewall is not a member of the Internal network domain. Situations where you would not want to make the ISA firewall a member of the Internal network domain would include those where the ISA firewall is the Internet edge firewall and there are other back-end firewalls on the network. While it is completely acceptable to make the ISA firewall on the Internet … Continue reading Using RADIUS Authentication with the ISA Firewall’s VPN Server (2004)

Protecting Microsoft Exchange with ISA Server 2004 Firewalls:Integrating the ISA Firewall into an Established Network InfrastructureBy Thomas W Shinder M.D. Nobody likes to start from scratch. This is especially true if you have a well established network and firewall infrastructure that’s working for you. Why would you want to go and change everything just to add a new application layer intelligent firewall to your setup? Things are working already and you haven’t been successfully attacked for at least 6 weeks. This is something I come across a lot when recommending ISA firewalls to organizations that already have a firewall and … Continue reading Protecting Microsoft Exchange with ISA Server 2004 Firewalls:Integrating the ISA Firewall into an Established Network Infrastructure

This is my first article in a blog ever. I was wondering how blogs are different than “this is my cat” Web sites from the early 1990’s. BTW — did I show you a picture of my cat?