|
Focus on Microsoft
ISA Server or Firewall Appliance? Nov 15 2005 04:58PM Marcos Marrero (mmarrero LLOYDSTSB-USA com) (1 replies) Re: ISA Server or Firewall Appliance? Nov 15 2005 09:28PM James Eaton-Lee (james mailing gmail com) (2 replies) Re: ISA Server or Firewall Appliance? Nov 16 2005 01:51AM Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net) (3 replies) Re: ISA Server or Firewall Appliance? Nov 16 2005 05:37PM Abe Getchell (mailing list spooler gmail com) (1 replies) Re: ISA Server or Firewall Appliance? Nov 16 2005 05:50PM Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net) (1 replies) Re: ISA Server or Firewall Appliance? Nov 16 2005 06:22PM Abe Getchell (mailing list spooler gmail com) RE: ISA Server or Firewall Appliance? Nov 15 2005 11:35PM Nick Wells (nick clandestineresearch com) (1 replies) Re: ISA Server or Firewall Appliance? Nov 16 2005 10:56PM Abe Getchell (mailing list spooler gmail com) (1 replies) |
|
|
Privacy Statement |
Is the article I mentioned, you'll notice that it talks about ISA 2000, not
2004. This is the article I remember, I sometimes get numbers mixed up
though.
This probably invalidates what I said earlier, but such is life when version
numbers change. I believe these guys could be convinced to test 2004 if the
demand was high enough, but I somehow doubt that'll happen.
I do think ISA 2004 can stand up just as well as ISA 2000.
-----Original Message-----
From: Abe Getchell [mailto:mailing.list.spooler (at) gmail (dot) com [email concealed]]
Sent: Wednesday, November 16, 2005 17:57
To: Nick Wells
Cc: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: ISA Server or Firewall Appliance?
> I've been using ISA 2004 on a box that's been facing the internet since
it's
> was released as a public beta. I've run other firewall "appliances" as
well
> as both m0n0wall and pfSense (pfSense is a variant of m0n0wall optimized
for
> use on standard PC hardware) and I've really found it to have the best
> featureset. I also read an article on Network Computing or Windows
Magazine
> that put ISA2004 as one of the fastest firewalls, almost achieving "full"
> 1000Base-TX speeds.
Do you have a link to an online version of this article? I'd like to see
their testing criteria. It's not that I don't believe you... well, yeah,
it is that I don't believe you. You're just some guy on the Internet,
after all.
> I think ISA's real redemption comes from the hardware that it runs on,
> standard (sometimes cheap) PC components. If you get a power surge on an
> Ethernet card (because only in the engineer's dreamworld does the Ethernet
> cable get it's on surge arrestor) and blow the card, there's a $20
> replacement at the local computer store. On the other hand, you have the
> sleek, integrated units that you have to throw away or RMA if something
gets
> zapped, and you won't be able to troubleshoot it to the same degree you'd
be
> able to troubleshoot an ISA server.
Personally, I see this as a negative. That cheap $20 Ethernet card you
mention being easy to replace is also more likely to go down do to a
failure than something built with enterprise class components... not
just with whatever parts came off the boat from <insert Southeast Asian
country here> last week. The fact that ISA can run on commodity hardware
means that it is more prone to a hardware failure, and that isn't
acceptable in a high-availability environment... and who's business
isn't these days?
Abe
--
Abe Getchell
abegetchell (at) gmail (dot) com [email concealed]
http://abegetchell.com/
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]