• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA Install with fixed ISA Filter

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 General] >> Installation and Planning >> ISA Install with fixed ISA Filter Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA Install with fixed ISA Filter - 21.Jan.2007 12:46:50 AM   
RWSDK

 

Posts: 3
Joined: 21.Jan.2007
From: Denmark
Status: offline
Hi

I want to use ISA Server 2006 as a Frontend Security Gateway that authenticates the User, using a custom authentication mechanism. The custom authentication mechanism is implemented using a custom ISA Filter that intercepts the HTTP request received by the ISA Server.

Using Custom ISA Filters on the ISA Server is a matter of configuration. However, as it is possible to configure, it is possible to turn it off as well.

My question is then: How do I install my custom ISA filter on the ISA Server 2006, in a way so it cannot be disabled through a configuration setting? My thoughts of a solution are going in the diretions of a custom installation or a hardware solution. Is it possible to make a Custom ISA Filter a part of the ISA Server Software Installation so it cannot be turned off through configuration, unless you re-installe the ISA Server?  

Best Regards, Rico
 
Post #: 1
RE: ISA Install with fixed ISA Filter - 24.Jan.2007 2:02:01 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Are you saying that you don't trust your Firewall admins?

Sounds like there are significnat issues in your oganizaition if that's the case.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to RWSDK)
Post #: 2
RE: ISA Install with fixed ISA Filter - 25.Jan.2007 3:55:09 AM   
RWSDK

 

Posts: 3
Joined: 21.Jan.2007
From: Denmark
Status: offline
No, I have high trust in our Admins. Nevertheless, various security analysis papers remark that threats from inside organisations are to be taken serious, just as well as external threats.

My biggest concern is external threats from the Internet. I would like to say something about the security risk of introducing an authentication mechanism based on a custom ISA Filter. Assume however that the ISA Filter itself is securely written, i.e. is robust against Buffer Overflow attacks and the like. Assume also that the custom Authentication mechanism is secure. Would you say that the risk for an external attacker from the Internet to inject malicious code on the ISA Server to disable the ISA Filter would equal to compromise the ISA Server as such? So the weak point in that configuration would be the configuration of the ISA Server (and OS) as such, not the fact that you use a custom ISA Filter?


_____________________________

Best Regards, Rico

(in reply to tshinder)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 General] >> Installation and Planning >> ISA Install with fixed ISA Filter Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts