• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Server Publishing vs Packet Filtering

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Server Publishing >> Server Publishing vs Packet Filtering Page: [1]
Login
Message << Older Topic   Newer Topic >>
Server Publishing vs Packet Filtering - 29.May2001 9:08:00 PM   
aquabubble

 

Posts: 19
Joined: 29.May2001
Status: offline
Can anyone explain the comment in the ISA Server help file:

"Server publishing rules and Internet Protocol (IP) packet filters both open specific ports for communication between the local network and the Internet. In most situations, you will use server publishing rules to make internal servers accessible to external clients. Indeed, it is recommended that you use server publishing rules, because application filters can further process requests destined for the server. For more information on application filters, see Application filters.

"In some cases, IP packet filters must be used:

"* When you are publishing servers that are situated on a perimeter network (also known as a DMZ, demilitarized zone, and screened subnet), you must use IP packet filters to make them accessible to external clients."

Why can't you use publishing rules for servers inside a DMZ?

Post #: 1
RE: Server Publishing vs Packet Filtering - 31.May2001 9:33:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Bubble,

Good question. The reason why you can use Server Publishing rules is that routed communications are not processed through the ISA Server rules engine. Only requests moving between the internal and external network (as defined by the LAT).

Since packets are routed between the Internet and the DMZ, the only way to allow access into and out of the DMZ is by creating packet filters.

HTH,
Tom

------------------
Tom Shinder
http://www.isaserver.org/shinder/

Get It Here


(in reply to aquabubble)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Server Publishing >> Server Publishing vs Packet Filtering Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts