Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
The best way to understand traffic
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
The best way to understand traffic - 6.Jul.2005 4:03:00 AM
|
|
|
SerVicSer
Posts: 14
Joined: 22.Mar.2005
From: Russia
Status: offline
|
Hi all,
can you please advice me on the following problem:
I have a network (with users :-) and servers. And, of course, a dedicated ISA 2004 server.
I wish my users have free access to the Internet and some my internal servers/services (FTP, HTTP, NNTP) to be published.
Questions: 1) is it wise to install a separate 3rd NIC on the ISA 2004 server -- a dedicated one for publishing purposes (smth. like DMZ, but all internal servers now are in the same logical network segment together with users' hosts)?
2) is it wise and convenient to split internet-traffic (only incoming is accountable) to different ISA 2004 rules and access policies in order to be able to analyze it more precisely, or just allow authorized AD users to have internet access thru one general rule without any protocols selection/separation?
Thank you very much in advance!
Regards,
Sergey
|
|
|
|
|
RE: The best way to understand traffic - 12.Jul.2005 4:23:00 PM
|
|
|
tshinder
Posts: 47659
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Sergey,
1. A third NIC on the ISA firewall would be more secure. Just put the published servers on that network segment and create the required publishing rules.
2. Outbound access uses Access Rules, inbound access uses publishing rules.
HTH,
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
