Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Your opinion: Close everything or not
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Your opinion: Close everything or not - 12.Apr.2005 11:28:00 PM
|
|
|
Guest
|
Hi,
We will be migrating our ISA 2000 to ISA 2004 (in fact, building a new server so we have some time for tests). I'd like to have your opinion about if you recommend closing all outbound Internet access and open only the required ports/services or the reverse?
We have an environment which includes Linux, MAC and Windows. So we will have a mix of SecureNAT, Web Proxy and Firewall clients.
We'd like to make sure our approach is manageable and that we don't have to modify the firewall configuration every day.
What are your thoughts?
Thanks!
Sylvain
|
|
|
|
|
RE: Your opinion: Close everything or not - 13.Apr.2005 2:18:00 PM
|
|
|
tshinder
Posts: 47420
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Sylvain,
Yes, least priviledge is the best security method you can use. However, to make it work, you need to survey your user groups to find out what sites and protocols are required in order to get their jobs done.
HTH,
Tom
|
|
|
|
RE: Your opinion: Close everything or not - 13.Apr.2005 8:52:00 PM
|
|
|
remdotc
Posts: 42
Joined: 18.Feb.2005
From: Detroit, USA
Status: offline
|
Running ISA 04 on trail in a mixed enviroment. My suggestion, only allow standard protocols of what you need. If you can get away with it, do not use ADS, or if you do Make sure its a firewall not directly connected to the internet.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
