Isa 2006 on Windows 2003 Enterprise ed. 64 bit (Full Version)

All Forums >> [ISA 2006 General] >> General



Message


hgerrit -> Isa 2006 on Windows 2003 Enterprise ed. 64 bit (29.Sep.2006 5:41:31 PM)

Hello folks,

Just wondering:
How is it possible that Microsoft has an 64 bit Server Operating System, and that Microsoft doesn't have a ISA firewall that is supported on 64 bit windows versions?
Isn't there really anyone who has the same problem?
We are installing a new domain controller on  a 64 bit system and also want ISA 2006 installed on it.....but the firewall drivers aren't suitable for 64 bit....
AARRGGH

Thnx





elmajdal -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (30.Sep.2006 4:02:29 AM)

quote:

We are installing a new domain controller on  a 64 bit system and also want ISA 2006 installed on it


Never Ever install ISA server on a Domain Controller !!!

if u want to do this , then get an SBS .





hgerrit -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (30.Sep.2006 8:06:19 PM)

quote:

Never Ever install ISA server on a Domain Controller !!!


Can u tell me why not? Is that a big crime? [8|]





tshinder -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (30.Sep.2006 8:46:08 PM)

Because you violate the entire ISA Firewall security model.

You don't put wallet on the front porch before you go to sleep at night, and you don't install the ISA Firewall on a DC.

Make sense?

HTH,
Tom




elmajdal -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (1.Oct.2006 1:34:03 AM)

quote:

ORIGINAL: tshinder

Because you violate the entire ISA Firewall security model.

You don't put wallet on the front porch before you go to sleep at night, and you don't install the ISA Firewall on a DC.

Make sense?

HTH,
Tom



Exactly !

Thanks Tom.


Tarek.




hgerrit -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (1.Oct.2006 3:06:14 PM)

Ok, If u say so, I believe it.

But then every SBS server we installed for our customers is not safe....
We always install ISA on a SBS...so that is the correct way, but installing ISA on a domain controller (no SBS) is not something I should do?

Can u explain me why?
isa on sbs = OK
isa on DC = NOT OK

I don't understand...sorry....

Can u help me understand?

Thnx




alans -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (5.Oct.2006 8:32:47 PM)

SBS is for people that can't afford the cool stuff and are willing to take the risks of having everything on one machine.

[:D]

Alans




hgerrit -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (6.Oct.2006 8:27:15 AM)

Some organisations can't afford about 10000 euro's aprox 12000 dollar for software.

My point is clear I think... Microsoft didn't build sbs to have a lot of sites not fully protected. besides. here in europe, we don't put a isa firewall directly to the internet.
it goed like: ISA-->DSL Router (10.0.0.x) --> INTERNET (offcourse with NAT enabled)

Maybe Tom can explain my previous post?

thnx in advance




tshinder -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (8.Oct.2006 12:01:59 PM)

quote:

ORIGINAL: hgerrit

Ok, If u say so, I believe it.

But then every SBS server we installed for our customers is not safe....
We always install ISA on a SBS...so that is the correct way, but installing ISA on a domain controller (no SBS) is not something I should do?

Can u explain me why?
isa on sbs = OK
isa on DC = NOT OK

I don't understand...sorry....

Can u help me understand?

Thnx


SBS is a compromise between price and security. Everyone in the security community knows that SBS is a security nightmare, but if people can afford to pay for industry standard security, then they take the risk of running SBS. Remember, you always get what you pay for, even if you live in a socialist system [:D]

HTH,
Tom




elmajdal -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (8.Oct.2006 12:52:59 PM)

beside,

do u dare to put all your eggs in one basket ??

if this basket is down for any reason , all ur eggs will be down with it .





hgerrit -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (12.Oct.2006 7:45:52 AM)

ok, got your point. [;)]

When will ISA be supported on x64?

Is there now work around to get isa 2006 on x64??

Thnx




elmajdal -> RE: Isa 2006 on Windows 2003 Enterprise ed. 64 bit (12.Oct.2006 8:03:33 AM)

u want more of
quote:

Do Not Install ISA Server on a Domain Controller


There are a lot of reasons to not install ISA Server on a domain controller. First, the configuration can get complex and confusing for someone that doesn't have a lot of experience with Windows 2000/03 networking and ISA Server. Second, you're putting your family jewels on the edge of the network.

While it's unlikely that the ISA Server will ever be compromised , you can bet that it's going to be the ISA Server machine everyone is trying to break into. If someone does compromise the ISA Server that's running on a domain controller, they now have access to the most important component of your enterprise. It would be relatively easy to just delete your Active Directory database or corrupt it (in fact, you don't even need a hacker to get a corrupted Active Directory  ).
Taken from :
 
 
as for
quote:

When will ISA be supported on x64?

Is there now work around to get isa 2006 on x64??
 
MS never mentioned anything about this topic.
only that the new firewall client now support x64 machines.
 




Page: [1]