• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SONIC wall or ISA 2006

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 General] >> General >> SONIC wall or ISA 2006 Page: [1]
Login
Message << Older Topic   Newer Topic >>
SONIC wall or ISA 2006 - 17.Aug.2009 4:52:42 AM   
Budmaas

 

Posts: 90
Joined: 7.Oct.2007
Status: offline 		I'm planning to replace my ISA 2006 with SONIC wall[ NSA 3500 & tz-180]

Is it good idea ... . ?
Post #: 1
RE: SONIC wall or ISA 2006 - 17.Aug.2009 8:36:16 AM   
SteveMoffat

 

Posts: 1130
Joined: 29.Jun.2001
From: Hamilton, Bermuda
Status: offline 		Not particularly, but the sonicwall is a reasonable box.

_____________________________

Thanks
Steve

ISA 2006 Book! - http://tinyurl.com/2gpoo8
TMG Bible - http://tinyurl.com/ykv85hr
www.isaserver.bm

The built in ISA help is likely the most comprehensive help built into an application anywhere. USE it!!! Search it!!! RTFM

(in reply to Budmaas)
Post #: 2
RE: SONIC wall or ISA 2006 - 17.Aug.2009 10:49:18 AM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline 		SteveMoffat, can you elaborate more?  We are running ISA server as a webcache/firewall/VPN server.   We're thinking of replacing it with the Sonicwall NSA appliace.  Will I see a performance hit?

(in reply to SteveMoffat)
Post #: 3
RE: SONIC wall or ISA 2006 - 17.Aug.2009 1:16:11 PM   
SteveMoffat

 

Posts: 1130
Joined: 29.Jun.2001
From: Hamilton, Bermuda
Status: offline 		I wouldn't think you'll see a performance hit, but it will cost you a lot more money to have all the features that ISA has built in.

You will also lose the ability to tie your authentication into AD seamlessly and the application layer functionality.

_____________________________

Thanks
Steve

ISA 2006 Book! - http://tinyurl.com/2gpoo8
TMG Bible - http://tinyurl.com/ykv85hr
www.isaserver.bm

The built in ISA help is likely the most comprehensive help built into an application anywhere. USE it!!! Search it!!! RTFM

(in reply to Xuser)
Post #: 4
RE: SONIC wall or ISA 2006 - 17.Aug.2009 1:40:06 PM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline 		I see your point. What if I use a SonicWall SSLVPN appliance just for VPN use and ISA server for as a webproxy/firewall server?
The reason I mentioned SW SSL VPN is that it doesn't require a client to be configured on the workstations.  It uses what they called, a "thin client" or NetExtender.  With SSL, it is also secure.  Not that ISA cannot secure VPN tunnels with IPsec but it is harder to implement.

(in reply to SteveMoffat)
Post #: 5
RE: SONIC wall or ISA 2006 - 17.Aug.2009 1:43:12 PM   
SteveMoffat

 

Posts: 1130
Joined: 29.Jun.2001
From: Hamilton, Bermuda
Status: offline 		ISA doesn't require a client on workstations for VPN.

IPSEC may be time consuming to setup, but works tremendously well. That & the VPN quarantining would make up my mind for me.

_____________________________

Thanks
Steve

ISA 2006 Book! - http://tinyurl.com/2gpoo8
TMG Bible - http://tinyurl.com/ykv85hr
www.isaserver.bm

The built in ISA help is likely the most comprehensive help built into an application anywhere. USE it!!! Search it!!! RTFM

(in reply to Xuser)
Post #: 6
RE: SONIC wall or ISA 2006 - 18.Aug.2009 2:43:00 AM   
Budmaas

 

Posts: 90
Joined: 7.Oct.2007
Status: offline 		What about a medium size network ? My primary requirement is Internet sharing & seperating users for Internet & emails, by policy & IP based.

there is minor requirement of Reports of usages only.

is it worth.. ? I know cost wise sonic NSA 3500 is costlier than ISA 2006 including win server license.

< Message edited by Budmaas -- 18.Aug.2009 3:01:35 AM >

(in reply to SteveMoffat)
Post #: 7
RE: SONIC wall or ISA 2006 - 18.Aug.2009 8:25:16 AM   
SteveMoffat

 

Posts: 1130
Joined: 29.Jun.2001
From: Hamilton, Bermuda
Status: offline 		It's your choice. ISA seems to do what you want it to. So why chaange?

_____________________________

Thanks
Steve

ISA 2006 Book! - http://tinyurl.com/2gpoo8
TMG Bible - http://tinyurl.com/ykv85hr
www.isaserver.bm

The built in ISA help is likely the most comprehensive help built into an application anywhere. USE it!!! Search it!!! RTFM

(in reply to Budmaas)
Post #: 8
RE: SONIC wall or ISA 2006 - 18.Aug.2009 9:09:13 AM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline 		I think the argument here is that ISA Server takes a longer time to configure and not as easy to setup as the SonicWall appliance.  Someone else also mentioned that since it is a Microsoft OS running as a firewall at the edge of your network, it is not as safe (patches, bugs).

(in reply to SteveMoffat)
Post #: 9
RE: SONIC wall or ISA 2006 - 18.Aug.2009 9:22:18 AM   
SteveMoffat

 

Posts: 1130
Joined: 29.Jun.2001
From: Hamilton, Bermuda
Status: offline 		I thought you were replacing an ISA?

There have been no documented compromises of a properly configured ISA Server ever.

There are people who hack into Sonicwalls etc all over the world. Doesn't take long.

And contrary to popular beliefe...."Hardware Firewalls" run on software...

_____________________________

Thanks
Steve

ISA 2006 Book! - http://tinyurl.com/2gpoo8
TMG Bible - http://tinyurl.com/ykv85hr
www.isaserver.bm

The built in ISA help is likely the most comprehensive help built into an application anywhere. USE it!!! Search it!!! RTFM

(in reply to Xuser)
Post #: 10
RE: SONIC wall or ISA 2006 - 18.Aug.2009 9:33:03 AM   
Xuser

 

Posts: 232
Joined: 29.Jan.2002
From: Canada
Status: offline 		We're considering placing ISA, not certain yet.  That is why I'm here to find out what others think.
They both have pros and cons from what I see.
Perhaps like what I've mentioned before, we can go with a Sonicwall VPN appliance and use ISA as a webproxy/firewall server.  If ISA server goes down for maintenance, at least we can still VPN into our network from home to do the maintenance.

(in reply to SteveMoffat)
Post #: 11
RE: SONIC wall or ISA 2006 - 18.Aug.2009 9:34:27 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline 		Got to agree with Steve on all counts.

The reason why Sonicwall seems easier to configure is that the outbound access policies are not secure, or at least that's who people configure them, so it *seems* like it's easier. It's always easier to configure a non-secure configuration.

ISA performance is directly related to how its configured and the hardware on which it runs.

ISA's VPN functionality is very good -- I don't see how Sonicwall would have anything to add in this area.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to SteveMoffat)
Post #: 12

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 General] >> General >> SONIC wall or ISA 2006 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts