• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

RE: Certification ISA 2004

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Misc.] >> ISA Server 2004 Certification >> RE: Certification ISA 2004 Page: <<   < prev  1 [2]
Login
Message << Older Topic   Newer Topic >>
RE: Certification ISA 2004 - 20.May2004 8:29:00 PM   
Plebe

 

Posts: 1
Joined: 20.May2004
Status: offline
quote:
Originally posted by tshinder:
Hi Randy,

Bingo! Yes, I agree wholeheartedly. My wife, Debi Shinder is doing a comprehensive report (over 100 pages!) comparing ISA 2004 with so-called "hardware" firewalls and ISA 2004 is doing very well and exceeding the features and capabilities of all of them in the same price range. Really nice!

I do remember you. Hope you got the Nortel VPN client issue solved [Smile]

Thanks!
Tom

Hi Dr. Shinder,

I am probably the newest member to this forum, but not so new to your books however. Much gratitude to you and your wife for sharing that knowledge.

Currently, I am very interested in ISA Server 2004's "deep inspection" stateful packet filtering abilities on the application layer. Can ISA Server handle the heavy stuff like Cross-Site Scripting, SQL injection, or Cryptographic Interception (forcing all traffic to be SSL encrypted) and the like?

I would be very greatful to any resource you or anyone can provide regarding ISA Server's ability to handle some of these issues...whether natively or via custom plugins.

Thanks,
Plebe

[ May 20, 2004, 08:48 PM: Message edited by: Plebe ]

(in reply to Linke Loe)
Post #: 21
RE: Certification ISA 2004 - 21.May2004 12:17:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Plebe,

Thanks!

Yes, ISA can prevent scumbags from hiding exploits within a tunnel because of its SSL to SSL bridging feature. This allows the ISA firewall's HTTP security filter to examine the contents of the SSL communication using SSL terminaion at the firewall and then initiation of a new SSL connection to the Web server. Cross site scripting is no brainer for ISA firewalls, won't happen!

HTH<
Tom

SQL injection is very difficult to protect against because of the nature of the attack. I'm not aware of any firewall that can really protect against it, its more of a db design issue.

(in reply to Linke Loe)
Post #: 22
RE: Certification ISA 2004 - 12.Apr.2005 9:29:00 AM   
Rickymag

 

Posts: 509
Joined: 26.Nov.2003
From: SA
Status: offline
Some more Facts,

My company Fastennt started out admining Guantlet, PIX and FW1 Checkpoint.

the clients I have now have moved to more advanced technologies and over 60% now use ISA in form of 2000 or 2004.

very interesting to see how the market has warmed up to this great tool.

RM

(in reply to Linke Loe)
Post #: 23
RE: Certification ISA 2004 - 13.Apr.2005 1:03:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Ricky,

You bet! I'm seeing a ton of PIX and Sonicwall shops switching over to the ISA firewall. They realize that stateful packet inspection-only fireawlls just can't provide real security and I will fail them in my HIPAA compliance audits if they just use PIX.

Thanks!
Tom

(in reply to Linke Loe)
Post #: 24

Page:   <<   < prev  1 [2] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Misc.] >> ISA Server 2004 Certification >> RE: Certification ISA 2004 Page: <<   < prev  1 [2]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts