ISA server vs a hardware firewall?

ISA is for more advanced requirements - use a regular hardware device like cisco/linksys/sonicwall/etc for 99% of your installs..

IF you need user-level filtering, or firewall to integrate with active directory, or the other advanced stuff that ISA does - it's a good fit.

The clue is - if you don't know what feature ISA has that you need - you probably don't WANT it.

It can do things like be a proxy and content filter, allow certain groups to get to some protocols, etc

(I don't even know all the major goodies because we've had plenty of power from the basic stuff)

It WILL get in your way and has a steep learning curve for the doing what you are probably used to with a regular hardware NAT type setup..
 
First came Microsoft Proxy Server

It was replaced by Microsoft ISA (Internet Security and Acceleration Server" 2000 - 2006

It was replaced by Microsoft Forefront TMG (Threat Management Gateway) 2010

So yes ISA was disco'd quite a few years ago...it is no more.

As for affordable versus a hardware firewall (NAT router/gateway)...no, it's more expensive and has rather steep hardware requirements...plus should be constantly maintained. VERY granular control! Yes a rather steep learning curve.

I'd done a few Proxy server installs back in the NT 4 server days...and have done a few ISA installs back in the Server 2000 days. But since UTM appliances such as Untangle came out, I've been doing those instead of TMG. Even though they started bundling ISA with SBS2000 Premium....ISA was more commonly used in larger enterprise environments rather than small businesses.
 
They are the same thing, they just look physically different. Hardware
firewalls run on software (some even use Harddrives) and software firewalls
run on hardware.


Regards,
Selva
 
Well....dunno if I'd call them "the same thing".....while yes you can say that firewalls/routers usually boot up on some form of operating system....comparing ISA/Proxy Server to traditional hardware firewall like some Linksys router is quite different.

Full blown firewalls, UTM appliances...differ quite a bit in complexity and features versus a plain NAT box.

ISA is incredibly granular, a major project to install, configure, and manage. It runs on top of Windows Server.
 
I like to keep as many leaks as I can away from my firewall as possible. So I tend to use pfsense as my firewall :)

LOVE the load balancing features. Especially WAN fail over and TONS of more options. It's almost endless. Got to love linux!


Using the same system that holds all your files, accounts, sensitive information is not the best place to hold your firewall imo.
 
ElementalWindX said:
I like to keep as many leaks as I can away from my firewall as possible. So I tend to use pfsense as my firewall :)

LOVE the load balancing features. Especially WAN fail over and TONS of more options. It's almost endless. Got to love linux!
Click to expand...

"BSD" to be more accurate....*nix purists (not me) scoff at PFSense and BSD being referred to as linux...I dunno why, but the purists always jump on that.

ISA is usually a dedicated install, esp in larger environments, so it's not typically done on the same server as your DC/file sharing/everything else. Exception being when it came bundled with SBS Premium.

I wouldn't put PFSense in the same league as "UTM"....unified threat management. I love PFSense do death...use it a lot myself, but it's a lean mean edge appliance with excellent traffic shaping/QoS features and VPN features. However, it's not a UTM. It doesn't lock down in/out traffic like UTMs can. For business clients, I'm all about UTMs now. (other *nix based ones that classify as this...Untangle, Astaro)
 
ISA Server

Dear all,

Now, i'm learning about ISA 2006. I have some problem while i using ISA my internet slower then before. Could you please help me?
 
You must log in or register to reply here.

Similar threads

autumn
Hyper V VM move to new hardware
Replies
6
Views
348
autumn
autumn
autumn
Hyper V licensing
Replies
8
Views
488
autumn
autumn
C
VM Server reboot has a 169. address.
Replies
3
Views
692
YeOldeStonecat
YeOldeStonecat
thecomputerguy
Super small accounting client needs new server/workstation.
Replies
8
Views
223
YeOldeStonecat
YeOldeStonecat
Appletax
[REQUEST] What to do with 182 sticks of ECC RAM + lots of server NICs?
Replies
9
Views
372
sapphirescales
sapphirescales
Back
Top