-
July 27th, 2005, 09:27 PM
#1
Junior Member
Is MS ISA server SECURE??
In my experience Microsoft and secure and not used in the same sentence. In my company they had a contractor sell them an ISA server. I always thought that if Microsoft makes (or acquires) it.. Swiss cheese comes to mind.
Please let me know if ISA is a false sense of security. Or did MS get this one right this time.
-
July 27th, 2005, 09:34 PM
#2
The answer is...it depends.
Do you have it configured properly?
Do you have it patched up?
Do you have the host locked down?
What exactly are the requirements/purpose of the server?
Everything and nothing is secure depending upon who sets it up.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
July 27th, 2005, 09:48 PM
#3
Originally posted here by thehorse13
The answer is...it depends.
Do you have it configured properly?
Do you have it patched up?
Do you have the host locked down?
What exactly are the requirements/purpose of the server?
Everything and nothing is secure depending upon who sets it up.
And ...
What OS is it running on?
Is the OS up to date and patched?
Specific to ISA, what role is it supposed to play? Firewall, Proxy, packet filter?
I have an ISA running, on Win2k3 SP1, not joined to the domain and dual homed (one public and shielded and the other private). As bulletproof as I can make it.
As with anything, you need to understand the product, know how to maintain it and keep things maintained.
I'll be a little more blunt than our friendly horse. No, ISA, in and of itself, is not secure. Installed on a securely configured OS, and configured and maintained correctly, yes, it can be reasonably secure. No more or less than anything else.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|