Anyone have a working opinion of using ISA server in a primary firewall/vpn/security role? I'm looking at something to use at home, with some sort of robust routing capabilities (something better for DMZ usage than the linksys "one machine is a DMZ" mantra, for instance).

I touched several ISA servers in the past and they always seemed to be a bear to configure.

My other options for firewall services are, uh, in this order of preference:

buy some hardware fw solution (watchguard, raptor, sonicwall, etc)

take the plunge and learn linux enough to have an educated opinion on what flavor to use, then learn enough about that one to secure it, then learn the different firewalls that run on linux enough to make an educated decision on which to use, and then learn enough about that firewall to secure it properly.

Thanks,
jeff