I’ve made the point here many times — you need to manually configure the ISA Firewall’s NICs so that they don’t use autonegotiation with its connected switches. Failure of autonegotiation to complete correctly will cause difficult to troubleshoot performance problems that the misinformed “network guy” will attribute to the ISA Firewall.
You can quickly beat down the “network guy” and show that he doesn’t know what he’s talking about when you hard code the NIC’s speed and duplex parameters. This will improve your standing in the ranks and let the rest of the staff know that network guys should stick to routing protocols and stay away from network security 🙂
For a great detailed discussion of this issue, check out Jim Harrison’s review of autonegotiation at: