ISA Pet Peeve #12536921

By /

“I have an ISA firewall in the DMZ”

What does this mean?

Does the ISA firewall have an external interface connected to the Internet and an internal interface connected to the DMZ?

Does the ISA firewall have an external interface connected to a DMZ and an internal interface connected to the private corporate network?

Does the ISA firewall have an external interface in an anonymous access DMZ and an internal interface in an authenticated access DMZ?

Does the ISA firewall have 9 NICs, with 5 of them in DMZs and 4 in private corporate networks?

OR, is it the most dreaded possibility:

Does the single-NIC (caponized) ISA firewall have its only, solitary interface in a DMZ segment between two “firewalls” (invariably souped up routers with a FIREWALL sticker on their bezels)

MORAL OF THE STORY:

Tell us about the relevent network topology. “In the DMZ” means as much as “open a port” (cf. http://www.tacteam.net/openport.htm)
 
HTH,

Tom

Thomas W Shinder, M.D.

Site: www.isaserver.org

Blog: http://blogs.isaserver.org/shinder/

Book: http://tinyurl.com/3xqb7

MVP — ISA Firewalls

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top