On the Evils of "Require All Users to Authenticate"

By /

Authentication is a good thing, and it’s one of the main reasons why the ISA firewall is a more secure solution than the typical “hardware” firewall . However, like in other areas in life, there can be too much of a good thing.

That’s the case with the “Require all users to authenticate” option on the “outbound Web requests listener” (OK, that’s hailing back to the ISA 2000 days, but the term is a good one and we should bring it back for ISA 2004/06 and TMG).

Check out Richard Hicks’ blog to see what I’m talking about

http://tmgblog.richardhicks.com/2009/01/26/automatic-detection-fails-for-isa-firewall-clients/

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

image
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top