ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

re:ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

TrackBack — Fri, 22 Jul 2005 15:13:00 GMT

ISA 2004 HTTP Security Filter - Will It Meet Its Potential?ooeess

re:ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

TrackBack — Fri, 20 May 2005 00:41:00 GMT

^_~,pretty good!csharpsseeoo

re:ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

TrackBack — Wed, 13 Apr 2005 04:32:00 GMT

^_^,Pretty Good!

re: ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

shinder — Fri, 19 Nov 2004 10:21:00 GMT

is there any books arround on how to configure the web filtering ?

re: ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

shinder — Fri, 12 Nov 2004 16:30:00 GMT

ISA 2004 proxy breaks connection from remote clients (they connect to ISA via external NIC). Is it by design to prohibit external connections? How to avoid this?

re: ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

shinder — Sun, 22 Aug 2004 21:20:00 GMT

HELLO ALL IN THERE,..
FIRST OF ALL I TELL U ABOUT ME SOMETHING,..
I'SHANI FROM PAKISTAN,..I HAVE A NET CAFE,..& I USE WINDOWS 2000 SERVER WITH ISA SERVER 2000,...
MY SERVICES R FINE BUT ITS NOT MUCH TO ME I KNOW ISA SERVER PROVIDE THE BEST SERVICE AFTER ALL MY SERVICES COZ I SE MY NEIGHBOUR SERVICE THAT HAVE TOO ISA SERVER 2000
BUT HIS SERVICE IS BETER THEN ME COZ HE KNOW TO CONFIGURE HIS ISA SERVER FOR BEST SERVICE BUT I DONT,..I LEARN NOT SO MUCH ABOUT IT SO I WANA KNOW THAT HOW I CAN CONFIGURE MY ISA SERVER 2000 FOR BEST,..IS ANY BUDY THERE THAT CAN HELP ME,..
THANKS
SHAANI

re: ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

shinder — Tue, 11 May 2004 15:56:00 GMT

I absolutely agree.

HTTP filters could be a killer use for ISA2k4. Think along the lines of true application firewalls which protect against sql injection and XSS attacks and not just web server misconfiguration. These app firewalls definately fit a gap in the market, but they are enormously expensive in comparision to ISA. $20K $1k is a no brainer! In addition other f/w vendors such as checkpoint offer "app layer" stuff these days, but the perimeter isn't always the right place for app layer protection - you need that stuff inside and as a reverse proxy.

Given ISAs sales positioning as a app layer f/w and all the hype around web server misconfig vulnerabilities and app liabilities this is too good an opportunity to waste - I know for a fact there are many orgs who would deploy ISA if it did true app layer protection - behind 'traditional' permiter devices.

Microsoft must either develop some decent sample filters or engage a partner to develop them - its just not that difficult to write a sql injection definition in C++, but the sysadmin aint gonna do it.

At the very least they need to get the documentation up to scratch - not just leave us with a dead basic SMTP sample!

re: ISA 2004 HTTP Security Filter - Will It Meet Its Potential?

shinder — Mon, 03 May 2004 23:51:00 GMT

Tom

Couldnt agree more!!!!

Greg