Re: OWA and Risk Assesment

[David Lang <david.lang () digitalinsight com>]

no it doesn't (you can proxy it with a circuit proxy, but it's not an
application specific proxy)

ICA is easier to administer then OWA specific ports and is therefor less
likly to be misconfigured, in addition you only have the citrix
vunerabilities to worry about, not IIS vunerabilities (many fewer bugs
discovered, if only becouse it's a smaller target)

all of this makes ICA seem more secure to let through a firewall then all
the OWA ports.

David Lang


On Mon, 2 Dec 2002, Volker Tanger wrote:

> Date: Mon, 02 Dec 2002 14:37:53 +0100
> From: Volker Tanger <volker.tanger () discon de>
> To: adreyer () math uni-paderborn de
> Cc: kronos () datastreamcowboys net, firewall-wizards () honor icsalabs com
> Subject: Re: [fw-wiz] OWA and Risk Assesment
>
> Greetings!
>
> Achim Dreyer wrote:
>
> > btw: Does anybody know of any ICA ord RDP proxy application ?
>
>
> If I remember correctly (haven't worked with it for a while) Symantec
> Enterprise Firewall (=Axent Raptor) has a ICA proxy.
>
> Bye
>
> Volker Tanger
> IT-Security Consulting
>
> --
> discon gmbh
> Wrangelstraße 100
> D-10997 Berlin
>
> fon    +49 30 6104-3307
> fax    +49 30 6104-3461
>
> volker.tanger () discon de
> http://www.discon.de/
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards