Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: suggestions on a good firewall

From: "Chris Berry" <compjma () hotmail com>
Date: Mon, 26 May 2003 16:14:31 -0700
From: "David Ellis" <David.Ellis () unicam com>
Let me ask a question here? Why would anyone want tight active directory
integration on a firewall which by all means constitutes a security
flaw?
Keep your active directory far from your firewall. A firewall is a
security product and shouldn't be integrated into your internal network
at all, besides VPN into your lan.
For website proxy lists that are tied to your internal organization setup. ISA is alot more than just a firewall, like most Microsoft products it combines multiple services to ease administration. Depending on your level of expertise, and the amount of people you have to do maintenance, that may be a good thing. After all, having the most secure setup available is worthless if you don't have time to keep it all current. I understand your point of view, however, I don't see this as being any worse than using LDAP with SQUID which I know many people do. 

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates
"All I want is a few minutes alone with the source code for the universe and a quick recompile." 

_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail 


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: