Educause Security Discussion mailing list archives

Re: ISA Server for Microsoft Exchange

From: Chris Edwards <chris () ENG GLA AC UK>
Date: Thu, 23 Oct 2008 17:33:59 +0100

On Thu, 23 Oct 2008, Rowe, Ken wrote:

| ISA is the Microsoft application-level firewall that enforces a
| black-listing approach to block access to inappropriate sites. This can
| help protect Microsoft Exchange users from phishing attacks if they
| click on embedded links.

Hi,

Yep - ISA can operate as a web filter, to restrict which external websites
your on-campus users can access.  Think blocking porn etc.

But in this context, ISA is deployed to protect a local exchange server
from malicious incoming external traffic, whilst hopefully allowing good
external traffic to come in.

In other words, acting not as a regular web proxy, but as a reverse proxy.
(with application level filtering).


--
Chris Edwards
IT Security, Computing Service
University of Glasgow, charity number SC004401

Current thread:

ISA Server for Microsoft Exchange Connie Sadler (Oct 22)
- <Possible follow-ups>
- Re: ISA Server for Microsoft Exchange Dobbins, Gary (Oct 22)
- Re: ISA Server for Microsoft Exchange Basgen, Brian (Oct 22)
- Re: ISA Server for Microsoft Exchange Rowe, Ken (Oct 23)
- Re: ISA Server for Microsoft Exchange Chris Edwards (Oct 23)
- Re: ISA Server for Microsoft Exchange Connie Sadler (Oct 23)
- Re: ISA Server for Microsoft Exchange Adam Carlson (Oct 23)