?
Solved

ISA and mulitple roles

Posted on 2004-09-09
3
Medium Priority
?
257 Views
Last Modified: 2010-04-14
Hi all,

I have a couple of questions regarding deployment of some ISA servers...

Right now we have a ISA 2000 server doing OWA publishing....

What I want to know is can I have the same ISA server do publishing for internal network files (Intranet Info) that is actually stored in a whole separate Forest/Domain that we have created just for these files...

We created a separate Forest with a one way trust so that Vendors and such can access Files that are stored there. These files are placed there to protect our Internal County Domain from anything on the outside....

I was told that I would jeopordize the security filters in ISA if I was to do both on the same server....Both OWA publishing and Server Publishing...and therefore we wwe need another ISA server to do just the Web Publishing....
Is this true?

Doesnt ISA 2004 give me the ability to use multiple NICs to redirect traffic meant for different areas and the ability to scan the incoming URLs differently?

I also have a ISA Proxy planned for future deployment....but this is a separate issue...I dont want to combine the Proxy with anything else becasue the Proxy would actually sit behind our firewall on the inside.....

Thanks all

Dawne
0
Comment
Question by:pcbrat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Accepted Solution

by:
jdeclue earned 2000 total points
ID: 12019623
You can certainly have 3 nics with different rules on each interface...

Nic1 attached to internet
Nic 2 attached to network and publishing OWA
Nic 3 attached to other network and publishing IIS server.

As far as security is concerned, any time you open up more ports to more machines in you internal network you are making a larger attack "footprint". But by adding a third NIC, you are creating a DMZ, a network seperate from your internal private network, and this is how it is typically done.

J

0
 
LVL 10

Author Comment

by:pcbrat
ID: 12019851
Thank you that is what I thought.

:)

Seeing that you are a Cluster expert I will be asking some Exchange and Windows 2003 cluster questions for verification...so look for my questions :)
Thanks
Dawne
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12019940
Okie Dokie, glad to be of help! ;)

J
0

Featured Post

Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Files go missing when using DFS (Distributed File System) Replication and how to recover them and fix it.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question