Solved

ISA and mulitple roles

Posted on 2004-09-09
3
256 Views
Last Modified: 2010-04-14
Hi all,

I have a couple of questions regarding deployment of some ISA servers...

Right now we have a ISA 2000 server doing OWA publishing....

What I want to know is can I have the same ISA server do publishing for internal network files (Intranet Info) that is actually stored in a whole separate Forest/Domain that we have created just for these files...

We created a separate Forest with a one way trust so that Vendors and such can access Files that are stored there. These files are placed there to protect our Internal County Domain from anything on the outside....

I was told that I would jeopordize the security filters in ISA if I was to do both on the same server....Both OWA publishing and Server Publishing...and therefore we wwe need another ISA server to do just the Web Publishing....
Is this true?

Doesnt ISA 2004 give me the ability to use multiple NICs to redirect traffic meant for different areas and the ability to scan the incoming URLs differently?

I also have a ISA Proxy planned for future deployment....but this is a separate issue...I dont want to combine the Proxy with anything else becasue the Proxy would actually sit behind our firewall on the inside.....

Thanks all

Dawne
0
Comment
Question by:pcbrat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Accepted Solution

by:
jdeclue earned 500 total points
ID: 12019623
You can certainly have 3 nics with different rules on each interface...

Nic1 attached to internet
Nic 2 attached to network and publishing OWA
Nic 3 attached to other network and publishing IIS server.

As far as security is concerned, any time you open up more ports to more machines in you internal network you are making a larger attack "footprint". But by adding a third NIC, you are creating a DMZ, a network seperate from your internal private network, and this is how it is typically done.

J

0
 
LVL 10

Author Comment

by:pcbrat
ID: 12019851
Thank you that is what I thought.

:)

Seeing that you are a Cluster expert I will be asking some Exchange and Windows 2003 cluster questions for verification...so look for my questions :)
Thanks
Dawne
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 12019940
Okie Dokie, glad to be of help! ;)

J
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Choosing a core focus or particular set of features and options can be tough. To help out, we’re going to highlight a handful of things your business needs on one of your social media pages. In other words, if one of these is missing, you should imp…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question