Solved

Micrsoft ISA server & Terminal Services

Posted on 2006-11-07
7
803 Views
Last Modified: 2013-11-21
All,

very quickly....

Do you need to run ISA server in order to get any benfits from terminal services? I have websense and checkpoint firewall and want to know if I need to run ISA at all...

The only thing Im thinking off is if (as most cleints run over terninal services) if ISA gives you any benefits if its runs with Term Services...

I dont see the point and wish to just run a websense/checkpoint intergrated solution....

Has anyone any ideas/pointers on this?

Thanks as always for any guidance
0
Comment
Question by:credmood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 5

Expert Comment

by:skaap2k
ID: 17890735
If you're confident with your checkpoint+websense firewall, I wouldnt bother with ISA server at all, i do not believe that it would give you any benefit as the terminal services protocol is pretty much closed and will just be passed through to the service to be serviced

If anything, ISA server might just cause you configuration problems ;)

-Rob
0
 
LVL 3

Assisted Solution

by:sow56091
sow56091 earned 100 total points
ID: 17890820
I agree with skaap2k. A possible advantage of ISA, though, might be integration of your firewall to Active Directory, such that you could screen access to Terminal Services by using LDAP data via ISA--though this might be unnecessary in your scenario.
0
 

Author Comment

by:credmood
ID: 17891816
thanks people, what about ISA in a proxy scenario? I can se its a bit pointless to have 2 firewalls in effect, but doesnt ISA act as a proxy? and is this a benfit at all?

Im trying to cover as much base as possible as I know I will be asked by the boss why I think just a checpoint/websense is the way to go...
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 5

Expert Comment

by:skaap2k
ID: 17891886
Yes, you can use ISA as a proxy server - and in this case, it could be very useful as you can use NTLM authentication for users on the domain - this can be useful for auditting, access control etc, and generally transparent to the user (except for a few IE proxy setting changes)

-Rob
0
 

Author Comment

by:credmood
ID: 17891999
so, to get things straight for a best option......I use a websense/checkpoint scenario with a ISA proxy server (i assume ISA has a setting whether to use it as a proxy or Fwall) you mention NTLM, I assume that this is on top of the kerboros auth that is used for the main logons....or am i not understanding ?

Thanks for you help
0
 
LVL 5

Accepted Solution

by:
skaap2k earned 400 total points
ID: 17892513
Yes, you can switch on the proxy part of it somewhere in there :)

In that, you have to choose whether you need users to authenticate or not to use the proxy - this is normally linked to your active directory users.

NTLM authentication is the type of authentication which most browsers will automatically send their domain credentials to when asked for them.

:)
Rob
0
 

Author Comment

by:credmood
ID: 17893112
Thanks for this......:o)
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question