Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Micrsoft ISA server & Terminal Services

Posted on 2006-11-07
7
Medium Priority
?
810 Views
Last Modified: 2013-11-21
All,

very quickly....

Do you need to run ISA server in order to get any benfits from terminal services? I have websense and checkpoint firewall and want to know if I need to run ISA at all...

The only thing Im thinking off is if (as most cleints run over terninal services) if ISA gives you any benefits if its runs with Term Services...

I dont see the point and wish to just run a websense/checkpoint intergrated solution....

Has anyone any ideas/pointers on this?

Thanks as always for any guidance
0
Comment
Question by:credmood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 5

Expert Comment

by:skaap2k
ID: 17890735
If you're confident with your checkpoint+websense firewall, I wouldnt bother with ISA server at all, i do not believe that it would give you any benefit as the terminal services protocol is pretty much closed and will just be passed through to the service to be serviced

If anything, ISA server might just cause you configuration problems ;)

-Rob
0
 
LVL 3

Assisted Solution

by:sow56091
sow56091 earned 400 total points
ID: 17890820
I agree with skaap2k. A possible advantage of ISA, though, might be integration of your firewall to Active Directory, such that you could screen access to Terminal Services by using LDAP data via ISA--though this might be unnecessary in your scenario.
0
 

Author Comment

by:credmood
ID: 17891816
thanks people, what about ISA in a proxy scenario? I can se its a bit pointless to have 2 firewalls in effect, but doesnt ISA act as a proxy? and is this a benfit at all?

Im trying to cover as much base as possible as I know I will be asked by the boss why I think just a checpoint/websense is the way to go...
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 5

Expert Comment

by:skaap2k
ID: 17891886
Yes, you can use ISA as a proxy server - and in this case, it could be very useful as you can use NTLM authentication for users on the domain - this can be useful for auditting, access control etc, and generally transparent to the user (except for a few IE proxy setting changes)

-Rob
0
 

Author Comment

by:credmood
ID: 17891999
so, to get things straight for a best option......I use a websense/checkpoint scenario with a ISA proxy server (i assume ISA has a setting whether to use it as a proxy or Fwall) you mention NTLM, I assume that this is on top of the kerboros auth that is used for the main logons....or am i not understanding ?

Thanks for you help
0
 
LVL 5

Accepted Solution

by:
skaap2k earned 1600 total points
ID: 17892513
Yes, you can switch on the proxy part of it somewhere in there :)

In that, you have to choose whether you need users to authenticate or not to use the proxy - this is normally linked to your active directory users.

NTLM authentication is the type of authentication which most browsers will automatically send their domain credentials to when asked for them.

:)
Rob
0
 

Author Comment

by:credmood
ID: 17893112
Thanks for this......:o)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question