Solved

Micrsoft ISA server & Terminal Services

Posted on 2006-11-07
7
792 Views
Last Modified: 2013-11-21
All,

very quickly....

Do you need to run ISA server in order to get any benfits from terminal services? I have websense and checkpoint firewall and want to know if I need to run ISA at all...

The only thing Im thinking off is if (as most cleints run over terninal services) if ISA gives you any benefits if its runs with Term Services...

I dont see the point and wish to just run a websense/checkpoint intergrated solution....

Has anyone any ideas/pointers on this?

Thanks as always for any guidance
0
Comment
Question by:credmood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 5

Expert Comment

by:skaap2k
ID: 17890735
If you're confident with your checkpoint+websense firewall, I wouldnt bother with ISA server at all, i do not believe that it would give you any benefit as the terminal services protocol is pretty much closed and will just be passed through to the service to be serviced

If anything, ISA server might just cause you configuration problems ;)

-Rob
0
 
LVL 3

Assisted Solution

by:sow56091
sow56091 earned 100 total points
ID: 17890820
I agree with skaap2k. A possible advantage of ISA, though, might be integration of your firewall to Active Directory, such that you could screen access to Terminal Services by using LDAP data via ISA--though this might be unnecessary in your scenario.
0
 

Author Comment

by:credmood
ID: 17891816
thanks people, what about ISA in a proxy scenario? I can se its a bit pointless to have 2 firewalls in effect, but doesnt ISA act as a proxy? and is this a benfit at all?

Im trying to cover as much base as possible as I know I will be asked by the boss why I think just a checpoint/websense is the way to go...
0
Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

 
LVL 5

Expert Comment

by:skaap2k
ID: 17891886
Yes, you can use ISA as a proxy server - and in this case, it could be very useful as you can use NTLM authentication for users on the domain - this can be useful for auditting, access control etc, and generally transparent to the user (except for a few IE proxy setting changes)

-Rob
0
 

Author Comment

by:credmood
ID: 17891999
so, to get things straight for a best option......I use a websense/checkpoint scenario with a ISA proxy server (i assume ISA has a setting whether to use it as a proxy or Fwall) you mention NTLM, I assume that this is on top of the kerboros auth that is used for the main logons....or am i not understanding ?

Thanks for you help
0
 
LVL 5

Accepted Solution

by:
skaap2k earned 400 total points
ID: 17892513
Yes, you can switch on the proxy part of it somewhere in there :)

In that, you have to choose whether you need users to authenticate or not to use the proxy - this is normally linked to your active directory users.

NTLM authentication is the type of authentication which most browsers will automatically send their domain credentials to when asked for them.

:)
Rob
0
 

Author Comment

by:credmood
ID: 17893112
Thanks for this......:o)
0

Featured Post

Report: Liquid Web beats Amazon, Rackspace & More

A study by performance analyst firm Cloud Spectator finds that Liquid Web beats rivals Amazon, Rackspace and DigitalOcean when it comes to website and cloud application performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSH setup on ASA 5505 17 126
CISCO WIFI 6 73
Configuring Cisco EtherChannel on SG350xg switch and VMWare 5 20
Network Share Issues 17 30
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question