ISA Server as Backend Firewall

Posted on 2007-04-08
Medium Priority
Last Modified: 2008-11-18
Hi guys,

I am using Fortigate at Edge Firewall and created many access policies and traffic shaping policies, implented IPS signature. Block or allow access to certain workstations on certatin links.

Now I want to implent ISA Server as Backend Firewall to provide more security and the main objective is to get monitoring reports of users bandwidth usage.

My question is that if i implement ISA in this then how about the policies that i have on Edge Firewall, because after implementing ISA Sever the source IP address will be the External Interface IP address of ISA Server. Right?

Waiting for your replies.

Question by:bxperts
  • 2
LVL 51

Accepted Solution

Keith Alabaster earned 500 total points
ID: 18872219
1. The ISA exytrnal address will only be used if the relationship you set between internal & external is nat. If you set it for routing - (vconfiguration - networks - network rules) then it won't.

2. ISA does not report on bandwidth - it is a layer 3 firewall and a layer 7 application/gateway; it is not a router so does not give a hoot about bandwidth usage (only ISA2000 had that option, it was removed from ISA2004 & ISA2006). What it does report on is traffic usage as in what sites visited, by whom and the protocols used etc; not upon how much bandwidth was used.


Author Comment

ID: 18872300
I see. So, this is the idea behind the scene. Our concern is only that how much data downloaded by a specific user in given time. I have seen one sample report of ISA 2004 and it will work fine with us.

Can I get any sample report to show my management?

LVL 51

Expert Comment

by:Keith Alabaster
ID: 18872416
You can download and test ISA2006 from the MS web site for a 6 month trial or, if you use virtual server at all, you down load the .vhd file that is already there. Alternatively, MS gives access from the same site to test labs where you could get a sample out put of the reports available.

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
If you try to migrate from Elastix to Issabel, you will face a lot of issues. These problems are inevitable but fortunately, you can fix them. In the guide below, I will explain how I performed the migration while keeping all data and successfully t…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question