Solved

ISA Server as Backend Firewall

Posted on 2007-04-08
3
437 Views
Last Modified: 2008-11-18
Hi guys,

I am using Fortigate at Edge Firewall and created many access policies and traffic shaping policies, implented IPS signature. Block or allow access to certain workstations on certatin links.

Now I want to implent ISA Server as Backend Firewall to provide more security and the main objective is to get monitoring reports of users bandwidth usage.

My question is that if i implement ISA in this then how about the policies that i have on Edge Firewall, because after implementing ISA Sever the source IP address will be the External Interface IP address of ISA Server. Right?

Waiting for your replies.

Regards,
Bxperts
0
Comment
Question by:bxperts
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 18872219
1. The ISA exytrnal address will only be used if the relationship you set between internal & external is nat. If you set it for routing - (vconfiguration - networks - network rules) then it won't.

2. ISA does not report on bandwidth - it is a layer 3 firewall and a layer 7 application/gateway; it is not a router so does not give a hoot about bandwidth usage (only ISA2000 had that option, it was removed from ISA2004 & ISA2006). What it does report on is traffic usage as in what sites visited, by whom and the protocols used etc; not upon how much bandwidth was used.

0
 

Author Comment

by:bxperts
ID: 18872300
I see. So, this is the idea behind the scene. Our concern is only that how much data downloaded by a specific user in given time. I have seen one sample report of ISA 2004 and it will work fine with us.

Can I get any sample report to show my management?


Regards,
bxperts
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18872416
You can download and test ISA2006 from the MS web site for a 6 month trial or, if you use virtual server at all, you down load the .vhd file that is already there. Alternatively, MS gives access from the same site to test labs where you could get a sample out put of the reports available.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now