ISA 2006 vs Forefront

I am in the middle of transitioning a SBS 2000 computer to 2 - Windows 2008 server's 64-bit, both are domain controllers.  I also have a Windows 2003 r2 machine in the same domain that is also a domain controller.  When I purchased all of the software, my rep sold me ISA 2006 knowing I was migrating to 64-bit servers.  

If I had to load ISA 2006 on the Windows 2003 Server, how would I have to configure the network?  Would the Windows 2003 server need to be the point of entry?  Would I be better off going to Forefront and what version or configuration.

Thanks for any suggestions
Debbie Hamatani
DebbieHamataniAsked:
Who is Participating?
 
rmmustafaCommented:
The major role is Do not install ISA on a domain controller , and it can live with Windows 2008 servers , so it looks good idea to demote one of the domain controllers and install ISA on it , if your have the original Windows server CD and license on hand then it might be better to start with clean installation , update it and start the ISA installation .
0
 
rmmustafaCommented:
Forefront is not finally released yet ,,, So forget it , ISA 2006  should be installed on 2003  32 bit OS (Stand alone server and it is not supported on Win 2008 or any 64 bit editions  ) , and all other servers (domain controllers ) could be 2008  64bit editions ,, It is not recommended for the ISA to be on a domain controller (it will be difficult to control the ISA itself access roles to allow usual domain traffic like user validations and so on )
You have two options for sitting up the ISA server , either as a members server  stand alone server where it will be a domain member , and on this case it will be possible for the ISA to read users from AD (even if its 2008 server ) and creating rules according to it ) , and the other option is to keep it on the edge of your network  not as a domain member  and on this case you will not be able to create any role according to AD users (you may create other type of roles ) ,,,,
Another option is available regarding to the DHCP if you are using it ,,, if you wish to maintain Internet connectivity if your domain is down ( all domain controllers are down ) you may install the DHCP on the ISA server (if you chose the second option because you wont be asked to authorize it  but if the ISA was a domain member then you have to authorize the DHCP on the domain and it will not function if the domain controllers were down ).
0
 
DebbieHamataniAuthor Commented:
Hi rmmustafa --

I have a Windows 2003 r2 machine that is a domain controller, but really only is my print server.  If I were to demote this server and load ISA I would be fine?

Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.