Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 733
  • Last Modified:

ISA 2006 vs Forefront

I am in the middle of transitioning a SBS 2000 computer to 2 - Windows 2008 server's 64-bit, both are domain controllers.  I also have a Windows 2003 r2 machine in the same domain that is also a domain controller.  When I purchased all of the software, my rep sold me ISA 2006 knowing I was migrating to 64-bit servers.  

If I had to load ISA 2006 on the Windows 2003 Server, how would I have to configure the network?  Would the Windows 2003 server need to be the point of entry?  Would I be better off going to Forefront and what version or configuration.

Thanks for any suggestions
Debbie Hamatani
0
DebbieHamatani
Asked:
DebbieHamatani
  • 2
1 Solution
 
rmmustafaCommented:
Forefront is not finally released yet ,,, So forget it , ISA 2006  should be installed on 2003  32 bit OS (Stand alone server and it is not supported on Win 2008 or any 64 bit editions  ) , and all other servers (domain controllers ) could be 2008  64bit editions ,, It is not recommended for the ISA to be on a domain controller (it will be difficult to control the ISA itself access roles to allow usual domain traffic like user validations and so on )
You have two options for sitting up the ISA server , either as a members server  stand alone server where it will be a domain member , and on this case it will be possible for the ISA to read users from AD (even if its 2008 server ) and creating rules according to it ) , and the other option is to keep it on the edge of your network  not as a domain member  and on this case you will not be able to create any role according to AD users (you may create other type of roles ) ,,,,
Another option is available regarding to the DHCP if you are using it ,,, if you wish to maintain Internet connectivity if your domain is down ( all domain controllers are down ) you may install the DHCP on the ISA server (if you chose the second option because you wont be asked to authorize it  but if the ISA was a domain member then you have to authorize the DHCP on the domain and it will not function if the domain controllers were down ).
0
 
DebbieHamataniAuthor Commented:
Hi rmmustafa --

I have a Windows 2003 r2 machine that is a domain controller, but really only is my print server.  If I were to demote this server and load ISA I would be fine?

Thanks
0
 
rmmustafaCommented:
The major role is Do not install ISA on a domain controller , and it can live with Windows 2008 servers , so it looks good idea to demote one of the domain controllers and install ISA on it , if your have the original Windows server CD and license on hand then it might be better to start with clean installation , update it and start the ISA installation .
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now