Solved

ISA 2006 & Cisco FireWall

Posted on 2011-02-16
2
400 Views
Last Modified: 2013-11-16
Hi guys,
Any one assist me what the different between ISA2006 and Cisco Firewall? And which one it’s better for security internet
0
Comment
Question by:Mabr0
2 Comments
 
LVL 18

Assisted Solution

by:jmeggers
jmeggers earned 125 total points
ID: 34908986
I don't know all that much about ISA so can't make a direct comparison, but I don't think it's a firewall designed to keep undesired traffic from entering the perimeter.  I think it's more of an outbound proxy for URL filtering, etc.  Please feel free to correct me if I'm wrong.

The Cisco ASA is a stateful firewall with a number of layer-7 application inspections, VPN termination including IPSec and SSL, remote access and site-to-site, does phone proxy for encrypted IP phone connections from the outside, can be used with a content or IPS module, and has a number of other features.  
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 34910298
From a security perspective they are both the same. Although ISA got there a head of Cisco, both have EAL4+ accreditiation - the highest you can get. Neither have been hacked - or reported as hacked, unless it was by miscofiguration. Both can handle traffic from layer 3 upwards to layer 7.

The main differences - for me at least are:

ISA does more. By this I mean ISA is not only a damn fine firewall but it was designed as an application gateway and a forward and reverse proxy - in the true sense. It has application and web filters built in and supports definitions for near as damn it every protocol defintion you can imagine.

Cisco does it quicker. The original PIX and then the ASA is hardware based and chunders through traffic faster than anything I have seen - and i have seen a lot of firewalls, appliances, gateways and proxies.

ISA does not do proxy for phones because it cannot understand SIP traffic. It can be made to work but this is not its main area by leveraging other realated services such as activesync, OWA, OMA etc.

Keith - ISA & TMG MVP
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question