Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

ISA 2006 & Cisco FireWall

Posted on 2011-02-16
2
Medium Priority
?
413 Views
Last Modified: 2013-11-16
Hi guys,
Any one assist me what the different between ISA2006 and Cisco Firewall? And which one it’s better for security internet
0
Comment
Question by:Mabr0
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Assisted Solution

by:jmeggers
jmeggers earned 500 total points
ID: 34908986
I don't know all that much about ISA so can't make a direct comparison, but I don't think it's a firewall designed to keep undesired traffic from entering the perimeter.  I think it's more of an outbound proxy for URL filtering, etc.  Please feel free to correct me if I'm wrong.

The Cisco ASA is a stateful firewall with a number of layer-7 application inspections, VPN termination including IPSec and SSL, remote access and site-to-site, does phone proxy for encrypted IP phone connections from the outside, can be used with a content or IPS module, and has a number of other features.  
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 34910298
From a security perspective they are both the same. Although ISA got there a head of Cisco, both have EAL4+ accreditiation - the highest you can get. Neither have been hacked - or reported as hacked, unless it was by miscofiguration. Both can handle traffic from layer 3 upwards to layer 7.

The main differences - for me at least are:

ISA does more. By this I mean ISA is not only a damn fine firewall but it was designed as an application gateway and a forward and reverse proxy - in the true sense. It has application and web filters built in and supports definitions for near as damn it every protocol defintion you can imagine.

Cisco does it quicker. The original PIX and then the ASA is hardware based and chunders through traffic faster than anything I have seen - and i have seen a lot of firewalls, appliances, gateways and proxies.

ISA does not do proxy for phones because it cannot understand SIP traffic. It can be made to work but this is not its main area by leveraging other realated services such as activesync, OWA, OMA etc.

Keith - ISA & TMG MVP
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are three types of ISA client that can be configured - these can be individual clients or multiples of a client on each PC or server SecureNAT. A SecureNAT client for ISA server is a client machine, work station or server, that has its defa…
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question