Solved

Bypass Stateful Packet Inspection - ISA 2006

Posted on 2011-03-16
5
1,352 Views
Last Modified: 2012-05-11
Good Afternoon,

I need to disable SPI between a couple of IP Addresses from an external network to a device on my internal network through ISA 2006.

We are running a clinical trial and the application/device that needs to upload the data is being blocked by ISA due to it's inbuilt SPI

Has anyone done this before?

Thanks,

Gerald
0
Comment
Question by:gezzam
  • 2
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35154326
Not a chance. Stateful packet inspection is a fundamental process that is responsible - in part - for  the integrity of sessions and connections. No way you'd turn that off.
0
 

Author Comment

by:gezzam
ID: 35154338
Can I create a rule between the two IP addresses that disable SPI for that rule only?

The documentation from the trial company states that

Stateful Packet Inspection (SPI): If your network uses SPI, consider setting rules in the Firewall to not perform SPI on traffic originating from or terminating to the IP addresses listed in this document.

or

Could I turn it off temporarily just to see if this is the cause so I can investigate further
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35154455
Not as far as I am aware, it is an inherent feature. The only devices that allow this sort of thing are routers - and ISA Server is not a router.
0
 
LVL 29

Accepted Solution

by:
pwindell earned 500 total points
ID: 35167097
The "Trial company" is wrong.  They are misuing and abusing the term "Stateful Inspection".   Stateful Inspection means to inspect the "State" of the Connection to be sure that it is valid and intact.  This is done at the connection itself and is primarily to determine that the Source and Destiantion have remained consistant as opposed to being hyjacked and one of them being impersonated.

What they probably really mean is Application Layer Inspection (ALI),...some times also called Deep Inspection.  This can be turned off but is a real hassle to configure.  What really needs to be done here is inform us enough about how this product works and the nature of how it communicates, like the traffic profile and the actual Protocol it uses.
0
 

Author Comment

by:gezzam
ID: 35177181
Thanks for the update, the trail company is supplying the client with a Wireless 3G Modem to upload, so it's not going on our network now so it has ceased to be an issue.

Thanks for the responses though.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now