We help IT Professionals succeed at work.

ISA behind pix configuration

594 Views
Last Modified: 2012-03-13
I'm implementing a ISA 2006 in a PIX DMZ configuration. I've attached a image to display the configuration.

First, I would appreciate any comments on this configuration.

Second, I have some concerns.
 1. The ISA in this config is sitting in the DMZ on the front end and on the LAN on the back end. My concern is if the ISA get's compromised, they will have access tot he LAN network.

I'm setting this up to publish OWA/OMA/ActiveSync. Is it that I'm only allowing those protocols through the pix so that limits the security vulnerabilities of the ISA, or should I be concerned about the LAN access.

Thanks in advance.

image of config
Comment
Watch Question

Jamie McKillopIT Director
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Pete LongTechnical Architect
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Keith AlabasterEnterprise Architect
CERTIFIED EXPERT
Top Expert 2008
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.