Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1244
  • Last Modified:

ISA and Websense differences

Can I ask some real novice management tier questions about the difference between a web filter such as Websense and a proxy server such as ISA server? I understand it’s common you use both, but what does the ISA server actually “do” in terms of staff’s internet access/activity? And what security issues/misconfigurations in ISA server can have an impact on user’s internet access? Please keep answers basic. Would much prefer some comments as opposed to links.
0
pma111
Asked:
pma111
3 Solutions
 
abhishek1986Commented:
ISA is internet security and acceleration. It basically has a cache which locally stores webpages and gets output from them in order to attend to request to the users. In case the page is not there in cache, it goes and queries it to give output. It enhances facilities where many users can go to internet with only one ISP.
Websense is more of a dynamic Parent control tool which will block sites intelligently. It keeps on monitoring internet traffic and blocks traffic as per the requirements of the user.
In practical terms, websense works with ISA to be effective.
0
 
pma111Author Commented:
So if you were doing an audit of ISA, what would you look at?

What ISA risks are there? I.e. what if configured wrong in ISA carries a risk to the users? I cant see what can go wrong.
0
 
abhishek1986Commented:
If you are looking at something that ISA will not be able to do that Websense can do, it is content filtering. I mean with ISA you can block sites with keywords but that is not that great help as you may not be able to enter all the sites that need to block. But if you are looking for security issues, there are no security threats that ISA will encounter that could have been avoided by Websense. ISA has an in-built firewall too which gives protection.
In terms of auditing, what is the criteria that need to be fulfilled? I don't think that there are any direct or indirect threats to the network or users, but if some QOS policies are needed or stuff like that then there may be a need of something else.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
pma111Author Commented:
>In terms of auditing, what is the criteria that need to be fulfilled?

Just general best practice security config and management of ISA
0
 
Ehab SalemCommented:
I think that the question Why use Websense with ISA is obvious: ISA does not filter by categories (News, sports, streaming, Adult,...). If you want to filter web access ISA will not do it at all.
The other question is why use ISA with Websense. Well, Websense will filter internet access but will not provide users with internet access, i.e. without ISA there will be no internet at all.
To make things clear: for a user/computer to access internet from a corp LAN, it has to go thru a proxy or firewall. ISA is both a proxy and a firewall.
So basically: ISA gives internet access and Websense controls this access.
ISA as a firewall also must be secured to prevent intruders from gaining access to your LAN.
Finally: ISA protects your network from outside, controls access of network ports, and Websense controls internet by Categories.

ISA also integrates with active directory which faciliates Websense configuration.

Auditing ISA depends much on your company's requirements.
0
 
abhishek1986Commented:
That is again dependent on your company policies. There are organizations that do not use Websense. Just ISA is good enough for them. There are others that use websense or related software which is mainly for enhancement. So it all boils down to what standards have been set that are required to achieve for auditing.
0
 
pma111Author Commented:
But there are no general best practice guides for either? Ie best practices that everyone should adhere to. Like a benchmark.
0
 
abhishek1986Commented:
That is the point. There are no such guidelines. So for auditing purpose, there must be some guidelines for your company. If not all is well and good. Else you will have to follow them. There are never guidelines regarding using of software, only about maintaining network and data security and I don't think that websense will help you in that any way that ISA won't do.
0
 
Keith AlabasterCommented:
ISA Server is a full blown layer 3 - layer 7 firewall, proxy and cache server and an application gateway. It was build from the ground up to do this role but it is down to the administrator to create the allowed/denied groups either as specific url/domain sets or to import pre-created lists which you can acquire from varous sources. Websense provides a plug-in for ISA that undertakes the automation and provision of URL categories plus their updating. Combined, it is a good set.

ISA is no longer a supported product and has been replaced by Forefront TMG 2010 - which now has the categories and sets built into removing the need for Websense.

The normal rule of thuumb is that there should be no access to the Internet from the internal network unless it is required and the same for blocking, by default, any traffic coming from the Internet to the internal networks unless their is a business requirement - balanced by a security rating.

There is a significant difference between documenting a security perimeter and auditing one. To document it requires literally checking every rule and device and documenting the settings, configuration and impact of each device and rule. Auditing (as mentioned above) is validating the installed environment against a documented set of requirements - generally an IT security policy plus a list of business or service requirements. Further, it could be that you need to undertake a penetration test to identify some of the open access points.

Keith
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now