Thomas Shinder Blog RSS

All Blogs  »  Thomas Shinder Blog  »  News ISA Central  »  Blog article: Dumb Tech Journalist Quote of the Week

Dumb Tech Journalist Quote of the Week

From: http://www.computerweekly.com/Articles/2007/07/13/...ts.htm

“This concentration on configuring the server for different roles also affects the host-based firewall, which for the first time is turned on in the server operating system by default. The built-in firewall, unlike Microsoft’s application-level ISA Server firewall, blocks traffic at the port level according to the role that the administrator defines for it.”

What does this guy think the ISA Firewall is? I can answer that question based on the above quote. He has no idea what the ISA Firewall is and what it does.

FACT: The ISA Firewall is a network layer and application layer inspection firewall with Web Proxy and VPN server and VPN gateway capabilities. That means the ISA Firewall can exert “port level” control, just like the build in Windows Firewall in Windows 2008, but of course, much more secure because of the sophiscation added by the Firewall Packet Filter driver and Firewall service driver.

LESSON: Never believe what a “reporter” tells you — trust only experts in the technology of interest if you want the facts.

HTH,

Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: tshinder@isaserver.org
MVP — Microsoft Firewalls (ISA)

This entry was posted on Sunday, July 15th, 2007 at 9:32 am and is filed under News, ISA Central. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Dumb Tech Journalist Quote of the Week”

  1. Dan Becker Says:

    October 13th, 2007 at 1:11 am

    I can understand where you’re coming from. But the reporter’s statement is, I think, accurate - if somewhat unclear.

    The important part of the reporter’s quote is not the port bit, but this part: “according to the role that the administrator defines”.

    (Server Role means something quite specific in Windows Server 2008 - see http://technet2.microsoft.com/windowsserver2008/en...t.mspx)

    WF will have various ports open or closed depending on whether the server role that requires use of those ports is installed on the server or not.

    ISA doesn’t automatically say “Oh, I have Windows 2008 servers with the following roles behind me: web server, file server, print server. I will open ports for those services automatically based upon knowing those roles are installed in Server Manager.”

    Of course, I wouldn’t WANT my firewall to *automatically* open ports to the services running on servers behind it. That’d be a Bad Idea(TM).

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 5 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a




Receive all the latest articles by email!

Receive Real-Time & Monthly ISAserver.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an ISAserver.org member!

Discuss your ISA Server issues with thousands of other ISA Server experts. Click here to join!

Solution Center