Poll: IAS Server?

Be advised that this is a public poll: other users can see the choice(s) you selected.

+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 27 of 27
Windows Thread, ISA Server in Technical; Originally Posted by ranj Do any of these solutions work in a way, where you can block access to websites ...
  1. #16

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,590
    Thank Post
    109
    Thanked 762 Times in 593 Posts
    Rep Power
    180

    Re: ISA Server

    Quote Originally Posted by ranj
    Do any of these solutions work in a way, where you can block access to websites for a certain user but allow access for others.
    ISA will do this out of the box. IPCop will do this with the relevent addons.

    Your choice really depends on how much you want to spend and what your skillset is. If you are not adverse to Linux then this is the more cost-effective solution and there are many alternatives - IPCop, Smoothwall (which also has commercial support - PM Tom Netwon), Endian Firewall and of course you could 'roll your own'.

  2. #17
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: ISA Server

    ISA grumble grumble grumble. Mine has a mind of its own.

  3. #18

    Join Date
    Mar 2006
    Posts
    537
    Thank Post
    2
    Thanked 3 Times in 2 Posts
    Rep Power
    19

    Re: ISA Server

    Quote Originally Posted by ChrisH
    ISA grumble grumble grumble. Mine has a mind of its own.
    Eh? But I though you were nix man Chris. Why aren't you using one the packages Ric has suggested.

  4. #19

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    159
    Thanked 152 Times in 116 Posts
    Rep Power
    49

    Re: ISA Server

    Im a big fan of ISA Server

    To be honest I only use it because 2000 was at the school when I joined and I logically upgraded to 2004.

    Its a very good and secure product, I'm sure Linux could do just as good a job or better, but until I get time to learn it properly and evaluate solutions Im fine with ISA

    Only problem is that when the LEA changed their own proxy, ISA started having major problems - massive slowdown and returning random websites, whatever you typed in. Since then we've been using it in a highly botched state to get it to an acceptable speed, and have lost the ability to authenticate users, so we have also lost most of the useful functionality

    Over the summer I intend to totally reinstall it and play around with it until it works properly *hopefully*

  5. #20
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: ISA Server

    Quote Originally Posted by ITWombat
    Quote Originally Posted by ChrisH
    ISA grumble grumble grumble. Mine has a mind of its own.
    Eh? But I though you were nix man Chris. Why aren't you using one the packages Ric has suggested.
    I have ISA but its not fully implemented because it drives me up the wall. I currently have Censornet V3 doing my firewalling but was getting a little sick of writing custom firewall rules for anything exotic so I thought I would give ISA a go as most of the services I was going to be publishing were windows based.
    Thing is that I end up starting the firewall 2 or 3 times to get a rule to work. Best example is a forwarding of remote desktop. I have a rule that lets me through to a remote desktop which works fine. However if I change that IP to a correct IP address of another machine the dam thing doesn't work!!!! There is obviously something wrong with the install but I cant think why as its a pretty simple setup so far.
    I have use Smoothwall/IP Cop in the past as well as shorewall. I was just hoping for something that would do as it was told as that git Ric told me it worked well for him .

  6. #21

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,343
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414

    Re: ISA Server

    We have played with Linux proxy's, but found they all seem to want an Indent client installing on every machine if you want to use authentication
    You can use NTLM authentication with linux proxies yes M$ products may work better this way as they have it natively built into them.

    Ident is easily spoofed so is one of the last resort methods I'd choose.

    Ben

  7. #22

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123

    Re: ISA Server

    I put some notes at http://techinfo.cnwl.ac.uk/Squid%20Proxy/ about how I've configured Squid running on Windows to do NTLM authentication and logging in a reasonably useful way (and help was given by people here to get that going).

    We use ISA here (2 x 2004 servers and 1 x 2000) - it works well.

    I'm intrigued by webman's comments; mrbios wrote that there was an ftp server which no-one cared about, not that he didn't care about Linux.

    I wonder if Linux would have an even wider take up if there wasn't almost religious zealotry and bigotry surrounding it. I don't find comments like these helpful (nor do I like the snide use of "M$" as an abbreviation for Microsoft) and, in my opinion, spoils what should be a professional forum.

  8. #23


    Join Date
    Oct 2006
    Posts
    3,411
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    148

    Re: ISA Server

    ^ No MrBios said he doesnt care to *learn* linux. (And that theres a NAS that no-one cares about)


    Personally id recommend learning linux as it will always be useful. Near enough anything "web" runs on linux. Its free, easy to learn, well documented, and most of all far quicker and more stable than windows.

  9. #24
    mrbios's Avatar
    Join Date
    Jun 2007
    Location
    Stroud, Gloucestershire
    Posts
    2,450
    Thank Post
    349
    Thanked 255 Times in 210 Posts
    Rep Power
    98

    Re: ISA Server

    i want to learn it eventually but at the moment i have absolutely no motivation to learn something that goes straight over my head

    had a staff review recently and im going to get some linux training in the future, but for now i think id like to add ISA server to my skill set for ease of use, thing with microsoft products is there so easy to pick up and go, i cant just trial and error things in linux because i have to know command line stuff for it (trial and error being my primary way of learning )

  10. #25


    Join Date
    Oct 2006
    Posts
    3,411
    Thank Post
    184
    Thanked 356 Times in 285 Posts
    Rep Power
    148

    Re: ISA Server

    ^ Thats how i learned linux, that and like ive mentioned its *extreamly* well documented. I dare say if your willing to pay for books MS is better documented but if your just browsing the web looking for info its linux all day long.

    Plus you dont need to learn any linux to use the pre-built proxes, and i honestly mean it; put cd in, follow onscreewn instrucions (hostname, ip address, the usual) and away you go.

    You can obviously use a web browser, so you can configure a linux proxy as they are all web/browser based

    Smoothwall community
    IPCop
    Endian


    But your obviously willing to pay money, how much ISA cost i wouldnt know, but Smoothwall School guardian could be an option as it extreamly easy to use and also has support


    The only bit anyone has trouble with is getting the proxy to authenticate against AD, but if you go for smoothwall i know they'll be able to guide you through it.

  11. #26

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    159
    Thanked 152 Times in 116 Posts
    Rep Power
    49

    Re: ISA Server

    j17 thats what I like about ISA server - there is an excellent book by Tom Shinder which goes into an amazing amount of detail and its good to have that amount of reference available without having to go searching or rely on forums - especially in an emergency

    I know you dont need Linux knowledge for the pre built proxies but as soon as something was to go wrong Im guessing it would be a massive advantage? As I assume asking for help on Linux forums (or here) would bring suggestions of command line stuff

    I will definately learn Linux properly at some point in the near future though, as I would like to try out so many apps that run on it

    Btw on the cost of ISA - when we bought 2004 the educational price was extremely good compared to the RRP. Even the RRP makes it a much cheaper solution than a hardware firewall but obviously a lot more expensive than Linux

  12. #27

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123

    Re: ISA Server

    Quote Originally Posted by j17sparky
    ^ Thats how i learned linux, that and like I've mentioned it's *extremely* well documented. I dare say if you're willing to pay for books MS is better documented but if you're just browsing the web looking for info it's linux all day long.

    Plus you don't need to learn any linux to use the pre-built proxes, and i honestly mean it; put cd in, follow onscreewn instrucions (hostname, ip address, the usual) and away you go.
    I think there's a certain category of people for whom the docs available for Linux are good and then there's people like me who find them an absolute nightmare! All too often, you find stuff which just reproduces the man pages or something similar - screen after screen descending pretty much into BNF descriptions of the options when a few simple examples could make it much clearer.

    Of course you can just use a pre-built proxy but once you want to do more then you have to understand more of what's going on. The same is pretty much true of ISA server; it's all GUI and wizard driven but using more complex features needs more learning.

    You don't need to spend money on books for MS software; Tom Shinder was mentioned for his book on ISA server - his web site contains a mass of info which can help.

    MS ISA obviously costs more than (say) Squid on Linux/Unix but it's not a huge amount of money; certainly the hours I spent trying to get Squid working in the way I wanted cost far more than just buying another copy of ISA server (but I did want to try and understand more about Unix type software so I persevered!)

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Server 2003 R2 File Server Resource Manager
    By Dos_Box in forum How do you do....it?
    Replies: 1
    Last Post: 12th October 2007, 12:28 PM
  2. Replies: 5
    Last Post: 5th July 2007, 11:43 PM
  3. Windows Server 2003 File Server Resource Manager
    By mrforgetful in forum Windows
    Replies: 1
    Last Post: 17th June 2007, 01:51 PM
  4. Virtual Server 2005 R2 kills server network connection
    By ajbritton in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 31st August 2006, 06:19 AM
  5. Downsides to passing tftp server via 2003 DHCP server?
    By pete in forum Wireless Networks
    Replies: 7
    Last Post: 11th July 2006, 10:07 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •