Educause Security Discussion
mailing list archives
Re: ISA Server for Microsoft Exchange
From: "Dobbins, Gary" <dobbins () ND EDU>
Date: Wed, 22 Oct 2008 20:19:48 -0400
To some degree, it’s like the old “no one ever got fired for buying IBM” parable.
ISA is “Microsoft’s Firewall” for their servers which must be exposed to the Internet.
Since most MS products are designed to be exposed to the InTRAnet only, it makes some sense that they would have a
special prophylactic for when they need InTERnet exposure, and ISA is it. Whether you consider that sufficient - or
want to augment it with your own app-layer shield - is a matter of taste, but I would definitely not recommend exposing
any of their servers to the unfiltered Internet without *at least* having their own recommended layer in front.
Minimum defensible diligence.
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Connie
Sent: Wednesday, October 22, 2008 8:11 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] ISA Server for Microsoft Exchange
I am told that we need an ISA Server for Microsoft Exchange. I am asking for the Reader's Digest condensed "english"
explanation, but I am having a hard time getting it. :) Can anyone here offer an explanation that will help me to
create a business case for this - for a non-technical audience? There is a lot of info on the web, but nothing pops out
as useful. I need a translation from techno-speak to executive business need.
CISO, Lucile Packard Children's Hospital at Stanford