NIC configuration for virtualizing ISA servers?
- From: "Ben Hanson" <transparency_76@xxxxxxxxxxx>
- Date: Tue, 7 Nov 2006 14:46:02 -0500
To pilot ISA 2006 Enterprise in a two-node array, we are wanting to leverage
Virtual Server so that we only need one chassis. In this case we have a
4-port NIC in the host chassis...ports 1 and 2 have been assigned to ISA
instance 1, and ports 3 and 4 assigned to ISA instance 2. Ports 1 and 3 are
going to be connected to our DMZ; Ports 2 and 4 will be connected to the
live Internet switch.
For ports 2 and 4, how should the interfaces be configured on the HOST
server, so that it is secure? Just disable File and Print Sharing and Client
for MS Networks on those interfaces? Should I enable the Windows firewall?
If I do, then won't I have to open up ports on the Windows firewall as I
publish servers in the virtualized ISA instances (if I create a Secure Web
Publishing rule in the ISA array, won't I have to also go and open TCP/443
on the host platform Windows firewall for the two external interfaces,
etc.).
Since those interfaces will be live on the Internet, I don't want the host
platform to be at risk. Any advice?
-Ben
--
Posted via a free Usenet account from http://www.teranews.com
.
- Prev by Date: Re: NLB Network Load Balancing isa 2004 or 2006
- Next by Date: unwanted blocking!
- Previous by thread: Re: NLB Network Load Balancing isa 2004 or 2006
- Next by thread: unwanted blocking!
- Index(es):
Relevant Pages
|
Loading
