Re: Where to put ISA in a network topology?
- From: "Asher_N" <ashernat@xxxxxxxxx>
- Date: Thu, 14 Jun 2007 05:52:04 -0700
Jitendra Solanki <jpsolanki@xxxxxxxxx> wrote in
news:1181809471.053892.18640@xxxxxxxxxxxxxxxxxxxxxxxxxxxx:
On Jun 9, 8:00 pm, "Michael J Coleman" <stu...@xxxxxxxxx> wrote:
In my experience, if you need to maintainnetworksegregation, its best
to have a router on both sides of ISA. We place ISA in our DMZ
behind 4 firewalls, and then it traverses 4 firewalls on the internal
side as well to access Active Directory, and all of our published
applications.
Our structure looks like: Internet -> PIX -> Firewall -> Firewall ->
Router -> ISA Array -> Router -> Firewall -> Firewall -> PIX -> AD &
CSS & Published Applications.
But the best location, is based on your requirements, and may require
you re-architech your internalnetwork.
Michael Coleman
"Jitendra Solanki" <jpsola...@xxxxxxxxx> wrote in message
news:1181367226.589294.247130@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dear All,
I have a query regarding to put ISA server innetwork. I have been
working in an Enterprise level project. I have 29 license of ISA
2006 Enterprise edition. I want to use these ISA as firewall also
and as web chaining also. Now, mynetworktopology is same like a
tree. A Corp Office on the top. Where internet requests are going.
and sub office below this corp office in a tree structure only. So,
I have one main office on the top, 5 offices at diff. locations
below this main office and then other offices below these 5 offices
respectively. All in tree structure only.
In such structure at what place should I put my ISA server so that
it function as Proxy as well as Firewall also. At every location
should I put it after router or before router? I have only one
router at each locations. I am very much confused. Kindly do the
needful if anybody has an idea about the same pl...
Thanking you,
Jitendra Solanki.- Hide quoted text -
- Show quoted text -
Hi Michael,
Thanks for the post. But the biggest limitation in my network is that
I have to implement it for a client and there's client limitation is
that they have only one router at each location. In such case what
structure should I follow? Can mirroring of Ethernet port in router
can be helpful to me?
Michael's network is a bit extreme. ISA should be at the edge as the
first ethernet device.
.
- References:
- Where to put ISA in a network topology?
- From: Jitendra Solanki
- Re: Where to put ISA in a network topology?
- From: Michael J Coleman
- Re: Where to put ISA in a network topology?
- From: Jitendra Solanki
- Where to put ISA in a network topology?
- Prev by Date: OWA 2007 published over ISA Server 2004 Button not working
- Next by Date: Re: Authenticating ISA access on IIS
- Previous by thread: Re: Where to put ISA in a network topology?
- Next by thread: Re: Authentication Error 407 ISA Server 2004
- Index(es):
