Re: ISA 2006 vs. BlueCoat

---

• From: "Phillip Windell" <philwindell@xxxxxxxxxxx>
• Date: Tue, 24 Jul 2007 13:42:15 -0500

---

"IT Guy" <ITGuy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:79867FE4-3EA3-4C06-9A9A-0DE3C317AE7C@xxxxxxxxxxxxxxxx

I appreciate taking time to reply. Unfortunately, just saying something is
the best doesn't help me convince other people that it IS the best.

I know, and I wasn't trying to be annoying, but that is the same frustration
I would feel in trying to answer something that "open ended"

saying ISA isn't the best (it may well be), but I need cold hard facts to
prove it.

MS's site in the Forefront section is probably the same facts as you'd find
anywhere but those web pages are a lot of "marketing". Marketing might tell
you that a product does "X" and "Y", and it would, but the devil is in the
details and marketing doesn't give you that. To give all those detail would
take a 100 pages.

I specifically posted to the ISA group in hopes of gathering
specific information that would allow management to see the benefits of
ISA
vs. BlueCoat.

Read some of the articles and tutorials on www.isaserver.org

An older BlueCoat system is being used in small part of the company now,
and
it meets all of the requirements I laid out. Convincing them to switch
will
take a strong argument.

If it does, then I'm sure ISA would meet the needs as well.
Below are breif answers to the "specs" you gave. They are very breif and in
most cases there is a "lot more to the story".

-Anti-virus and malware scanning

With 3rd party add-ons.

-Web content restrictions (porn, etc.)

Yes. But then how far do you go with it, what methods do you want to use?
You can end up creating "deny lists" that are so huge it brings the machine
to it's knees. Those lists have to be checked with every HTTP Request and
there could be 100's of them to load just one single web page.

-In-depth reporting features for usage/performance

Reports are in the form of Summaries. They are not "Big Brother" reports
against individual users. The data *is* in the logs but how you get it out
of the logs is up to you. See articles on www.isaserver.org.

-System administrator customizable error messages to inform the user
why
something was blocked

Define "customizable error message". The Deny Rules have the ability to
redirect to another web page,...one page per Deny Rule,...the page can be
your "message",...what you do with it is up to you.

-Easily configurable white and black web site lists

Define "easily configurable". Yes it has lists,...to one person they are
easy to confiure,...to another person they are a pain to configure. It
becomes a matter of opinion and also a question of management methods. A
flawed management method can make them more difficult than they need to be.

-Hardware load balancing and fail-over

Yes. It is done by using arrays (multiple-redundant proxy servers). It
requires the Enterprise Edition.

-Bandwidth throttling

No. ISA200 had it,..it never worked,..although most people never knew it
didn't work because it is diffcult to measure,...so it was removed in
ISA2004. ISA2006 can prioritize traffic based on DiffServ Bits. Exactly
what you get from that I do not know.

-Block or only allow specific web browsers/user agent strings

Yes,..definately.


--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------


.

---

• References:
  • Re: ISA 2006 vs. BlueCoat
    • From: Phillip Windell
  • Re: ISA 2006 vs. BlueCoat
    • From: IT Guy

• Prev by Date: Re: ISA 2006 vs. BlueCoat
• Next by Date: Re: Change time in ISA?
• Previous by thread: Re: ISA 2006 vs. BlueCoat
• Next by thread: Re: ISA 2006 vs. BlueCoat
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Vista Home Computers Cant login to ISA ... Understanding the ISA 2004 Access Rule Processing ... Microsoft Internet Security & Acceleration Server: Partners ... Microsoft ISA Server Partners: Partner Hardware Solutions ... (microsoft.public.isa) Re: Internet Radio and Streaming Content... ... Understanding the ISA 2004 Access Rule Processing ... Microsoft Internet Security & Acceleration Server: Partners ... Microsoft ISA Server Partners: Partner Hardware Solutions ... I had a question about limiting access to internet radio and streaming ... (microsoft.public.isa.configuration) Re: Removing ISA FWC ... then it will be used as a CERN Compliant Web Proxy with a single nic? ... If it is the ISA with SBS you will loose it when you loose SBS. ... Microsoft Internet Security & Acceleration Server: Partners ... Microsoft ISA Server Partners: Partner Hardware Solutions ... (microsoft.public.isa.clients) Re: joining an ISA server to domain ... in the ISA MMC you right-click on the Servername "icon" at the top of the ... Microsoft Internet Security & Acceleration Server: Partners ... Microsoft ISA Server Partners: Partner Hardware Solutions ... (microsoft.public.isa) Re: ISA 2006 vs. BlueCoat ... the best doesn't help me convince other people that it IS the best. ... I specifically posted to the ISA group in hopes of gathering ... vs. BlueCoat. ... Microsoft ISA Server Partners: Partner Hardware Solutions ... (microsoft.public.isa)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > ISA  > microsoft.public.isa  > 2007-07