Re: general question on design options
- From: "David" <nospam@xxxxxxxxxx>
- Date: Tue, 2 Oct 2007 15:09:14 -0400
thanks Phillip. I Appreciate it.
I was assuming it was going to be CSU/DSU -> cisco -> ISA, and that I would
have control of that cisco device. I have not dealt with T1 service before
(or any WAN technologies for that matter). We currently use a fixed wireless
provider and that antenna goes directly to my ISA server. So if I understand
correctly, when I select a T1 provider it will come with the csu/dsu *and*
the router (likely cisco) which will likely only be a router (no nat, spi
firewall, etc..) that I would not have administrative access to. So if I
wanted to implement a dmz for example, one with 2 firewalls rather than one
tri-homed firewall, the router that would likely come with the service would
not be an option and I would need to purchase another one. Yes/no? or
depends on provider?
"Phillip Windell" <philwindell@xxxxxxxxxxx> wrote in message
news:uIxg42RBIHA.464@xxxxxxxxxxxxxxxxxxxxxxx
Something needs clarified.
The Cisco Device in the centext that I describe would be a firewall device
like a PIX or ASA. But you must keep in mind that when you go to a T1
line you will be bringing that T1 into a CSU/DSU and then in to a Router
(probably also Cisco). This would be a router,..a *real* router,...not a
home user broadband "router" that is really just a cheap NAT Firewall.
This "real" router is there for the purpose of being a Router,...it has
nothing to do with being a Firewall. So if you bought a PIX or ASA you
would have two Cisco Devices,...one a Router,..the other a Firewall.
A Firewall is an "edge" device,...a Router is not. A Router sits next to
the edge on one side or the other,...the Firewall (like ISA, PIX, ASA)
sits directly on the edge and lives on both sides at the same time.
The physical structure of how T1 systems are put together is nothing like
the "home user" technologies of DSL or CableTV Internet.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or
Microsoft, or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
.
- Follow-Ups:
- Re: general question on design options
- From: Phillip Windell
- Re: general question on design options
- References:
- general question on design options
- From: David
- Re: general question on design options
- From: Phillip Windell
- Re: general question on design options
- From: Phillip Windell
- general question on design options
- Prev by Date: Re: general question on design options
- Next by Date: Re: general question on design options
- Previous by thread: Re: general question on design options
- Next by thread: Re: general question on design options
- Index(es):
Relevant Pages
|
