Re: WTF?? ISA 04 semantics inbound or outbound

Hi Doug,

that I can understand....but....

As I posted, this rule is tcp outbound, to localhost, from external???? Oh,
wait a sec...external NIC? Outbound from the internet to the external NIC?
Then whay ever have something called inbound? Everything could just be
outbound from somewhere else????

The logic does not make sense to me AT ALL. I would think that all
terminology would be as related to ISA itself.

Doug, this is not at all pointed at you but the ms thought process such as
it is sometimes...



A helicopter with a pilot and a single passenger was flying around above
Seattle when a malfunction disabled all of the aircraft's navigation and
communications equipment. Due to the darkness and haze, the pilot could not
determine the helicopter's position and course to get back to the airport.

The pilot saw a tall building with lights on and flew toward it, the pilot
had the passenger draw a handwritten sign reading "WHERE AM I?" and hold it
up for the building's occupants to see.

People in the building quickly responded to the aircraft, drew a large sign,
and held it in a building window. Their sign said "YOU ARE IN A HELICOPTER."

The pilot smiled, waved, looked at his map, determined the course to steer
to SEATAC airport, and landed safely.

After they were on the ground, the passenger asked the pilot how the "YOU
ARE IN A HELICOPTER" sign helped determine their position.

The pilot responded "I knew that had to be the Microsoft support building,
they gave me a technically correct but entirely useless answer."



"Douglas Boyd [MSFT]" <dboyd@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:%230k7bYGKGHA.3696@xxxxxxxxxxxxxxxxxxxxxxxx
Mike

Thanks for using Microsoft Online Support

The inbound and outbound in ISA2004 translates more to source and
destination. For example when a client try to access something on the
server. That is outbound from the lan to the localhost. Traffic from the
server to the lan would be outbound from the localhost to the internal
network. Traffic from the internet to the server is outbound from the
internet to the external network card.


I hope this helps

Doug Boyd
dboyd@xxxxxxxxxxxxxxxxxxxx

This post is provided "AS IS" with no warranties and confers no rights



.

Relevant Pages

  • Re: NAT is not a mechanism for securing a network.. but.. HELP!
    ... Nope, I think you assumed that the internet, from work, should not be ... I can easily permit all business functions, ... Any quality firewall solution would not permit unrestricted outbound ... access from workstations - and there would be an Internal DNS and SMTP ...
    (comp.security.firewalls)
  • Re: Software vs. Hardware firewall
    ... > Someone mentioned in a post that hardware firewalls don't catch outbound ... So I stop all outbound NetBIOS by setting ports 135-139, ... and port 22 to go to my inbound ssh server. ... to be 100% on the Internet - which I've never tried. ...
    (comp.security.firewalls)
  • Re: Symantec Desktop Firewall
    ... > internet, I am always warned about the following programs trying to ... > Remote service: outbound on dcom port ...
    (comp.security.firewalls)
  • Re: Whats the point of not allowing all outgoing traffic by default?
    ... not serving anything to the internet. ... Yep, in many cases you don't need to allow all outbound, in fact, you ... You can setup a rule to allow SMTP outbound ONLY to your ISP's mail ... server or the mail server you normally use - this means that if your ...
    (comp.security.firewalls)
Loading