Cisco edge device vs Microsoft ISA

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Mon, 06/02/2008 - 12:42
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


Your consultant is very probably right but this doesn't necessarily mean you should use an ISA server as your main firewall.

Because ISA server is a Microsoft product you can expect it to integrate far more into other Microsoft products such as Exchange. For example ISA server is fully integrated into AD which gives it the ability to do things other firewalls can't.

But a lot depends on

1) Are you just firewalling for Microsoft products are are you firewalling for other services as well.

2) How experienced are your people with Pix/ASA vs ISA server.

3) To be fair i have not looked at ISA server for a while but certainly i wouldn't have felt confident to use it as our main firewall. Things may have changed. Perhaps people on the firewalling forum could give you other views.

You could always use a combination of Pix for non-microsoft and ISA for microsoft with your pix being the primary firewall.


Collin Clark Tue, 06/03/2008 - 05:27
User Badges:
  • Purple, 4500 points or more

I was "educated" by a Microsoft Engineer that the new ISA appliance works better with MS products/services like Sharepoint and OWA than a traditional firewall. No real shocker there. The ISA does integrate well with those services. Try and setup OWA in a DMZ, using RPC over HTTPS, and you'll see what I mean. However, given MS's background, I would in no way ever use ISA server as a primary defense device. The second tier, maybe, and just for the services I outlined above.


This Discussion