[RayPesek]

Please accept my apologies for my incorrect assumption. I started with CP and added ISA 2000 for user control. If you've never used ISA 2000, you're lucky. ISA 2004 is much, much more logical. So I've felt your pain, but in reverse.

One of the big issues I have with MS and ISA is they position their security products as a "no security knowledge needed" implementation and operation. If you follow the ISA MS newsgroups, you'll know what I mean. There are lots of "I installed ISA and how do I do ..." or "I need to open these ports. I got 135 open but it still doesn't work." And we wonder why companies still get hacked. Since it's from MS, people seem to think it's job is as easy as a file server and wizards are all that is needed to do something.

One of the problems I have with MS is that they eventually get there, but our needs are now. For example, we needed NAT Traversal six years ago. Until Server 2003, MS couldn't handle it, which is frankly inconceivable to me that it took that long. Yeah, the outbound firewall is coming, but once again, we implemented it six years ago as we moved to broadband access. How hard would it have been to put it into that thing they already call the "firewall client"? MS also doesn't have SSL access like Visitor Mode unless you want to buy their Whale product.

The lack of detailed logging in the 21st century is mind-boggling as well.

Ask away on the forums here. You'll find several people that can take a lot of time off your learning curve.

Ray