 | ||
 Microsoft ISA/IAG Integration with FW1? | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2007-06-20 | |||
| |||
 Microsoft ISA/IAG Integration with FW1? Does anyone have any experiences they would like to share with integrating a Microsoft's I.S.A./I.A.G. SSL-VPN into an existing Checkpoint R62 environment? Thanks, RiverStone  |
| 2007-06-20 | |||
| |||
| Re: Microsoft ISA/IAG Integration with FW1? What do you mean by integration? I've run ISA off a FW-1 DMZ, using ISA for user access control and HTTP scanning, and it works fine. Ray |
| 2007-06-21 | |||
| |||
| Re: Microsoft ISA/IAG Integration with FW1? Ray, Yes, "integration" was a poor choice of words. We are looking at running ISA/IAG in the DMZ to provide our SSL-VPN as a possible alternative to Connectra R62CM. While I would prefer Connectra, I am not the final decision maker. Glad to hear you were successful. Any security concerns come out of your implementation you would be willing to share? Thanks for the Reply. RiverStone |
| 2007-06-21 | |||
| |||
| Re: Microsoft ISA/IAG Integration with FW1? I'm not familiar with IAG. ISA 2004 or 2006 is no issue at all. It works well. I put the external interface in the DMZ and the internal interface on the same subnet as the FW-1 internal interface. At my current job I use a single interface Juniper SSL VPN box off a FW-1 DMZ. Does IAG have any client-side malware or configuration checking like Connectra or Juniper? If not, I would not use it. We've denied access based on client-side checking a number of times. Ray |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
