Microsoft and their IPSEC security - no firewall?

  • Thread starter Thread starter noname
  • Start date Start date
N

noname

Hello.

i hope that this is the right place to send this, if not, please omit, or
kindly direct me to a newsgroup that may help.

A collegue of mine went to a security conference where Microsoft was one of
the keynotes. He learned that MS isn't running a firewall on their
webservers because there isn't a firewall that is capable of scaling to
their needs. all MS servers are patched ASAP and are running IPSEC for any
sessions to the server. Now, he wants to take away our perimter firewall
(Cisco PIX), and do what MS is doing.

Does anyone have any thoughts about this? Any pros/cons, experiences? Is
there a name for this? I don't think this is a true application firewall
gateway, but perhaps i am mistaken.

thanks for any advice folks!

ben
 
The microsoft.public.security newsgroup would certainly be an appropriate
forum to discuss the questions/issues you raise.
 
A little more to add...
I have a STRONG suspicion that MS didn't go to the conference to educate
people about NOT using firewalls... (i wishi was there at this conference).
Since MS doesn't run a firewall, they have hired programmers whose
sole purpose is to make MS ISA scalable to MS's needs. This whole scenario
about not running a firewall doesn't even sound right - it challenges the
thinking and theories of how modern networks are designed/secured. Any ISC
professionals here think that this is a whole farce?


ben
 
Back
Top