Comments

# Stuart said:

Nice blogcast series. One question so far... Is the ISA server part of your domain or is it in a seperate workgroup?

Cheers - Stuart.

04 August 05 at 6:02 PM

# jhoward said:

Thanks Stuart. Yes, the ISA Server is part of the contoso.com domain. Regards, John.

05 August 05 at 9:54 AM

# John Howard said:

Continuing the blogcast series on infrastructure essentials.
Where we left off, we were able to browse...

11 August 05 at 3:49 AM

# Kieran Jacobsen said:

Surely it would be more secure not to have the ISA box as part of the domain. I mean, if its rooted your in big trouble.

12 August 05 at 8:23 PM

# jhoward said:

This is a tough choice and the decision needs to be taken carefully. _Personally_, I think that hardening the ISA server following guidance at http://www.microsoft.com/isaserver/techinfo/guidance/2004/planning.mspx (eg Hardening the Windows Infrastructure on the ISA Server 2004 computer and ISA Server 2004 Security Hardening Guide docs at this link), using SCW etc are easier than the a workgroup ISA (eg the ISA Server 2004 Enterprise Edition in a workgroup document). It's a balancing act of paranoia and satisfaction that you have a hardened server. You also get other benefits such as group policy if you domain join the ISA. I know this is an emotive subject which inevitably will end up with a 50/50 split between what people decide is best for them.

15 August 05 at 5:34 AM

# John Howard said:

Continuing the blogcast series on infrastructure essentials.
The next stage in our infrastructure is...

17 August 05 at 12:23 PM

# John Howard said:

Continuing the blogcast series on infrastructure essentials.
We're now moving towards making Outlook...

02 September 05 at 9:49 AM

Leave a Comment

Comment Policy: No HTML allowed. URIs and line breaks are converted automatically. Your e–mail address will not show up on any public page.

Name (required) 

Your URL (optional)

Comments (required) 

Remember Me?