Firewall, ISA server and Radiaus server

[Noor2005]

Hi all,
I search first in the FAQs but I don't find an answer to my question. I need a golbal view: If I have a firewall, what is the add value of an ISA server? I know the Radiaus protocol, but what adds to my network if I have just a Firewall, and what adds If I have a firewall and an Isa server?
Thanks for your help
Noor

 

[dkediger]

You can use your firewall as the "front-end" external facing device in which case it works for basic port blocking functions.

ISA server behind a firewall allows you manage internet apps/protocols utilizing ActiveDirectory integration.

With ISA 2003, you can also filter/restrict traffic by application protocol.

You can publish multiple websites using a single public IP without changing host headers.

2000/9x clients recieve a basic local host firewall client.

 

[rn4it]

ISA is technically a Firewall, If you have already a for example Cisco PIX or Checkpoint FW. What I'd do is, have 2 interfaces on the ISA box. 1 pointing to the internal network and 1 connected into another L3 vlan that can talk to the FW. Make the ISA internal interface the default gateway for the internal network. This way you can use the user groups of the AD Domain to filter what ports they can access. You can also install a proxy server app ie websense or surfcontrol on it for further added features. The reason for having the L3 vlan for the FW and ISA is a quick easy way to reroute traffic if your ISA box has an issue.

hope this helps