I’ve just finished the four-day Microsoft training course for ISA Server 2004 (2824A). The pacing of the course seemed a bit uneven, with the early modules appearing to take more time than the later ones, and the later ones being the meaty topics that get into subjects like setting up VPNs.
I’ve been using Firewall-1 for several years now and it is good to see how this release of ISA compares with it. Microsoft have certainly got a good firewall product there, although it is interesting to see that Firewall-1 can (as far as I can tell) do something with the SMB/CIFS protocol that ISA can’t, namely restricting access to specific shares from a server.
For example, if I’ve got a server with three shares – ShareA, ShareB and ShareC – Firewall-1 will allow me to create a rule that specifies that a specific source or user can only have access to ShareB. I can see this being useful, particularly in a VPN quarantine situation, where you might have a limited number of physical servers so you can’t move files you want accessible during quarantine off to a separate box.
Hopefully I’ll be able to talk to some ISA guys at Tech-Ed about this to see if I’ve overlooked anything. In the meantime, I’m really looking forward to using some of the skills I’ve learnt during the course.