|
Posted by BJ on December 14, 2005, 9:34 am
If you were Registered and logged in, you could reply and use other advanced thread options
I just started to read up on Internet security and had a few questions.
When running a an ISA server with server pubishing, do I stil need to
have an SSL (PKI) certificate?
If no, can I still use the HTTPS protocal?
Is there any other setup I could implement for secure Internet
communications?
Are there any books you could recommend on ISA, SSL, or S-HTTP?
|
|
Posted by Imhotep on December 15, 2005, 12:39 am
If you were Registered and logged in, you could reply and use other advanced thread options
BJ wrote:
> I just started to read up on Internet security and had a few questions.
>
> When running a an ISA server with server pubishing, do I stil need to
> have an SSL (PKI) certificate?
>
> If no, can I still use the HTTPS protocal?
You can use self signed certificates. However, the users will get a warning
about your certificate not being from a "trusted" source....
> Is there any other setup I could implement for secure Internet
> communications?
Start by getting rid of ISA...
> Are there any books you could recommend on ISA, SSL, or S-HTTP?
Google it. The Internet is full of information about these protocols (Well,
SSL, HTTPS)
Imhotep
|
|
Posted by karl levinson, mvp on December 15, 2005, 7:43 am
If you were Registered and logged in, you could reply and use other advanced thread options
>I just started to read up on Internet security and had a few questions.
>
> When running a an ISA server with server pubishing, do I stil need to
> have an SSL (PKI) certificate?
Yes. Unless I'm mistaken, ISA server and server publishing are generally to
protect the server from attacks from a client. ISA server publishing makes
the target server available. Like other proxy servers, it inspects the data
for malicious content.
SSL server certs on the other hand are not exactly for attack protection,
but for authentication and encryption. SSL server certs confirm the
identity of the server and encrypt the data to try to prevent a man in the
middle attacker from reading the data stream. SSL does not inspect the data
for malicious content. They generally protect the client and not the
server. There are also SSL client certificates if you feel you need to
authenticate the client's identity and block unauthorized clients from
reaching the server.
> If no, can I still use the HTTPS protocal?
>
> Is there any other setup I could implement for secure Internet
> communications?
>
> Are there any books you could recommend on ISA, SSL, or S-HTTP?
>
|
|
Posted by =?Utf-8?B?T2NlYW5h?= on December 15, 2005, 6:05 pm
If you were Registered and logged in, you could reply and use other advanced thread options
"BJ" wrote:
> I just started to read up on Internet security and had a few questions.
> When running a an ISA server with server pubishing, do I stil need to
> have an SSL (PKI) certificate?
> If no, can I still use the HTTPS protocal?
> Is there any other setup I could implement for secure Internet
> communications?
> Are there any books you could recommend on ISA, SSL, or S-HTTP?
Hey BJ,
Try this site:
http://www.microsoft.com/technet/prodtechnol/isa/default.mspx
or
http://www.microsoft.com/technet/traincert/virtuallab/isa.mspx
Both sites have many links, might be of some help or not.
L 8 R man....
Bill
|
|
Posted by Dave Keays on December 15, 2005, 9:40 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I just started to read up on Internet security and had a few questions.
>
> When running a an ISA server with server pubishing, do I stil need to
> have an SSL (PKI) certificate?
>
> If no, can I still use the HTTPS protocal?
>
> Is there any other setup I could implement for secure Internet
> communications?
>
> Are there any books you could recommend on ISA, SSL, or S-HTTP?
>
Try Eric Howe's site:
https://netfiles.uiuc.edu/ehowes/www/main-nf.htm
--
Dave Keays
|
| Similar Threads | Posted | | Black Market personal information thriving on the Internet | June 22, 2005, 8:05 pm |
| Re: Microsoft Internet Information Server 5.1 DLL Request Denial of Service Vulnerability | December 21, 2005, 2:11 am |
| Information Security | August 24, 2008, 10:30 am |
| security information is invalid | December 17, 2006, 10:17 am |
| Internet Security and Internet Scams! All the best software/info. on scammers,repor | March 1, 2007, 9:29 pm |
| RE: Internet Security software make the internet connectivity sluggish | September 27, 2005, 3:39 pm |
| New Information Systems Security Forum | May 12, 2007, 5:53 pm |
| info on the National Information Security Group (NAISG) + an invitation | February 4, 2008, 9:34 pm |
| Webinar: Essential Strategies for Protecting Against the New Wave of Information Security Threats | January 19, 2006, 6:55 pm |
| Anyway to find out? | November 28, 2007, 4:52 pm |
|
XML site map