Monday, June 06, 2005

ISA 2004 firewall client

So by now you should have your Windows Small Business Server Service Pack 1 CDs, and if you're a Premium customer, that means you have your ISA 2004 installation CD!

I know if you're running Premium, you probably don't need incentive to upgrade from ISA 2000 to ISA 2004, but heck, I'm going to give you one anyways!

The ISA 2004 client makes networking so easy! Let me tell you why. I have been running the ISA 2000 firewall client since I started my job at Microsoft. Frustrated by not being able to use my "connected" internet connectivity at my house until I disabled the firewall client, then getting back in the office and having exactly the same problem until I enabled the darn thing.

What a Pain!

Lucky for me, without even asking the ISA team to do this, the new ISA 2004 firewall client now is able to detect the network your on and let data through when the ISA 2004 cannot connect to the firewall. No more searching for that icon in my system tray to turn it on or off! Yeah!


Tim Sullivan said...

That is great news about the new firewall client. My question is: What is the best way to deploy the new client if the old is already deployed? I know it can be done by GPO or SBS client apps, but the old firewall client still needs to be uninstalled first - it does not do an upgrade. This becomes a problem with SBS clients of 20+ computers.

Sean Daniel said...

Hrm, good call, you should probably look into a command line for un-install for the old client. I don't have it installed so I can't check it right now. Then put that command line in the logon script, and deploy the new firewall client via Group Policy..

That's probably what I would do, at least I would do it if I had more than 5 clients on my network...

JimmyJoeBobAlooba said...

Hi Sean,

This functionality hasn't changed from ISA 2000.
The ISA Firewall client was always able to "self-disable", but ONLY if it was configured for "auto-detect". If you set it to "use this ISA", then it would block if it couldn't find an ISA.
The new one behaves exactly the same way.
Odds are, there is something else that's changed in your configuration.

Sean Daniel said...

Hrm, that makes sense, I never used the ISA 2000 firewall client in Auto-detect mode, because I like to micro manage which server i'm pointing too (which of course doesn't matter for SBS). The new firewall client lets you specify and has this functionality though, so there is still added value.