Decommisioning a true warrior

Today, we’ve decommissioned one of the hardest-working members of our organization. After more than four years of connecting us to the internet, and protecting us from all the treats of the modern day internet, we’ve shut off our ISA server, and replace it with a more compact solution.

I’ve got particularly fond memories of the ISA server, because it was the first server I deployed in this organization. It replaced a firewall which wasn’t ready to handle the load of new employees (load, being 3 more people) and has done so fiercely. If you don’t know what an ISA server is – it’s basically a Windows server you turn into a firewall. You install two or more NIC’s in a server, install Windows Server 20xx and then install ISA Server on top of it.

ISA Server then controlled all the traffic. While it lacks “modern features” like scanning for viruses, spam and other fancy technology, it was excellent at filtering traffic, forwarding it to the proper servers, and allowing the network administrator setup custom rules.

I loved using ISA server. Our interns usually hated it because it “limited their freedom.” To slack off, I suppose, because that’s the only thing the ISA server stood in the way off.

But why use ISA Server?

Using ISA server for a small business might’ve not been the most sensible thing as it required an extra server, but we were an IT company. A spare server and a NIC wasn’t a concern. I chose to use ISA because that was my first experience with Web Security, back when I was still in training to become a network administrator (a long time ago). It was easier to learn than the “standard” options at the time.

Over time, however, I started to favor Watchguard Firewalls. While very powerful and flexible, they’re easier to manage than some of their counterparts, because their UI doesn’t date back to the past century. And, like our ISA friend, it’s relatively easy to enter detailed permissions and blocking rules.

Of course, I’ve heard some complaints about the Watchguard Firewalls I’ve deployed as well. Their computer acted strange (Yup, because your computer is riddled with Adware, and Watchguard is telling it to bleep off). It removed attachments! (Yes, that’s what it does to viruses). It blocks “certain sites I need to visit.” (Oh, do I need to look at the logs? What do you mean, never mind?).

When I hear complaints about a machine from people, I know one thing. It’s doing the job it’s supposed to do, and doing the job I programmed it to do – which makes it all right in my books.

I can hear you thinking: “Why are you telling me about two pieces of hardware? Why should I care?”

You don’t have to care, necessarily. But security is something I’ve always been passionate about (some say I’m obsessed with it, which I disagree with) and you’ll only be hearing more about security from this guy. As my job changes, I’ll be focusing on the Cyber Security end of things, while I’ll still be keeping tabs on Joomla.

But the real reason for this post, is that I just wanted to “thank” our server for 4+ years of service without breaking down.