https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5102#M3751 <HTML><HEAD></HEAD><BODY><P>I replaced an ISA server with a 2020 box and it works good.</P><P>A key benefit is you have a lot more control and visability with the Palo than the ISA server.</P><P>I have even moved my exchange ssl cert to the Palo box from ISA.</P><P>The Palo will provide application aware protection for your network.</P><P></P><P>D </P></BODY></HTML> Tue, 01 Mar 2011 14:38:27 GMT migration 2011-03-01T14:38:27Z https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5101#M3750 <HTML><HEAD></HEAD><BODY><P>Can I replace MS ISA server with PA500 like proxy, is that recommended and what is the benefit of kind implementation? </P></BODY></HTML> Tue, 01 Mar 2011 12:39:05 GMT https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5101#M3750 Tician 2011-03-01T12:39:05Z https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5102#M3751 <HTML><HEAD></HEAD><BODY><P>I replaced an ISA server with a 2020 box and it works good.</P><P>A key benefit is you have a lot more control and visability with the Palo than the ISA server.</P><P>I have even moved my exchange ssl cert to the Palo box from ISA.</P><P>The Palo will provide application aware protection for your network.</P><P></P><P>D </P></BODY></HTML> Tue, 01 Mar 2011 14:38:27 GMT https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5102#M3751 migration 2011-03-01T14:38:27Z https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5103#M3752 <HTML><HEAD></HEAD><BODY><P>Hi Dallen,</P><P></P><P>I have more questions to clarify request of my customer.</P><P>They want to replace ISA server with PA in order to keep user settings of browsers, that's means that they want to keep authentication process and port 8080 in IE proxy settings and regularly connect through PA that now act proxy.</P><P>Is this scenario posibble or they need to give clients computers PA like gateway?&nbsp; </P></BODY></HTML> Wed, 02 Mar 2011 07:59:33 GMT https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5103#M3752 Tician 2011-03-02T07:59:33Z https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5104#M3753 <HTML><HEAD></HEAD><BODY><P>I too was using the ISA as a proxy utilizing port 8080 through IE settings.</P><P>I put my Palo inline and made a default route to the interface I created. Then I just set the IE settings to none. There is an LDAP utility to handle the authentication process for the Palo.</P><P>I am sure you could keep your port 8080 settings but I cannot confirm for sure as I have not set it up that way.</P><P></P><P>Hope that helps...</P></BODY></HTML> Wed, 02 Mar 2011 13:22:23 GMT https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5104#M3753 migration 2011-03-02T13:22:23Z https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5105#M3754 <HTML><HEAD></HEAD><BODY><P>The PaloAlto does not offer traditional proxy connectivity, so your IE settings would need to change.</P><P></P><P>The advantage of having a PaloAlto is having more visibility, control and safety on your user's internet connectivity since we offer URL categorisation, threat prevention (av, malware, vulnerabilities), user identification (transparant by polling AD login events and corelating these to IP addresses or via captive portal), application based rulebases and much more.</P></BODY></HTML> Wed, 02 Mar 2011 13:40:40 GMT https://live.paloaltonetworks.com/t5/general-topics/replace-proxy-isa-server-with-pa500/m-p/5105#M3754 reaper 2011-03-02T13:40:40Z