25

ISA Server 2.ppt

Embed Size (px)

Citation preview

Page 1: ISA Server 2.ppt
Page 2: ISA Server 2.ppt
Page 3: ISA Server 2.ppt
Page 4: ISA Server 2.ppt
Page 5: ISA Server 2.ppt
Page 6: ISA Server 2.ppt
Page 7: ISA Server 2.ppt

How to create DNS rule that allow internal How to create DNS rule that allow internal network clients DNS accessnetwork clients DNS access

Right click on Firewall Policy ->New-Right click on Firewall Policy ->New->Access Rule>Access Rule

In the welcome to the new access rule In the welcome to the new access rule wizard page, enter DNS from Internal wizard page, enter DNS from Internal Network in the access policy rule name Network in the access policy rule name text box-> nexttext box-> next

On the protocol page, selected On the protocol page, selected protocols option, and click next protocols option, and click next

Page 8: ISA Server 2.ppt
Page 9: ISA Server 2.ppt
Page 10: ISA Server 2.ppt
Page 11: ISA Server 2.ppt

Configure HTTP PolicyConfigure HTTP Policy

To control over what users can access To control over what users can access via HTTP protocolvia HTTP protocol

To prevent access to windows To prevent access to windows executable filesexecutable files

Page 12: ISA Server 2.ppt
Page 13: ISA Server 2.ppt

Put check

Page 14: ISA Server 2.ppt
Page 15: ISA Server 2.ppt

AdvantagesAdvantages1. Windows Integration1. Windows Integration

Microsoft Active Directory.Microsoft Active Directory. Scalable and centralized administration of Windows Users Scalable and centralized administration of Windows Users and Groups, ISA Access Policies, and ISA Server and Groups, ISA Access Policies, and ISA Server Configuration information.Configuration information.

Networking and Security Features.Networking and Security Features. Take advantage of Windows networking features such as: Take advantage of Windows networking features such as:

- VPN (Virtual Private Networking)- VPN (Virtual Private Networking)- QOS (Quality of Service)- QOS (Quality of Service)

Windows Technologies and Windows-based Windows Technologies and Windows-based Applications.Applications.

- Authentication- Authentication- Event logs - Event logs - Microsoft Management Console (MMC) - Microsoft Management Console (MMC)

administration tool.administration tool.

Page 16: ISA Server 2.ppt

Cont.Cont.

2. 2. Integrated Firewall and Web Cache ManagementIntegrated Firewall and Web Cache Management

Unified Policy and Access Control.Unified Policy and Access Control. ISA Server manages Internet access consistently ISA Server manages Internet access consistently

with access control policies, and access restrictions with access control policies, and access restrictions placed placed on the firewall are applied to the Web on the firewall are applied to the Web cache server as cache server as well. well.

Unified Management.Unified Management. Administrators use a single management interface Administrators use a single management interface

for both firewall and Web caching. The firewall for both firewall and Web caching. The firewall and and Web cache share the same logging, Web cache share the same logging, reporting, and alerting reporting, and alerting services of ISA Server. services of ISA Server.

Page 17: ISA Server 2.ppt

Cont.Cont.3. Scaling Up and Scaling Out for the Enterprise3. Scaling Up and Scaling Out for the Enterprise

Tiered Policy Management.Tiered Policy Management. Provides tiered policies that allow servers to have Provides tiered policies that allow servers to have local array policies while inheriting enterprise-wide local array policies while inheriting enterprise-wide policies.policies.

Scale Up Performance.Scale Up Performance.ISA utilizes the extra processing power to boost ISA utilizes the extra processing power to boost performance. (ISA Server Standard Edition supports a performance. (ISA Server Standard Edition supports a maximum of four processors).maximum of four processors).

Scale Out Performance.Scale Out Performance. PProvide fault-tolerance, high availability, efficiency, rovide fault-tolerance, high availability, efficiency, and performance through clustering of multiple ISA and performance through clustering of multiple ISA Server machinesServer machines. .

Page 18: ISA Server 2.ppt

Cont.Cont.4. Lower Cost of Ownership4. Lower Cost of Ownership

Integrated Services.Integrated Services. Integrates services such as firewall, Web cache, basic Integrates services such as firewall, Web cache, basic

intrusion detection, reporting, VPN, and bandwidth intrusion detection, reporting, VPN, and bandwidth management into a single product. management into a single product.

Leverage Existing Windows Skills/ Works with Leverage Existing Windows Skills/ Works with What You Have.What You Have. Rather than learning a new user interface (UI) or tool Rather than learning a new user interface (UI) or tool set, administrators can leverage their current Windows set, administrators can leverage their current Windows knowledge and skills and focus on security issues and knowledge and skills and focus on security issues and policy definition Allowing administrators to work with policy definition Allowing administrators to work with their existing computing platforms. their existing computing platforms.

Page 19: ISA Server 2.ppt

EXAMPLEEXAMPLE ISA Server provides with some helpful capabilities that allow the user ISA Server provides with some helpful capabilities that allow the user

to easily monitor ISA Server and client usage; it protects the network to easily monitor ISA Server and client usage; it protects the network from intruders and content that is not allowed.from intruders and content that is not allowed.

Page 20: ISA Server 2.ppt

TestimonialTestimonial American Red Cross American Red Cross (Atlanta, GA) (Atlanta, GA)

"The ease of setting up rules from Site and Content to Protocol Rules "The ease of setting up rules from Site and Content to Protocol Rules the product is great. I am able to control access to specific web sites the product is great. I am able to control access to specific web sites and redirect as needed.“and redirect as needed.“

City of Lakeland (City of Lakeland (Lakeland, FL)Lakeland, FL)"Upgraded from Proxy [Server] 2.0...Firewall—Very flexible, powerful, "Upgraded from Proxy [Server] 2.0...Firewall—Very flexible, powerful, and secure. Memory caching—very fast.“and secure. Memory caching—very fast.“

Capital Access Network, Inc Capital Access Network, Inc (Kennesaw, GA) (Kennesaw, GA) "We needed a reliable firewall/VPN product at a reasonable price for a "We needed a reliable firewall/VPN product at a reasonable price for a small business...[ISA Server ]Basically delivers high-priced firewall small business...[ISA Server ]Basically delivers high-priced firewall performance at a competitive cost.“performance at a competitive cost.“

http://www.microsoft.com/isaserver/evaluation/testimonial/testimonials.asphttp://www.microsoft.com/isaserver/evaluation/testimonial/testimonials.asp

Page 21: ISA Server 2.ppt

FeaturesFeatures

Enterprise Firewall SecurityEnterprise Firewall SecurityWeb Caching ServerWeb Caching Server Intuitive Firewall ManagementIntuitive Firewall ManagementExtensible PlatformExtensible Platform

Page 22: ISA Server 2.ppt

Enterprise Firewall SecurityEnterprise Firewall Security

Multilayered Firewall SecurityMultilayered Firewall Security Stateful InspectionStateful Inspection Smart Application FilteringSmart Application Filtering Secure Server PublishingSecure Server Publishing Intrusion DetectionIntrusion Detection Integrated Virtual Private NetworkingIntegrated Virtual Private Networking Firewall TransparencyFirewall Transparency Strong User AuthenticationStrong User Authentication SSL-to-SSL BridgingSSL-to-SSL Bridging

Page 23: ISA Server 2.ppt

Web Caching ServerWeb Caching Server

High-Performance Web CachingHigh-Performance Web Caching Intelligent CachingIntelligent CachingScheduled CachingScheduled Caching

Page 24: ISA Server 2.ppt

Intuitive Firewall ManagementIntuitive Firewall Management

Policy-Based Access ControlPolicy-Based Access Control Simplified ManagementSimplified Management Active Directory IntegrationActive Directory Integration Graphical Task pads and Configuration Graphical Task pads and Configuration

WizardsWizards Remote ManagementRemote Management Logging, Reporting, and AlertingLogging, Reporting, and Alerting User-Level ManagementUser-Level Management

Page 25: ISA Server 2.ppt

Extensible PlatformExtensible Platform

Broad Application SupportBroad Application SupportBroad Vendor SupportBroad Vendor SupportExtensive SDKExtensive SDK