ISA Server 2004 ISA Server 2004 Technical Overview Technical Overview

What we will cover:What we will cover:

Improvements over ISA Server 2000Improvements over ISA Server 2000 Exploring the new user interfaceExploring the new user interface Configuring filtering and firewall policiesConfiguring filtering and firewall policies Publishing Web and mail serversPublishing Web and mail servers Enabling and configuring VPNEnabling and configuring VPN Viewing and configuring monitoring and alert optionsViewing and configuring monitoring and alert options

Prerequisite KnowledgePrerequisite Knowledge Experience with the Windows user interface Experience with the Windows user interface Experience supporting Microsoft NetworksExperience supporting Microsoft Networks Experience with firewall applicationsExperience with firewall applications

Level 200Level 200

AgendaAgenda

Introducing ISA Server 2004Introducing ISA Server 2004 Filtering and PoliciesFiltering and Policies Server Publishing and VPNServer Publishing and VPN Monitoring and AlertsMonitoring and Alerts

Introducing ISA Server 2004 Introducing ISA Server 2004 Firewall OverviewFirewall Overview

Protects resources on your networkProtects resources on your network Connects directly to the Internet and your private networkConnects directly to the Internet and your private network Screens network trafficScreens network traffic

Inbound or outboundInbound or outbound Allows only the data you want in or outAllows only the data you want in or out Denies everything elseDenies everything else

Acts as a proxy for internal servicesActs as a proxy for internal services Users, Web and email serversUsers, Web and email servers

Windows XP and later includes ICFWindows XP and later includes ICF

Introducing ISA Server 2004 Introducing ISA Server 2004 New and Improved FeaturesNew and Improved Features

Extensive protocol supportExtensive protocol support NewNew

Multiple network configurationMultiple network configuration NewNew

Unique per-network policiesUnique per-network policies NewNew

Network relationshipsNetwork relationships NewNew

VPN administrationVPN administration ImprovedImproved

Stateful inspection for VPNStateful inspection for VPN NewNew

Management and interfaceManagement and interface ImprovedImproved

Export and importExport and import NewNew

Delegated permissions Delegated permissions NewNew

Cache rulesCache rules ImprovedImproved

Introducing ISA Server 2004 Introducing ISA Server 2004 ISA Server 2000 User InterfaceISA Server 2000 User Interface

Introducing ISA Server 2004 Introducing ISA Server 2004 ISA Server 2004 User InterfaceISA Server 2004 User Interface

Introducing ISA Server 2004 Introducing ISA Server 2004 Firewall Configurations: Edge FirewallFirewall Configurations: Edge Firewall

Web ServerWeb Server

Mail ServerMail ServerDomain Domain ControllerController

Introducing ISA Server 2004 Introducing ISA Server 2004 Firewall InteractionFirewall Interaction

Web ServerWeb Server

Mail ServerMail Server

Introducing ISA Server 2004 Introducing ISA Server 2004 Firewall Configurations: Perimeter NetworkFirewall Configurations: Perimeter Network

Domain Domain ControllerController

Mail ServerMail Server

Web ServerWeb Server

SQL ServerSQL Server

VPN VPN ClientsClients

Introducing ISA Server 2004 Introducing ISA Server 2004 Multinetworking ImprovementsMultinetworking Improvements

ISA Server 2000 Local Address Table (LAT)ISA Server 2000 Local Address Table (LAT) All internal IP address rangesAll internal IP address ranges Determines where packet filters are appliedDetermines where packet filters are applied Determines where NAT or routing is performed Determines where NAT or routing is performed

ISA Server 2004 MultinetworkingISA Server 2004 Multinetworking Unlimited multiple networksUnlimited multiple networks Stateful inspection on all network trafficStateful inspection on all network traffic Configure policies and relationships on a per-network basisConfigure policies and relationships on a per-network basis

Introducing ISA Server 2004 Introducing ISA Server 2004 Network RulesNetwork Rules

Branch OfficeBranch Office

HeadquartersHeadquarters

Perimeter NetworkPerimeter NetworkInternetInternet

RoutedRouted

NAT

Introducing ISA Server 2004Introducing ISA Server 2004

Explore the User InterfaceExplore the User Interface

Create Perimeter NetworkCreate Perimeter Network

demonstrationdemonstration

AgendaAgenda

Introducing ISA Server 2004Introducing ISA Server 2004 Filtering and PoliciesFiltering and Policies Server Publishing and VPNServer Publishing and VPN Monitoring and AlertsMonitoring and Alerts

Filtering and Policies Filtering and Policies Filtering OverviewFiltering Overview

Determines which packets to allow through firewallDetermines which packets to allow through firewall Can apply to inbound and/or outbound trafficCan apply to inbound and/or outbound traffic Filter by protocol, port, or packet contentFilter by protocol, port, or packet content Allows certain traffic while denying othersAllows certain traffic while denying others

Application filteringApplication filtering Authentication and virus checkingAuthentication and virus checking

Dynamic packet filteringDynamic packet filtering Opens ports as neededOpens ports as needed

Filtering and Policies Filtering and Policies Application FiltersApplication Filters

Filters based on packet contentsFilters based on packet contents FTPFTP

Dynamically opens portsDynamically opens ports Intrusion detectionIntrusion detection

DNS attacksDNS attacks POP3 buffer overflow attacksPOP3 buffer overflow attacks

STMPSTMP Block spam, viruses, and dangerous codeBlock spam, viruses, and dangerous code

Streaming mediaStreaming media Specify streaming media protocolsSpecify streaming media protocols

Filtering and Policies Filtering and Policies Stateful InspectionStateful Inspection

Inspects traffic source and destinationInspects traffic source and destination Also known as dynamic packet filteringAlso known as dynamic packet filtering

Opens ports in response to user requestOpens ports in response to user request Closes ports when communication endsCloses ports when communication ends

Outgoing packets that request specific types of incoming packets are trackedOutgoing packets that request specific types of incoming packets are tracked Only replies are let back inOnly replies are let back in

Filtering and Policies Filtering and Policies Firewall Policies OverviewFirewall Policies Overview

Network rulesNetwork rules Determines how two networks are connectedDetermines how two networks are connected

Firewall policy rulesFirewall policy rules Access rulesAccess rules Publishing rulesPublishing rules

Outgoing requestsOutgoing requests Checks network rulesChecks network rules Check access rulesCheck access rules

Incoming requestsIncoming requests Checks publishing rulesChecks publishing rules Checks Web chaining rulesChecks Web chaining rules

Filtering and Policies Filtering and Policies Configuring PoliciesConfiguring Policies

ActionAction Allow or denyAllow or deny

ProtocolsProtocols Source and destination networksSource and destination networks Users or groupsUsers or groups ScheduleSchedule Application filteringApplication filtering

HTTP, RPC, FTP, SMTP, etc.HTTP, RPC, FTP, SMTP, etc. Change order of ruleChange order of rule

Filtering and Policies Filtering and Policies Outgoing Access RequestsOutgoing Access Requests

Route or NAT?

Route or NAT?

Filtering and PoliciesFiltering and Policies

Configure Perimeter-Internal AccessConfigure Perimeter-Internal Access

Create and Test Internet Access Firewall PolicyCreate and Test Internet Access Firewall Policy

HTTP ScanningHTTP Scanning

System PoliciesSystem Policies

demonstrationdemonstration

AgendaAgenda

Introducing ISA Server 2004Introducing ISA Server 2004 Filtering and PoliciesFiltering and Policies Server Publishing and VPNServer Publishing and VPN Monitoring and AlertsMonitoring and Alerts

Server Publishing and VPN Server Publishing and VPN Publishing RulesPublishing Rules

Allows access to servers on internal or perimeter networks from external networkAllows access to servers on internal or perimeter networks from external network Web publishingWeb publishing

Requires listenerRequires listener HTTP or HTTPSHTTP or HTTPS

Mail serverMail server RPC, POP3, SMTP clientsRPC, POP3, SMTP clients Web clientsWeb clients

OWA, OMAOWA, OMA Server-to-serverServer-to-server

Server Publishing and VPN Server Publishing and VPN Mail Server Publishing - BridgingMail Server Publishing - Bridging Secure connection to clientsSecure connection to clients Secure connection to mail serverSecure connection to mail server Secure connection to clients and serverSecure connection to clients and server Standard connections onlyStandard connections only

Server Publishing and VPN Server Publishing and VPN VPN and QuarantineVPN and Quarantine

Provides phased network access for remote clientsProvides phased network access for remote clients Restricts VPN clients before allowing access to the networkRestricts VPN clients before allowing access to the network

RRAS forwards VPN requests to ISARRAS forwards VPN requests to ISA ISA Server places the connecting client in the Quarantined VPN Clients networkISA Server places the connecting client in the Quarantined VPN Clients network

ISA checks firewall policyISA checks firewall policy Client is moved to VPN clients networkClient is moved to VPN clients network

Once it clears quarantineOnce it clears quarantine

Server Publishing and VPNServer Publishing and VPN

Create Web ListenerCreate Web Listener

Publish WideWorldImporters.com Web SitePublish WideWorldImporters.com Web Site

Publish Exchange for OWAPublish Exchange for OWA

Enable VPNEnable VPN

demonstrationdemonstration

AgendaAgenda

Introducing ISA Server 2004Introducing ISA Server 2004 Filtering and PoliciesFiltering and Policies Server Publishing and VPNServer Publishing and VPN Monitoring and AlertsMonitoring and Alerts

Monitoring and AlertsMonitoring and AlertsDashboardDashboard

Monitoring and AlertsMonitoring and AlertsAlertsAlerts

Monitoring and AlertsMonitoring and AlertsSessionsSessions

Monitoring and AlertsMonitoring and AlertsServicesServices

Monitoring and AlertsMonitoring and AlertsReportsReports

Monitoring and AlertsMonitoring and AlertsConnectivityConnectivity

Monitoring and AlertsMonitoring and AlertsLoggingLogging

Monitoring and AlertsMonitoring and Alerts

Monitoring the ISA ServerMonitoring the ISA Server

Monitoring ConnectivityMonitoring Connectivity

Logging Client AccessLogging Client Access

demonstrationdemonstration

Session SummarySession Summary ISA Server 2004 provides many benefitsISA Server 2004 provides many benefits

Advanced application layer firewall Advanced application layer firewall VPNVPN Web cache solutionWeb cache solution

ISA Server 2004 offers many improvements over ISA Server 2000ISA Server 2004 offers many improvements over ISA Server 2000 Enhanced user interfaceEnhanced user interface New featuresNew features Improved functionalityImproved functionality

For More Information…For More Information…

Main TechNet Web site at Main TechNet Web site at www.microsoft.com/technetwww.microsoft.com/technet

Additional resources to support this Session page Additional resources to support this Session page can be found atcan be found at

www.microsoft.com/technet/tnt1-111www.microsoft.com/technet/tnt1-111

For More Information…For More Information…

ISA Server Web site atISA Server Web site at

www.microsoft.com/ISAServerwww.microsoft.com/ISAServer What’s Ahead in ISA Server 2004What’s Ahead in ISA Server 2004

www.microsoft.com/isaserver/betawww.microsoft.com/isaserver/beta

Microsoft LearningMicrosoft LearningTraining Resources for IT ProfessionalsTraining Resources for IT Professionals

Course Title Course Title Course Number:Course Number: Availability:Availability: Detailed Syllabus: www.microsoft.com/learningDetailed Syllabus: www.microsoft.com/learning

To locate a training provider, please accessTo locate a training provider, please access

www.microsoft.com/learningMicrosoft Certified Technical Education CentersMicrosoft Certified Technical Education Centers

are Microsoft’s premier partners for training servicesare Microsoft’s premier partners for training services

Assess your ReadinessAssess your ReadinessMicrosoft Skills AssessmentMicrosoft Skills Assessment

What is Microsoft Skills Assessment?What is Microsoft Skills Assessment? Self-study learning tool to evaluate readiness for product and Self-study learning tool to evaluate readiness for product and

technology solutions, instead of job-roles (certification)technology solutions, instead of job-roles (certification) Windows Server 2003Windows Server 2003, , Exchange Server 2003, Windows Storage Exchange Server 2003, Windows Storage

Server 2003, Visual Studio .NET, Office 2003Server 2003, Visual Studio .NET, Office 2003 Free, online, unproctored, and available to anyoneFree, online, unproctored, and available to anyone Answers the question: “Am I ready?”Answers the question: “Am I ready?” Determines skills gaps and provides learning plans with Determines skills gaps and provides learning plans with

Microsoft Official Curriculum courses Microsoft Official Curriculum courses Post your High Score to see how you stack upPost your High Score to see how you stack up

visitvisit www.microsoft.com/assessmentwww.microsoft.com/assessment

Become a Microsoft Certified Become a Microsoft Certified Systems Administrator (MCSA)Systems Administrator (MCSA) What is the MCSA certification?What is the MCSA certification?

For For IT professionals who manage and maintain IT professionals who manage and maintain networks and systems based on Microsoft networks and systems based on Microsoft Windows ServerWindows Server

How do I become an MCSA on Microsoft How do I become an MCSA on Microsoft Windows Server 2003?Windows Server 2003? Pass 3 core examsPass 3 core exams Pass 1 elective exam or 2 CompTIA certificationsPass 1 elective exam or 2 CompTIA certifications

Where do I get more information?Where do I get more information?

www.microsoft.com/mcsawww.microsoft.com/mcsa

Become A Microsoft Certified Become A Microsoft Certified Systems Engineer (MCSE)Systems Engineer (MCSE)

What is the MCSE certification?What is the MCSE certification? Premier certification for IT Premier certification for IT pros who analyze the pros who analyze the

requirements, design, plan, and implement the requirements, design, plan, and implement the infrastructure for business solutions based on the infrastructure for business solutions based on the Microsoft Windows Server SystemMicrosoft Windows Server System

How do I become an MCSE on Microsoft How do I become an MCSE on Microsoft Windows 2003?Windows 2003? Pass 6 core examsPass 6 core exams Pass 1 elective exams from a comprehensive listPass 1 elective exams from a comprehensive list

Where do I get more information?Where do I get more information?

www.microsoft.com/www.microsoft.com/mcsemcse

Demonstrate Your Security or Demonstrate Your Security or Messaging SpecializationMessaging Specialization

What are MCSA/MCSE specializations?What are MCSA/MCSE specializations? Allows IT professionals to highlight specific expertiseAllows IT professionals to highlight specific expertise

within their job rolewithin their job role

Which specializations are available?Which specializations are available? MCSA: SecurityMCSA: Security MCSA: MessagingMCSA: Messaging MCSE: SecurityMCSE: Security MCSE: MessagingMCSE: Messaging

Where do I get more information?Where do I get more information?

www.microsoft.com/www.microsoft.com/mcsamcsa oror www.microsoft.com/mcsewww.microsoft.com/mcse

What is TechNet?What is TechNet? Put the right answers at your fingertipsPut the right answers at your fingertips

The comprehensive collection of resources to help IT prosThe comprehensive collection of resources to help IT prosplan, deploy and manage Microsoft products successfullyplan, deploy and manage Microsoft products successfully

Monthly updates delivered on DVD or CD The definitive resource to help you evaluate, deploy and

maintain Microsoft products

TechNet Subscription

Accessible at www.microsoft.com/technet Online resources and community Subscriber-only Online Services

TechNet Web Site

Biweekly e-newsletter Security updates, new resources, and special offers

TechNet Flash

Briefings on the latest Microsoft products and technologies Hands-on, “how to” information

TechNet Eventsand Webcasts

User GroupsManaged Newsgroups

TechNet Communities

Where Where CanCan I Get TechNet? I Get TechNet?

Visit TechNet online atVisit TechNet online atwww.microsoft.com/technetwww.microsoft.com/technet

Register for the TechNet Flash Register for the TechNet Flash /technet/abouttn/subscriptions/flash_register.mspx/technet/abouttn/subscriptions/flash_register.mspx

Join the TechNet online forum at Join the TechNet online forum at www.microsoft.com/technet/communitywww.microsoft.com/technet/community

Become a TechNet subscriber at Become a TechNet subscriber at www.microsoft.com/technet/abouttn/Subscriptionswww.microsoft.com/technet/abouttn/Subscriptions

Attend more TechNet events or view onlineAttend more TechNet events or view onlinewww.microsoft.com/technet/community/eventswww.microsoft.com/technet/community/events