330 likes | 592 Views
Introduction. Scott PrattWindows NT MCSE, MCSE IWindows 2000/2003 MCSA, MCSA/Messaging, MCSA/SecurityWindows 2000/2003 MCSE, MCSE/Messaging, MCSE/SecurityMicrosoft Certified Trainer / MCDST / MCP, MCP INewbury PartnersMicrosoft Certified Partner, offices in Salem, Manchester, and Nashua, NHJo
E N D
2. Introduction Scott Pratt
Windows NT MCSE, MCSE+I
Windows 2000/2003 MCSA, MCSA/Messaging, MCSA/Security
Windows 2000/2003 MCSE, MCSE/Messaging, MCSE/Security
Microsoft Certified Trainer / MCDST / MCP, MCP+I
Newbury Partners
Microsoft Certified Partner, offices in Salem, Manchester, and Nashua, NH
Job responsibility
Network security experience
Microsoft® Proxy Server / ISA Server 2000 experience
3. Introducing ISA Server 2004 What Are the Benefits of ISA Server 2004
ISA Server 2004 Management Interface
Differences Between ISA Server 2000 and ISA Server 2004
4. What Are the Benefits of ISA Server 2004?
5. ISA Server 2004 Management Interface
6. Differences Between ISA Server 2000 and ISA Server 2004 Multiple network support
Policies assigned per network
Routed and NAT network relationships
Extended protocol support
Advanced application filtering
Enhanced authentication options
VPN and quarantine integration
Stateful inspection for VPN
Export and import
Delegated permissions wizard for firewall administrator roles
7. Deployment Scenarios for ISA Server 2004 How ISA Server Works as an Internet Edge Firewall
How ISA Server Works as a Back-End Firewall
How ISA Server Works as a Branch Office Firewall
How ISA Server Works as an Integrated Firewall, Proxy, and Caching Server
How ISA Server Works as a Proxy- and Caching-Only Server
8. How ISA Server Works as an Internet Edge Firewall Use ISA Server to:
Block all Internet traffic unless explicitly allowed
Publish internal servers such as Web or Exchange servers
Provide a VPN gateway for remote users
Provide proxy and caching services
9. How ISA Server Works as a Back-End Firewall Use ISA Server to:
Securely publish Exchange servers
Securely publish other internal Web servers
Provide proxy and caching services
10. How ISA Server Works as a Branch Office Firewall Use ISA Server to:
Create a IPSec tunnel-mode VPN between offices
Create a PPTP or L2TP with IPSec VPN between offices
Inspect and filter all traffic between offices
Provide secure access to the Internet at the branch office
11. How ISA Server Works as an Integrated Firewall, Proxy, and Caching Server Use ISA Server to:
Provide proxy and caching services to conserve Internet bandwidth
Configure dial-up connections to the Internet
Block all inbound network traffic
Provide secure configurations using network templates and server publishing wizards
12. How ISA Server Works as a Proxy- and Caching-Only Server Use ISA Server with a single network adapter to provide proxy and caching services
Deploying ISA Server with a single network adapter means that it does not provide additional security functionality
13. Installing ISA Server 2004 Installing ISA Server 2004
Choosing ISA Server Clients
Securing ISA Server 2004
Maintaining ISA Server 2004
14. System and Hardware Requirements for ISA Server 2004
15. Installation Types and Components
16. Configuration Choices During Installation
17. Default Configuration for ISA Server 2004 Only Administrators can modify firewall policies
Traffic is routed between the ISA Server and all other networks
Traffic between the Internal network, the VPN network, the VPN Quarantine network, and the Internet will use network address translation
Traffic is routed between the VPN network and the Internal network
System policy permits access to the ISA Server but access rules deny all network traffic through the ISA Server
No servers are published
Web Proxy requests will be retrieved directly from the Internet
Caching is disabled
A rule enabling access to the Firewall Client installation share is configured if you install the Firewall Client installation files
18. Upgrade Options from ISA Server 2000 to ISA Server 2004
19. Choosing ISA Server Clients Types of ISA Server Clients
How to Configure a SecureNAT Client
How to Configure Web Proxy Clients
Guidelines for Choosing an ISA Server Client
20. Types of ISA Server Clients
21. How to Configure a SecureNAT Client
22. How to Configure Web Proxy Clients
23. Guidelines for Choosing an ISA Server Client
24. Allowing Access through ISA Server ISA Server 2004 as a Proxy Server
Configuring Multi-Networking on ISA Server
Configuring Access Rule Elements
Configuring Access Rules for Internet Access
25. How ISA Server Enables Secure Access to Internet Resources
26. Why Use a Proxy Server?
27. How Does ISA Server 2004 Support Multiple Networks? Support any Number of Networks
VPN Networks Representedas Networks
Dynamic NetworkMembership
Per Network Rules
Per Network Policies
Network Sets
28. What Are Access Rule Elements?
29. Configuring Access Rules for Internet Access What Are Access Rules?
How Network Rules and Access Rules Are Applied
About Authentication and Internet Access
How to Configure Access Rules
How to Configure HTTP Policy
30. What Are Access Rules?
31. How Network Rules and Access Rules Are Applied
32. About Authentication and Internet Access Authentication and ISA Server Clients
Authentication Methods
Basic authentication
Digest authentication
Integrated Windows authentication
Digital certificates authentication
RADIUS authentication
RSA SecureID authentication
33. How to Configure Access Rules
34. How to Configure HTTP Policy