by John Loomes
Microsoft ISA (Internet Security and Acceleration)
Server 2000 is part of the .NET Enterprise Servers product family.
Microsoft ISA (Internet Security and Acceleration)
Server 2000 is part of the .NET Enterprise Servers product family.
For more info on .NET follow this LINK
The product replaces Microsoft Proxy Server 2.0, but
offers much, much more in terms of functionality. This article aims
to give the reader an overview of these features.
ISA Server 2000 is a fully extensible, enterprise
level internet gateway. It combines roles previously assigned to
separate products such as firewall, proxy server and Web caching.
Although you have the ability to mix and match these features within
ISA Server to suit your environment. So if you’ve already spend a
lot of time and money on a dedicated firewall solution, then you
could disable the firewall functionality within ISA Server.
ICSA Labs, who are highly respected in the heady world
of Internet Security, has certified Microsoft ISA Server 2000 as a
secure enterprise firewall. ICSA certification is the de facto
standard for firewalls, and this certification therefore sends out a
clear message to Microsoft’s customers that ISA Server 2000 is an
Enteprise class product, capable of taking on the traditional market
leaders in Internet Security.
Overview
of Features
The main features of ISA Server 2000 can be divided
into the following categories:
Internet Connectivity and Security
ISA Server includes the following firewall and
security features:
- Intrusion detection: ISA Server is configurable to detect and
alert you against specific attacks - Outgoing access policy: Use policies and rules to control how
clients access the Internet. This can be done by using both Sites
and Content rules and Protocol rules.i.e. whether a particular
protocol is enabled/disabled for inboard/outboard traffic and also
which particular sites/content are allowed/not allowed. - System Security Wizard: Lock down Windows 2000 by using
pre-defined security templates. - Application Filters: Configure filters to control application
specific traffic such as HTTP. FTP, SMTP etc…. - VPN Support: Intergrates with Virtual Private Networking (VPN)
services in Windows 2000
Productivity
ISA Server includes several Web caching features in
order to increase access times and therefore productivity to
content, these are as follows:
- Hierarchical caching: This allows you to set up a series and
ISA Servers, such that a client will access the cached content
that is geographically nearest to them. - Reverse caching: HTTP and FTP content can be cached from
publishing servers, improving access times - Scheduled caching: Commonly requested content can be updated
on a schedule from the Internet.
Content Publishing
ISA Server allows you to publish both content and
applications via series of rules. This means you can make both
content and applications avaiable to specific clients, without the
need to make configuration changes on the publishing server(s).
Management
The fact the ISA Server offers both firewall and Web
cache feature sets means that both of these can be managed from a
single point, whereas traditionally these would be managed
seperately. ISA Server uses a policy-based administration tool which
makes management far less complex than in traditional products.
Being part of the .NET Platform, ISA Server is
extensible via XML and comes with an API for programmatically
managing it.
ISA
Server, Enterprise Edition
As with many Microsoft products, ISA Server comes in
two flavours, Standard and Enterprise. ISA Server 2000, Enterprise
Edition offers the following additional features over the Standard
Product:
- Multiserver arrays: This gives you the ability to effectively
cluster and load balance serveral ISA Servers for increased
performance and fault tolerance. - Two levels of policy management: Policies can be applied at
both the array and enterprise level. This allows you to configure
ALL ISA servers within your organisation using one policy, if
required. - No restriction on number of processors. ISA Server, Standard
Edition is limited to 4 processors.
Further
Reading
For more information on ISA Server 2000, visit the following LINK