In a nutshell, Microsoft’s recently released update for its Internet Security and Acceleration (ISA) Server 2000 product provides an enhanced level of security and adds numerous features designed to extend the overall functionality of the popular proxy server. This article overviews the major features that Feature Pack 1 brings to ISA Server 2000.
Feature Pack 1 for Microsoft’s ISA Server 2000 is chock full of new features that in the past would have been squeezed into a Service Pack. Ryan Smith steps through the major changes and offers examples of where these new features may come in handy.
Released in January 2003, ISA Server 2000 Feature Pack 1 is a collection of new features that in the past would have been squeezed into a Service Pack. Because of Microsoft’s new stance on its software, these features have been included in a Feature Pack as opposed to a Service Pack. The advantage of this is that it allows enterprises to choose which features they wish to deploy.
In addition, this alleviates the worry that a new feature added to a Service Pack conflicts with an existing feature or third-party software.
The major features of Microsoft ISA Server 2000 Feature Pack 1 are:
- Enhanced SMTP filter
- Enhanced Exchange RPC filter
- URLScan 2.5 for ISA Server
- Web Authentication for RSA SecurID
- OWA wizard
- RPC filter configuration wizard
- Link Translator
Enhanced Simple Mail Transfer Protocol (SMTP) Filter
The SMTP filter in Feature Pack 1 has been enhanced to improve performance. It enables the system administrator to configure an SMTP relay that users can authenticate to from outside of the network. This is designed allow external users to attach to the SMTP relay while at the same time preventing spammers from using SMTP relay for their own purposes.
Enhanced Exchange Remote Procedure Call (RPC) Filter
In Feature Pack 1 the Exchange RPC filter has been enhanced to provide two main new features. Administrators can enforce the encryption of RPC traffic between an external Outlook Client and an internal Exchange Server through ISA Server, and ISA Server supports outbound RPC communication so internal Outlook Clients can access an external Exchange Server through ISA Server.
URLScan 2.5 for ISA Server
Feature Pack 1 contains a new version of URLScan designed specifically for
ISA Server. With the URLScan tool users can further secure IIS Server publishing
on the ISA Server itself. URL scanning enables sys admins to specify which verbs (HTTP methods), headers, extensions, and strings are acceptable in users’ HTTP requests.
Web Filter for RSA SecurID Authentication
This new filter enables strong, two-factor RSA SecurID authentication for Web and other servers running Outlook Web Access (OWA) on ISA Server. When a user attempts to gain access to SecurID-protected Web pages, the ISA Server prompts the user for his or her SecurID information. If the credentials validate, the user is granted access to the protected content.
Feature Pack 1 includes a new OWA Wizard to simplify and speed up the ISA Server configuration process and help protect an OWA deployment. Before Feature Pack 1, and this handy wizard, the server had to be manually configured to support OWA.
RPC Filter Configuration Wizard
The RPC Filter wizard, new in Feature Pack 1, allows users to configure a granular level
of access to RPC services inside a network. In the past, all RPC traffic was allowed through the ISA Server.
The link translator in Feature Pack 1 enables the publication of Web sites with absolute links. Link translation is especially useful when an external user attempts to access a published Web site that contains absolute links to the Web site itself. These absolute links in a Web server are automatically translated for users browsing from the Internet. This process minimizes the need to manually modify intranet Web pages before making them available on the Internet.
Microsoft ISA Server 2000 Feature Pack 1 adds some great enhancements to an already great product. It’s particularly exciting to see a product’s functionality extended without that functionality coming in the form of a Service Pack.
The enhanced SMTP filter alone is justification for deploying Feature Pack 1 to an ISA Server installation. The long-awaited capability to secure an SMTP relay and allow external users to access it is another huge bonus.
Microsoft ISA Server 2000 Feature Pack 1 is available for download at http://www.microsoft.com/isaserver/featurepack1/default.asp.
Hopefully, future, additional Feature Packs will be released not only for ISA Server but also for other Microsoft products.