Introduction to Microsoft Internet Security and Acceleration Server 2000Shantanu MondalSupport EngineerMicrosoft Platform Support Windows 2000 NetworkMicrosoft Corporation
What Is ISA? • ISA is Microsoft Internet Security and Acceleration Server 2000 • ISA is Microsoft’s new Internet firewall and Web-caching server built on Microsoft® Windows® 2000 • ISA takes advantage of the advanced OS technologies provided by Windows 2000 • ISA Server can use Microsoft® Active Directory™ to provide centralized and scalable management capabilities
Introduction to ISA 2000 • Integrated firewall and Web cache management: • ISA protects your internal computers from Internet by installing packet filter • ISA server protects all communication between internal computers and the Internet
Minimum System Requirements • To use Microsoft Internet Security and Acceleration (ISA) Server, you need: • A computer with a 300 MHz or faster Pentium II-compatible processor that is running one of these operating systems: • Microsoft Windows 2000 Server with Service Pack 1 or later • Windows 2000 Advanced Server with Service Pack 1 or later • Windows 2000 Datacenter Server
Minimum System Requirements (2) • Additional requirements: • 256 MB of RAM • 20 MB of available hard-disk space • A Windows 2000-compatible network adapter for communicating with the internal network • One local hard disk partition formatted with the NTFS file system
Migrating from Microsoft Proxy Server 2.0 • Microsoft Internet Security and Acceleration (ISA) Server supports a full migration path for Microsoft Proxy Server 2.0 users. • Most Proxy Server rules, network settings, monitoring configuration, and cache configuration migrate to ISA Server. • Furthermore, ISA Server will continue to support Winsock Proxy client software, together with its own firewall client software, in a heterogeneous client base.
Why Upgrade from Proxy 2.0? • More than 10 times faster than Proxy 2.0 • Superior Internet access control • Scaleable central management • Certified enterprise firewall • Extensible open platform
Internet Access • ISA Server manages Internet access consistently with access control policies
Single Management Interface • Administrators benefit from a single management interface for firewall and Web caching
ISA Server • ISA Server is built for enterprise • ISA provides tiered policy management • ISA allows local array policies; it can inherit policies from enterprise level • In distributed environment, administrators can delegate various levels of ISA administration
ISA and the Network • ISA Server secures your network, allowing you to implement your business security policy by configuring a broad set of rules that specify which sites, protocols, and content can be passed through the ISA Server computer.
Requests and Responses • ISA Server monitors requests and responses between the Internet and internal client computers, controlling who can access which computers on the corporate network.
ISA and Internal Clients • ISA Server also controls which computers on the Internet can be accessed by internal clients.
Firewall and Security • Firewall and security overview: • ISA Server can be deployed as dedicated firewall that acts as the secure gateway to the Internet for internal clients • Outgoing access policy • Intrusion detection • Application filters • Authentication • Security wizard
Outgoing Access Policy • You can use ISA Server to configure site and content rules and protocol rules that control how your internal clients access the Internet. • Site and content rules specify which sites and content can be accessed. • Protocol rules indicate whether a particular protocol is accessible for inbound and outbound communication.
Intrusion Detection • Integrated intrusion detection mechanisms can alert you when a specific attack is launched against your network.
Security Wizard • The ISA Server Security Wizard allows you to set the appropriate level of system security, based on how ISA Server functions in your network.
Application Filters • ISA Server controls application-specific traffic with data-aware filters. • ISA Server uses the filters to determine if packets should be accepted, rejected, redirected, or modified.
Authentication • ISA Server supports the following user authentication methods: • Integrated Windows authentication • Client certificates • Digest • Basic
Extensibility • Extensible administration • Application filters • Web filters • Extensible user interface • Extensible alerts • Extensible storage
More Information • Useful Web sites • http://www.microsoft.com/ISAServer/ • http://www.isaserver.org/(Note that this site is not affiliated with Microsoft in any way.) • Book: • Microsoft ISA Configuration and Administration by Curt Simmons (ISBN: 0764548050)