LIMITED OFFER
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code needed.
Dr. Tom and Debra Shinder have become synonymous with Microsoft's flagship firewall product ISA Server, as a result of Tom's prominent role as a member of the beta development… Read more
LIMITED OFFER
Immediately download your ebook while waiting for your print delivery. No promo code needed.
Dedications
Acknowledgments
About the Authors
Technical Editor
A Note From the Publisher
From Deb and Tom Shinder, Authors
Chapter 1: Evolution of a Firewall: From Proxy 1.0 to ISA 2004
The Book: What it Covers and Who It’s For
Security: The New Star of the Show
Firewalls: The Guardians at the Gateway
ISA: From Proxy Server to Full-Featured Firewall
Summary
Chapter 2: Examining the ISA Server 2004 Feature Set
The New GUI: More Than Just a Pretty Interface
Teaching Old Features New Tricks
New Features on the Block
Missing in Action: Gone but Not Forgotten
Summary
Solutions Fast Track
Chapter 3: Stalking the Competition: How ISA 2004 Stacks Up
Firewall Comparative Issues
Comparing ISA 2004 to Other Firewall Products
Summary
Solutions Fast Track
Chapter 4: ISA 2004 Network Concepts and Preparing the Network Infrastructure
Our Approach to ISA Firewall Network Design and Defense Tactics
Tom and Deb Shinder’s Configuring ISA 2004 Network Layout
How ISA Firewall’s Define Networks and Network Relationships
Web Proxy Chaining as a Form of Network Routing
Firewall Chaining as a Form of Network Routing
Configuring the ISA Firewall as a DHCP Server
Summary
Solutions Fast Track
Chapter 5: ISA 2004 Client Types and Automating Client Provisioning
Understanding ISA 2004 Client Types
Automating ISA 2004 Client Provisioning
Automating Installation of the Firewall Client
Summary
Chapter 6: Installing and Configuring the ISA Firewall Software
Pre-installation Tasks and Considerations
Performing a Clean Installation on a Multihomed Machine
Default Post-installation ISA Firewall Configuration
The Post-installation System Policy
Performing an Upgrade Installation
Performing a Single NIC Installation (Unihomed ISA Firewall)
Quick Start Configuration for ISA Firewalls
Hardening the Base ISA Firewall Configuration and Operating System
Summary
Solutions Fast Track
Chapter 7: Creating and Using ISA 2004 Firewall Access Policy
Introduction
ISA Firewall Access Rule Elements
Configuring Access Rules for Outbound Access through the ISA Firewall
Using Scripts to Populate Domain Name Sets
Creating and Configuring a Public Address Trihomed DMZ Network
Allowing Intradomain Communications through the ISA Firewall
Summary
Solutions Fast Track
Chapter 8: Publishing Network Services with ISA 2004 Firewalls
Overview of Web Publishing and Server Publishing
Creating and Configuring Non-SSL Web Publishing Rules
Creating and Configuring SSL Web Publishing Rules
SSL Bridging
SSL “Tunneling” versus SSL “Bridging”
What About SSL-to-HTTP Bridging?
Enterprise and Standalone Certificate Authorities
SSL-to-SSL Bridging and Web Site Certificate Configuration
Importing Web Site Certificates into The ISA Firewall’s Machine Certificate Store
Requesting a User Certificate for the ISA Firewall to Present to SSL Web Sites
Creating an SSL Web Publishing Rule
The Publishing Mode Page
The Select Rule Action page
The Bridging Mode Page
The Define Website to Publish Page
The Public Name Details Page
The Select Web Listener Page
The User Sets Page
The SSL Web Publishing Rule Properties Dialog Box
Creating Server Publishing Rules
Creating Mail Server Publishing Rules
Summary
Solutions Fast Track
Chapter 9: Creating Remote Access and Site-to-Site VPNs with ISA Firewalls
Overview of ISA Firewall VPN Networking
Creating a Remote Access PPTP VPN Server
Creating a Remote Access L2TP/IPSec Server
Creating a PPTP Site-to-Site VPN
Creating an L2TP/IPSec Site-to-Site VPN
IPSec Tunnel Mode Site-to-Site VPNs with Downlevel VPN Gateways
Using RADIUS for VPN Authentication and Remote Access Policy
Using EAP User Certificate Authentication for Remote Access VPNs
Supporting Outbound VPN Connections through the ISA Firewall
Installing and Configuring the DHCP Server and DHCP Relay Agent on the ISA Firewall
Creating a Site-to-Site VPN Between an ISA Server 2000 and ISA Firewall
A Note on VPN Quarantine
Summary
Solutions Fast Track
Chapter 10: ISA 2004 Stateful Inspection and Application Layer Filtering
Introduction
Application Filters
Web Filters
IP Filtering and Intrusion Detection/Intrusion Prevention
Summary
Solutions Fast Track
Chapter 11: Accelerating Web Performance with ISA 2004 Caching Capabilities
Understanding Caching Concepts
Understanding ISA Server 2004’s Web Caching Capabilities
Configuring ISA Server 2004 as a Caching Server
Summary
Fast Track
Chapter 12: Using ISA Server 2004’s Monitoring, Logging, and Reporting Tools
Introduction
Exploring the ISA Server 2004 Dashboard
Creating and Configuring ISA Server 2004 Alerts
Monitoring ISA Server 2004 Connectivity, Sessions, and Services
Working with ISA Server 2004 Logs and Reports
Using ISA Server 2004’s Performance Monitor
Solutions Fast Track
Index
DL
Deb has been a tech editor, developmental editor and contributor on over 20 additional books on networking and security subjects, as well as study guides for Microsoft's MCSE exams, CompTIA's Security+ exam and TruSecure’s ICSA certification. She formerly edited the Element K Inside Windows Server Security journal. She authored a weekly column for TechRepublic’s Windows blog, called Microsoft Insights and a monthly column on Cybercrime, and is a regular contributor to their Security blog, Smart Phones blog and other TR blogs. She is the lead author on Windowsecurity.com and ISAServer.org, and her articles have appeared in print magazines such as Windows IT Pro (formerly Windows & .NET) Magazine. She has authored training material, corporate whitepapers, marketing material, webinars and product documentation for Microsoft Corporation, Intel, Hewlett-Packard, DigitalThink, GFI Software, Sunbelt Software, CNET and other technology companies.
Deb specializes in security issues, cybercrime/computer forensics and Microsoft server products; she has been awarded Microsoft’s Most Valuable Professional (MVP) status in Enterprise Security for eight years in a row. A former police officer and police academy instructor, she has taught many courses at Eastfield College in Mesquite, TX and sits on the board of the Criminal Justice Training Center there. She is a fourth generation Texan and lives and works in the Dallas-Fort Worth area.
TS