Read an Excerpt
It is rare to run into that one product that impresses technical audiences in the way that ISA Server 2004 has managed to. As I prepared to write this book, what surprised me was not ISA's ability to wow and charm Microsoft-centric environments, but its ability to impress the Microsoft-skeptic crowds as well. These are the ones who have been skeptical of anything coming out of Redmond with "Security" in its titlefor good reason in many cases. So, from its release, ISA faced a seemingly insurmountable uphill battle for acceptance, which makes its success even more impressive.
I have had the luxury of working closely with several of the best technologies Microsoft has produced: Active Directory, SQL Server, SharePoint, and Exchange. It therefore takes a powerful product for me to be impressed, and ISA Server 2004 really has done that. ISA functionality is broad, with VPN, reverse proxy, firewall, content caching, and protocol filtering capabilities. Marketing slogans are one thing, but this product really does live up to its billing. I have deployed, administered, and tested ISA Server at organizations of many sizes and functions, from city governments to banks to law firms to technology firms, and have had great success with the product. The breadth and depth of functionality that ISA provides makes my job designing security for these types of environments that much easier.
This book is the result of my experience and the experiences of my colleagues at Convergent Computing in working with ISA Server 2004 Standard and Enterprise versions, in the beta stages and in deployment. I wrote this book to be topical, so that youcan easily browse to a particular section and follow easy-to-understand step-by-step scenarios. In addition, if you are looking for a good overview on ISA, the book can be read in sequence to give you a good solid understanding of the higher levels of security and functionality ISA can provide. The Target Audience of This Book
This book is geared toward Information Technology professionals who have moderate to high levels of exposure to firewall, security, and network technologies. It is ideal for those administrators who need a good in-depth knowledge of how ISA works and how it can be used to perform common tasks. In addition, this book is ideal for security administrators who are looking to deploy ISA as an additional layer of security in an existing environment, particularly for securing Outlook Web Access, websites, and other internal services.The Organization of This Book
This book is divided into four parts:.
Part I: Designing, Exploring, and Understanding ISA Server 2004This section covers the basics of ISA Server 2004, including an overview of the technology, a walkthrough of the tools and features, and specific installation steps. In addition, design scenarios for ISA deployment are presented and analyzed, and migration steps from ISA 2000 are given.
Part II: Deploying ISA Server 2004This section covers the deployment of ISA technologies, discussing multiple common scenarios for which ISA is often used for. Discussion surrounding ISA firewall, content caching, reverse proxy, and Enterprise version deployment is discussed, and step-by-step deployment guides are illustrated. In addition, detailed analysis of Virtual Private Network support, including both client and site-to-site VPN, are covered.
Part III: Securing Servers and Services with ISA Server 2004Part III focuses on the specifics of securing protocols and services using the built-in HTTP, FTP, RPC, and other filters in ISA Server 2004. Specific instructions on how to use ISA to secure Microsoft Exchange Outlook Web Access (OWA), including the common scenario of deploying ISA within the DMZ of an existing firewall, are outlined in depth. In addition, securing techniques for SharePoint sites, web servers, Outlook MAPI traffic, and other common scenarios are explained.
Part IV: Supporting an ISA Server 2004 InfrastructureThe nuts and bolts of administering, maintaining, and monitoring an ISA Server 2004 environment are explained in this section, with particular emphasis on the day-to-day tasks that are needed for the "care and feeding" of ISA. Critical tasks that are often overlooked, such as automating ISA Server Configuration backups and documenting ISA Server rules, are presented and analyzed. Throughout this section, tips and tricks to keep ISA well maintained and working properly are outlined.
The following conventions are used in this book:
Caution - Cautions alert you to common pitfalls that you should avoid.
Tip - Tips are used to highlight shortcuts, convenient techniques, or tools that can make a task easier. Tips also provide recommendations on best practices you should follow.
Note - Notes provide additional background information about a topic being described, beyond what is given in the chapter text. Often, notes are used to provide references to places where you can find more information about a particular topic.
A sidebar provides a deeper discussion or additional background to help illuminate a topic.
If you are like many out there recently tasked with an ISA project or simply looking for ways to bring security to the next level, this book is for you. I hope you enjoy reading it as much as I enjoyed creating it and working with the product.
© Copyright Pearson Education. All rights reserved.