Introduction to Microsoft ISA Server 2006
Microsoft Internet Security and Acceleration (ISA) Server 2006 is a secure web gateway closely integrated with Windows Server 2003. As with ISA Server 2004, ISA Server 2006 combines an application-layer firewall with virtual private networking (VPN), proxy, and Web-caching capabilities. Features of ISA Server 2006 that make it the platform of choice for solving main office and branch office security concerns include:
Microsoft ISA Server 2006 and Secure Application Publishing
Intelligent Application Gateway (IAG) 2007
Microsoft's Intelligent Application Gateway (IAG) 2007 is a high-performance application access and security system integrated with ISA Server 2006. IAG 2007 provides SSL VPN, a Web application firewall, and endpoint security management that enable access control, authorization, and content inspection for a variety of line-of-business applications. These technologies provide mobile and remote workers with easy and flexible secure access from a broad range of devices including PCs and smart phones. IAG also enables IT administrators to enforce compliance with application and information usage guidelines through a customized remote access policy based on device, user, application or other criteria.
Secure Server Publishing
Businesses typically need to make web servers, email servers, and e-commerce applications available to authorized external users and customers without compromising the protection of those resources against a variety of threats. Traditional firewalls can be difficult to configure for these purposes, leading to preventable security gaps. Microsoft estimates that 95% of application layer breaches result from improper configurations. ISA Server 2006 can impersonate internal servers through a reverse proxy process known as publishing to add a layer of security at the network edge.
Web Server Publishing with ISA Server 2006 is more secure and flexible than traditional web publishing. Because ISA Server 2006 inspects HTTP content before it reaches the web servers, it provides one element of a defense-in-depth strategy. It can also be used as a central location to block access to dangerous or objectionable web sites, which is easier than configuring each web server individually. ISA Server 2006 processes only approved URLs and filters any unauthorized or invalid HTTP syntax. It can also block based on signatures in the HTTP request or response. ISA Server 2006 builds upon the functionality of ISA Server 2004 to enable and optimize secure web publishing scenarios, including Windows SharePoint Services publishing, Microsoft Outlook Web Access (OWA) publishing, publishing of multiple Web sites, and publishing of Web server farms.
Windows SharePoint Services are a popular solution for companies to enable internal collaboration. The SharePoint Publishing Wizard introduced in ISA Server 2006 makes it easy to provide that same collaborative functionality to external audiences including remote workers and business partners. With this wizard, publishing multiple sites simultaneously is quick, easy and secure, with link translation implemented automatically so that remote clients can resolve the addresses of internal server pages with externally accessible pages. The Microsoft SharePoint Portal Server Application Optimizer included with IAG 2007 delivers out-of-the-box capabilities to extend extranet access to SharePoint from any Internet-enabled device. The SharePoint Application Optimizer provides the ability to:
Outlook Web Access (OWA) is integrated into ISA Server 2006. A new publishing wizard makes it easy to allow secure remote access to Outlook Web Access Web sites. You can easily publish Exchange through traditional protocols, Web client access (including Outlook Web Access, Outlook Mobile Access, and Exchange ActiveSync), or server-to-server communication. When publishing Outlook Web Access, you can choose to include any combination of popular methods including Outlook Web Access, Outlook RPC over HTTP, Outlook Mobile Access, and Exchange ActiveSync. You also have the option of publishing a single server or a server farm.
The Application Optimizer for Microsoft Dynamics CRM 3.0 included with IAG 2007 helps provide secure publishing of the CRM Web portal, with customized policies that handle CRM-specific user actions, security, and information protection. The Microsoft Dynamics Application Optimizer includes:
How Progent's Consultants Can Help You with ISA Server 2006
Progent's Microsoft-qualified ISA 2006 consultants can help you manage, optimize, and support your ISA Server 2006 deployment so that your business achieves a smart and affordable combination of security, convenience, and performance. Progent can also help you plan and carry out a cost-effective Forefront TMG 2010 migration when you are ready to move up to what Microsoft calls the next generation of ISA 2006. Progent's CISM and CISSP certified security consultants can help you develop a comprehensive security strategy that includes Microsoft Exchange 2019 migration expertise or Microsoft Exchange 2016 planning and deployment services for secure messaging and System Center Operations Manager (SCOM) for server monitoring and alerts as well as automatic remediation. Progent's team of Cisco CCIE network engineers can deliver world-class consulting in designing and troubleshooting an advanced security infrastructure that utilizes Cisco routers and switches.
If you want help with planning, maintaining or troubleshooting ISA Server 2006, call