Overview of Microsoft ISA Server 2006
Hacking incidents against businesses are increasing relentlessly in volume and sophistication. Because traditional network firewalls are not designed to prevent intrusions at the application layer, most Internet-based attacks target applications such as email, Web services, and on-line collaboration software. Compounding the problem is the fact that today's workforce is becoming more mobile, which creates additional security challenges. Many threats bypass traditional stateful packet inspection-only firewalls through protocols such as Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP). Older generation packet inspection firewalls are not equipped to deal with application-based threats because they do not offer deep inspection of Web-based content. Networks without advanced firewalls capable of providing application-layer protection are increasingly vulnerable to identity theft, Web site defacement, unauthorized network access, theft of proprietary information, and service disruption, all of which can result in significant loss of productivity and profit.
ISA Server 2006 is a multi-functional edge gateway that provides a fully integrated application layer firewall, virtual private network (VPN), proxy, and Web caching solution for protecting the Internet-facing networks of any organization against a broad range of attacks. Internet Security and Acceleration Server 2006 allows your business to defend your network from external and internal Internet-based threats, securely publish information for remote access, and safely connect your branch offices.
Progent is a Microsoft Certified Partner and can help you maintain and enhance your ISA Server 2006 environment to ensure the security and compliance of your network. Progent's consultants offer cost-effective online expertise with ISA Server 2006 and with related Microsoft products including Windows Server, Exchange, SQL Server, and SharePoint. Progent also offers extensive experience with System Center Operations Manager and can help you monitor ISA Server 2006 on a 24x7 basis so you can react immediately to web infrastructure issues before they can impact your mission-critical business applications.
Key Features of ISA Server 2006
Although ISA Server 2006 has been replaced by Microsoft Forefront Threat Management Gateway, ISA Server 2006 remains in wide use because it delivers important core capabilities including:
- Integrated Security
Based on the Windows Server 2003 platform, ISA Server 2006 secures your environment and protects your network from malicious attacks. ISA Server 2006 provides security through integration with Microsoft application infrastructure and Microsoft Windows services such as NTLM and Kerberos authentication, the Active Directory directory service, VPN, Routing and Remote Access, and Network Load Balancing (NLB).
- Efficient Management
ISA Server 2006 makes it simple to enable new usage scenarios with your existing infrastructure. ISA Server 2006 provides reduced ownership costs and streamlined management through an intuitive user interface, extensive administration tools, a flexible software development kit (SDK), remote management capability, and strong logging and reporting features.
- Fast and Secure Access
ISA Server 2006 ensures your data and applications are safe and users are productive. With its compression, caching, single sign on, and link translation features, ISA Server 2006 provides secure, high speed, and seamless user access to corporate applications and data.
Improvements of Microsoft ISA Server 2006 Over ISA Server 2004
Improved features of Microsoft ISA 2006 compared to previous versions offer substantial business benefits for common applications such as web access protection, secure application publishing, and branch office gateways. The new or enhanced features incorporated in Microsoft ISA Server 2006 include:
Web Access Protection
- Multi-layer deep content inspection helps protect IT assets and corporate intellectual property such as data stored in Internet Information Services (IIS), Exchange Server, Windows SharePoint Services, and other network infrastructure resources from attackers, viruses, and unauthorized use with comprehensive and flexible policies, customizable protocol filters, and network routing relationships. This safeguards internal network resources by screening all incoming and outgoing Internet traffic and protecting against sophisticated attacks. This also provides controlled user access to both internal and external resources.
- Enhanced flood resiliency features for event handling and monitoring help defend your network and provide better resistance to Denial of Service (DoS) attacks and distributed DoS attacks. This provides protection against externally originated threats.
- Enhanced worm resiliency through simplified client IP alert pooling and connection quotas mitigates the effects infected computers have on your network. This provides resiliency against internally originated attacks.
- Enhanced attack remediation through comprehensive alert triggers and responses can quickly notify administrators of network problems. This provides remediation during attacks.
- Log throttling and control of memory consumption and pending DNS queries provide enhanced resource control. This provides mitigation measures when a network is under attack and minimizes performance impact on the network.
- Unified management and monitoring across your ISA Server infrastructure can be achieved with the ISA Server 2006 Management Pack for Microsoft Operations Manager, and enterprise-level and array-level policies can be used to control security and access rules across your organization. This provides cost-effective centralized management.
Secure Application Publishing
- SSL bridging provides inspection of encrypted content, better application scalability through offloading SSL processing to ISA Server, and lower latency through support for SSL hardware accelerators. This maintains confidentiality of communications.
- Enhanced multi-factor authentication (smart cards and one-time passwords), flexible integration with Active Directory, and customizable forms-based authentication for almost any Web application and client device increases security and deployment flexibility for Web application servers. This provides comprehensive security for instances when a user remotely accesses a corporate resource.
- Enhanced authentication delegation (including NTLM, Kerberos, and SecurID) and improved session management that detects non-user traffic through automatic idle-based time-outs make it easier to integrate ISA Server with your existing authentication infrastructure and gain more access control. This accommodates the needs of an increasingly mobile workforce using different devices.
- Unified firewall and VPN policy management, deep content inspection, and VPN Quarantine integration makes it easier to secure inbound traffic and protect your network from inside attacks through VPN client connections. This protects internal corporate resources while providing secure access to authenticated users.
- Web Publishing Load Balancing makes it easy to deploy entire farms of Web servers behind ISA Server using session-based and IP-based affinity with automatic out-of-service detection. This ensure resources are always available and served up quickly when accessed remotely.
Branch Office Gateways
- A multi-network architecture, network templates and configuration wizards, and stateful IP routing and inspection makes it easy to deploy ISA Server into existing IT environments as an edge, departmental, or branch office firewall without changing your network architecture. This makes it possible to manage policy efficiently and cost effectively across geographically dispersed offices.
- BITS caching to accelerate the deployment of software updates and keep remote computers protected makes it possible to maintain a secure branch office infrastructure.
- Integrated Web caching in corporate data centers enhances network performance and reduces bandwidth costs. Distributed hierarchical caching optimizes branch office content delivery. This provides fast access while combating the high cost of WAN connectivity.
- Faster propagation of enterprise policies, reduced server requirements, and optimizations for low bandwidth allow you to manage remote ISA Server computers more effectively. This makes it possible to manage deployment of policy between offices while optimizing available bandwidth.
- HTTP traffic compression and caching improve Web page load times and reduce WAN costs for users in branch offices. This improves slow, unreliable Web access for branch offices and efficiently utilizes limited bandwidth at the branch office.
- Diffserv IP settings help ensure that the highest priority applications have precedence over other network traffic, providing better bandwidth utilization and response times for critical Web resources. This ensures that applications with higher business priority operate at maximum possible performance.
How Progent's Microsoft Certified Consultants Can Help You with ISA Server 2006
Firewalls and security rules are complicated to plan and configure in a way that is optimized for your business. Excessive restrictions can impede workflow and hinder productivity, but overly lax security leaves your system open to malicious hackers and viruses.
Progent's Microsoft-certified Internet Security and Acceleration (ISA) Server 2006 consultants offer cost-effective on-line expertise to help you manage and troubleshoot your ISA Server 2006 environment. Progent can also help implement a smooth and economical Microsoft Forefront Threat Management Gateway 2010 migration from ISA Server 2006. Progent's certified CISM and CISSP security consulting professionals can help you develop a comprehensive security strategy that includes other Microsoft products by offering services such as
Microsoft Exchange 2019 planning and deployment,
Microsoft Exchange 2016 integration or
Microsoft Exchange Server 2013 management and
Microsoft Operations Manager expertise for security monitoring, alerts, and reporting. Progent also maintains one of the country's largest teams of
Cisco Certified Internetwork Experts (CCIEs) who can help you design and support a secure network infrastructure with strategically selected and configured switches, routers and firewalls such as PIX and ASA network appliances. Progent can provide world-class ISA Server expertise in the form of regularly scheduled support, urgent onsite or remote help, or full-service IT outsourcing.
Contact Progent for Microsoft ISA Server 2006 Solutions
If you need help with Internet Security and Acceleration Server 2006, call 800-993-9400 or visit Contact Progent.
Progent's Consulting and Support Services for Microsoft Server Technology
For small businesses throughout the United States, Progent's Microsoft-certified experts offer computer assistance and IT consulting support for the whole array of Microsoft .NET Enterprise Servers and Windows Servers. Progent's migration, installation, optimization, and consulting capabilities cover system design, configuration, and administration outsourcing for
project analysis and documentation, local and remote
IT support and system repair,
Standard Help Desk Services or Co-managed Help Desk Call Center Services, certified
security consulting, full-service
outsourcing, and
ProSight Virtual Hosting services.
If your business needs immediate remote support from a Microsoft certified engineer, go to Progent's Urgent Remote Computer Support.
Read additional information about Progent's Consulting Services for Microsoft .NET Servers.