If you’ve ever taken the opportunity of reviewing your System Policy Rules (and this is something that you should do immediately after installing an ISA or TMG firewall), you might have noticed that there is a System Policy Rule for Web Management.
I remember the first time I saw that System Policy Rule. I thought “whoa! ISA has a Web management console? I wonder why I haven’t heard about it before”. The reason why I hadn’t heard about it before is that no such console exists.
This System Policy Rule was included to support OEM vendors who build “hardware” versions of the ISA or TMG firewall. The OEM can use this System Policy to support their own custom Web Management platform. Microsoft does not include a Web management console and from all I know, they never plan to implement one.
I know that Web management was a hot topic several years again, but I think the demand for Web based management has fallen by the wayside, as it’s become clear to most security admins that Web based management always represents a compromise compared to a rich client management tool. Nevertheless, there are always a few holdouts who prefer Web based management and so Microsoft has created this rule so that OEMs can accommodate such users.
For more information on this issue, check out Richard Hicks’ article on this subject at:
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer