ISA Server

This internet access control article aims to tackle the various security issues facing companies such as, viruses, hackers and much more. Controlling and monitoring internet access is a must for every corporate network to ensure ultimate network security and integrity. Also reviews products which are leading the way in network security and controlling internet access.

We tested the ISA Server 2000 using two popular free open-source network attack tools, Nessus.org's Nessus 1.0.5 and Insecure.org's NMAP 2.53. Both hacking tools revealed open-port vulnerabilities, but these weaknesses were minor ones that likely wouldn't cause real damage to a network: ISA Server 2000 blocked the most threatening attacks. Microsoft officials said they plan to address these issues before the final release, which is slated for the end of the year. Prices were not available at press time. In tests, ISA Server 2000 had impressive management capabilities, and its support for third-party security devices will suit the security needs of large companies migrating to Windows 2000.

We begin by summarizing the cornerstone of Windows NT security — user authentication. You must understand its basics before you can make some central decisions about domain structure, the most fundamental determinant of who does what on your network and where they can do it. A networked operating system like Windows NT imposes security by granting specific services and fulfilling specific requests to some people and not others. Basic to this decision is "who is the person." Like most operating systems, Windows NT casts the user identity in a user account, a collection of information about what the user or users of that account can and cannot do on the system.

With the introduction of Proxy Server 1.0, Microsoft made its first foray into two burgeoning new markets: Internet security and accelerated Web access. Although the initial version of Proxy Server provides only basic security features and doesn't support several popular Internet protocols, it quickly gained popularity among Windows NT-centric organizations that needed user-level access control to Internet services, Internet firewall functionality, and accelerated Web access.

Although the Microsoft Internet Security and Acceleration (ISA) Server is a descendent of Microsoft Proxy Server, the new product is much more than a simple upgrade. ISA Server introduces many new features and improves Proxy Server's existing capabilities.

When Microsoft's Proxy Server first became available in October of 1996, industry analysts knew it would only be a short amount of time before the company would take the product further to produce a full blown firewall system. They were right. Microsoft's new Internet Security and Acceleration (ISA) server, currently in beta, is positioned as a firewall and traffic management system to compliment Windows 2000 Server. Analysts now say ISA Server threatens the marketspace of long time security solution providers such as Checkpoint Technologies, Cisco Systems, and Network Associates.

ISA 2000 is an application-level firewall with data-aware filtering capabilities as well as IP packet filtering functionality. To accelerate Web access ISA caches both inbound and outbound Web traffic, which means the server could be used to speed outbound Web access or as a front end to Web server farm to help offload traffic. ISA supports the Cache Array Routing Protocol (CARP) so the product can be scaled to fit larger traffic requirements.