Configuring a gateway to gateway VPN is easy using ISA Server. The reason why it’s so easy is that the Local and Remote VPN Wizards make the setup a virtual no-brainer. Well, it’s a no-brainer when you’re configuring PPTP VPN gateways. But if you’re in the market for a high security L2TP/IPSec gateway to gateway VPN, you probably have either been trying to avoid it like the plague or you are pulling your hair out trying to figure out how to make it work!
ISA Server is all about security. ISA is about securing network access into and out of the internal network. But after you’ve done all of your configuring, how do you know that you’ve done an adequate job of securing the internal network and the system that ISA Server is running on?
In part one of our ISA Server Security checklist series, we talked about how to secure the operating system and network interfaces on the ISA Server. In part 2 we'll focus on ISA Server specific configuration issues that you can use to optimize security.
It is important to have some sort of authentication method when using clients to access a resource through ISA, not doing so could result in unauthorized access to resources in or outside of your network. ISA has various methods of authenticating clients, I have discussed this in a previous tutorial (Understanding ISA’s different Authentication types). I will tutor you on how to configure various authentication types best suited for your ISA server. While showing you in five easy steps, how to configure the various authentication types, I will not go into too much detail on each authentication type. For more comprehensive on authentication types information please refer to my previous tutorial (Understanding ISA’s different Authentication types).
A common issue that pops up on the www.isaserver.org web boards is how to configure a DMZ segment on a trihomed ISA Server. Setting up a trihomed ISA Server with a directly attached segment acting as a DMZ is fairly simple.
This tutorial was made to enable you to understand why a firewall client is used and also to understand it’s limitations and advantages over other ISA clients. Please NOTE: this tutorial is not here to describe how to configure the firewall client in detail.
I get a lot of questions about how can ISA Server be used to block dangerous applications. What is a dangerous application?
As part of monitoring, it is vital that you get alerted when there is an intrusion or an attack taking place on your network. ISA has methods of identifying when an attack is attempted or taking place on your network. ISA Server compares network traffic and log entries to well-known attack methods that are used by hackers. ISA also has the capability of taking actions when these attacks are taking place.
ISA Server can be used to prevent the spread of the Code Red worm and its current (as of August 24, 2001) variants (such as Code Red and Code Red II). This has not been tested against the new Code Red.d variant.
ISA Server supports both distributed and hierarchical caching. In distributed caching, the ISA Server cache is distributed among array members. In hierarchical caching, different ISA Servers or arrays can connect to other ISA Servers or arrays for cached data access, or eventual access to the Internet. The array closest to the Internet is considered the "upstream" array while the array that is most far from the Internet is considered the "downstream" array. Aside from caching, a chained configuration can provide authentication functions as well.