- Getting started with Microsoft ISA Server 2006, Part 1: Introduction
- Getting started with Microsoft ISA Server 2006, Part 2: Environment Setup
- Getting started with Microsoft ISA Server 2006, Part 3: Installation
- Getting started with Microsoft ISA Server 2006, Part 4: Service Pack 1
- Getting started with Microsoft ISA Server 2006, Part 5: Network Layout Concept
- Getting started with Microsoft ISA Server 2006, Part 6: Configure Network Layout
- Getting started with Microsoft ISA Server 2006, Part 7: Create DNS Lookup Rule
- Getting started with Microsoft ISA Server 2006, Part 8: Create Web Access Rule
- Getting started with Microsoft ISA Server 2006, Part 9: Client Configuration
- Getting started with Microsoft ISA Server 2006, Part 10: Logging
- Getting started with Microsoft ISA Server 2006, Part 11: HTTP Filtering
- Getting started with Microsoft ISA Server 2006, Part 12: Block Windows Live Messenger
Getting started with Microsoft ISA Server 2006, Part 1: Introduction
Microsoft Internet Security and Acceleration Server (ISA Server) is a firewall and proxy software from Microsoft. It can protects local network from hackers, limits access for internet access, improve internet speed for users and logging any connections that pass through an ISA Server.
History of ISA Server
The history of ISA Server starts from Microsoft Proxy Server 1.0 and Microsoft Proxy Server 2.0 which both were released in 1997. They were merely designed to provide internet access (Internet Sharing) and came in only one edition of each version. Microsoft Proxy Server 1.0 only has basic functionality and many limitations. The second version improves many features from the previous version. It supports Windows NT account integration, many more protocols, packet filtering capability.
Then, ISA Server 2000 was released in 2001. And in 2004 for ISA Server 2004 and ISA Server 2006 in 2006. Each product has two editions: Standard and Enterprise. ISA Server 2004 introduced multi-networking support, integrated virtual private networking (VPN) configuration, Application-Layer Firewall support, support for the H.323 protocol, Active Directory Integration, SecureNAT, Secure Server Publishing, and improved reporting and management features. The rules based configuration was also considerably simplified on ISA Server 2000. ISA Server 2004 Enterprise Edition included array support, integrated Network Load Balancing (NLB), and Cache Array Routing Protocol (CARP). One of the core capabilities of ISA Server 2004 was its ability to securely publish Web servers. ISA Server 2006 is an updated version of ISA Server 2004. It doesn’t has major difference compare to ISA Server 2004. Most features and interface of both versions are quite similar.
The future version of ISA Server is Forefront Threat Management Gateway which runs only on 64-bot platform and Windows Server 2008. At this time, the current version is beta 3.
Features of ISA Server 2006
Microsoft ISA Server 2006 has 2 editions: Standard and Enterprise. The major different of the two editions are scalability and network load balancing capable. The standard edition can be installed on a single server up to 4 CPUs and memory (RAM) limits at 2 GB. See Comparison of Standard and Enterprise Editions for ISA Server 2006 for more information.
Here is the summary features of ISA Server 2006:
- Multi-layer firewall. Provides three types of firewall functionality: packet filtering (also called circuit-layer), stateful filtering, and application layer filtering.
- Application layer filtering. Provides deep content filtering through built-in application filters.
- Virtual private networking capability.
- Intrusion detection capability. Flood protection such as denial of service (DoS) and distributed denial of service (DDoS) attacks, IP spoofing protection, etc.
- Supports various authentication. Authenticate users with built-in Windows, LDAP, RADIUS, or RSA SecurID authentication.
For more details, see Key features of ISA Server 2006.
What’s Next?
You have now know about ISA Server 2006. Next following articles, I will show sample installation, configuration and real-world application of ISA Server 2006. On the sample, I will use Microsoft ISA Server 2006 Enterprise edition with service pack 1.
You can view the index of the series at the top of this post.
Back to top
Hello,
I really like your manual.
It’s been a great help.
Hi,
I have configured ISA 2006 as per the article published, and created all rules
but still not able to access the internet. please help me out to setup the ISA 2006.
(Running on 2003 server ent R2 in WORKGROUP Mode)
My network design as follows (Testing ISA2006)
DSL – Link from ISP (Public IP 66.XX.XX.XX)
||
||
Connected with One of the Nic card in the ISA server
||
||
Another Nic Card was connected with Switch (IP address : 192.168.8.1)
||
||
Now when i try to initiate the connection form the ISA server (eg: http://www.google.com)
i am getting error “INTERNET EXPLORER CANNOT DISPLAY THE PAGE”, i want to implement
this in my new network.
||
||
How can i solve the issue? Please help me out.
John.R
Hi, John
Have you create an access rule to allow traffic? If yes, try to observe Logging to see which rule ISA server has applied when you try access the Internet.
Hi Linglom,
i have verified the Logging and notified that it was using the default rule.
I have created 3 rules one to allow HTTP and HTTPS traffic for domain users
second one to allow DNS server from the range (4.2.2.1 to 4.2.2.5) for domain users
third policy was the default one whic denies all request,
This is the default rule which my ISA was using also see the log which i get from ISA.
==========Log start=================
Denied Connection ISA2006 8/19/2010 12:09:49 PM
Log type: Web Proxy (Forward)
Status: 12209 The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied.
Rule: Internet-allowed
Source: Internal (192.168.8.15)
Destination: External (192.168.8.25:8080)
Request: GET http://www.google.com/
Filter information: Req ID: 07b4b698; Compression: client=No, server=No, compress rate=0% decompress rate=0%
Protocol: http
User: anonymous
Additional information
Client agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; yie8)
Object source: (No source information is available.)
Cache info: 0x0
Processing time: 12000 ms
MIME type:
=============Log Ends============
sir i create a allow rule and deny rule which rule set up it work
example: if i select the allow rule up all the user allow
and if select the deny rule up all the user deny
also allow user deny too
help solve this problem