Confuring ISA Server 4 - 2nd Edition

Read more

Informationen zum Autor Debra Littlejohn Shinder is a technology consultant, trainer and writer who has authored a number of books on computer operating systems, networking, and client and server security over the last fourteen years. These include Scene of the Cybercrime: Computer Forensics Handbook, published by Syngress, and Computer Networking Essentials, published by Cisco Press. She is co-author, with her husband, Dr. Thomas Shinder, of the best-selling Configuring ISA Server 2000, Configuring ISA Server 2004, and ISA Server and Beyond. Deb has been a tech editor, developmental editor and contributor on over 20 additional books on networking and security subjects, as well as study guides for Microsoft's MCSE exams, CompTIA's Security+ exam and TruSecure's ICSA certification. She formerly edited the Element K Inside Windows Server Security journal. She authored a weekly column for TechRepublic's Windows blog, called Microsoft Insights and a monthly column on Cybercrime, and is a regular contributor to their Security blog, Smart Phones blog and other TR blogs. She is the lead author on Windowsecurity.com and ISAServer.org, and her articles have appeared in print magazines such as Windows IT Pro (formerly Windows & .NET) Magazine. She has authored training material, corporate whitepapers, marketing material, webinars and product documentation for Microsoft Corporation, Intel, Hewlett-Packard, DigitalThink, GFI Software, Sunbelt Software, CNET and other technology companies. Deb specializes in security issues, cybercrime/computer forensics and Microsoft server products; she has been awarded Microsoft's Most Valuable Professional (MVP) status in Enterprise Security for eight years in a row. A former police officer and police academy instructor, she has taught many courses at Eastfield College in Mesquite, TX and sits on the board of the Criminal Justice Training Center there. She is a fourth generation Texan and lives and works in the Dallas-Fort Worth area. Klappentext Dr. Tom Shinder has become synonomous with Microsoft's flagship firewall product ISA Server! as a result of his prominent role as a member of the beta development team! and his featured placement on both Microsoft's ISA Server website and ISAserver.org. Shinder's book on the first release of the product "Configuring ISA Server 2000" dominated the ISA Server 2000 book market having sold over 40!000 copies worldwide! and the ISA Server community is eagerly awaitung Tom's book on ISA Server 2004! which is the dramatically upgraded new release from Microsoft. Zusammenfassung Offers readers with information on installing! confiuguring! and troubleshooting ISA Server 2004 by teaching readers to deploy ISA Server 2004 in small businesses and large organizations. This book teaches how to configure complex DMZ configurations using ISA Server 2004's network awareness features and built-in multinetworking capabilities. Inhaltsverzeichnis Dedications Acknowledgments About the Authors Technical Editor A Note From the Publisher From Deb and Tom Shinder, Authors Chapter 1: Evolution of a Firewall: From Proxy 1.0 to ISA 2004 The Book: What it Covers and Who It's For Security: The New Star of the Show Firewalls: The Guardians at the Gateway ISA: From Proxy Server to Full-Featured Firewall Summary Chapter 2: Examining the ISA Server 2004 Feature Set The New GUI: More Than Just a Pretty Interface Teaching Old Features New Tricks New Features on the Block Missing in Action: Gone but Not Forgotten Summary Solutions Fast Track Chapter 3: Stalking the Competition: How ISA 2004 Stacks Up Firewall Comparative Issues Comparing ISA 2004 to Other Firewall Products Summary Solutions Fast Track Chapter 4: ISA 2004 Network Concepts and Preparing the N...

List of contents

Dedications
Acknowledgments
About the Authors
Technical Editor
A Note From the Publisher
From Deb and Tom Shinder, Authors
Chapter 1: Evolution of a Firewall: From Proxy 1.0 to ISA 2004
The Book: What it Covers and Who It's For
Security: The New Star of the Show
Firewalls: The Guardians at the Gateway
ISA: From Proxy Server to Full-Featured Firewall
Summary
Chapter 2: Examining the ISA Server 2004 Feature Set
The New GUI: More Than Just a Pretty Interface
Teaching Old Features New Tricks
New Features on the Block
Missing in Action: Gone but Not Forgotten
Summary
Solutions Fast Track
Chapter 3: Stalking the Competition: How ISA 2004 Stacks Up
Firewall Comparative Issues
Comparing ISA 2004 to Other Firewall Products
Summary
Solutions Fast Track
Chapter 4: ISA 2004 Network Concepts and Preparing the Network Infrastructure
Our Approach to ISA Firewall Network Design and Defense Tactics
Tom and Deb Shinder's Configuring ISA 2004 Network Layout
How ISA Firewall's Define Networks and Network Relationships
Web Proxy Chaining as a Form of Network Routing
Firewall Chaining as a Form of Network Routing
Configuring the ISA Firewall as a DHCP Server
Summary
Solutions Fast Track
Chapter 5: ISA 2004 Client Types and Automating Client Provisioning
Understanding ISA 2004 Client Types
Automating ISA 2004 Client Provisioning
Automating Installation of the Firewall Client
Summary
Chapter 6: Installing and Configuring the ISA Firewall Software
Pre-installation Tasks and Considerations
Performing a Clean Installation on a Multihomed Machine
Default Post-installation ISA Firewall Configuration
The Post-installation System Policy
Performing an Upgrade Installation
Performing a Single NIC Installation (Unihomed ISA Firewall)
Quick Start Configuration for ISA Firewalls
Hardening the Base ISA Firewall Configuration and Operating System
Summary
Solutions Fast Track
Chapter 7: Creating and Using ISA 2004 Firewall Access Policy
Introduction
ISA Firewall Access Rule Elements
Configuring Access Rules for Outbound Access through the ISA Firewall
Using Scripts to Populate Domain Name Sets
Creating and Configuring a Public Address Trihomed DMZ Network
Allowing Intradomain Communications through the ISA Firewall
Summary
Solutions Fast Track
Chapter 8: Publishing Network Services with ISA 2004 Firewalls
Overview of Web Publishing and Server Publishing
Creating and Configuring Non-SSL Web Publishing Rules
Creating and Configuring SSL Web Publishing Rules
SSL Bridging
SSL "Tunneling” versus SSL "Bridging”
What About SSL-to-HTTP Bridging?
Enterprise and Standalone Certificate Authorities
SSL-to-SSL Bridging and Web Site Certificate Configuration
Importing Web Site Certificates into The ISA Firewall's Machine Certificate Store
Requesting a User Certificate for the ISA Firewall to Present to SSL Web Sites
Creating an SSL Web Publishing Rule
The Publishing Mode Page
The Select Rule Action page
The Bridging Mode Page
The Define Website to Publish Page
The Public Name Details Page
The Select Web Listener Page
The User Sets Page
The SSL Web Publishing Rule Properties Dialog Box
Creating Server Publishing Rules
Creating Mail Server Publishing Rules
Summary
Solutions Fast Track
Chapter 9: Creating Remote Access and Site-to-Site VPNs with ISA Firewalls
Overview of ISA Firewall VPN Networking
Creating a Remote Access PPTP VPN Server
Creating a Remote Access L2TP/IPSec Server
Creating a PPTP Site-to-Site VPN
Creating an L2TP/IPSec Site-to-Site VPN
IPSec Tunnel Mode Site-to-Site VPNs with Downlevel VPN Gateways
Using RADIUS for VPN Authentication and Remote Access Policy
Using EAP User Certificate Authentication for Remote Access VPNs
Supporting Outbound VPN Connections through the ISA Firewall
Installing and Configuring the DHCP Server and DHCP Relay Agent on the ISA Firewall
Creating a Site-to-Site VPN Between an ISA Server 2000 and ISA Firewall
A Note on VPN Quarantine
Summary
Solutions Fast Track
Chapter 10: ISA 2004 Stateful Inspection and Application Layer Filtering
Introduction
Application Filters
Web Filters
IP Filtering and Intrusion Detection/Intrusion Prevention
Summary
Solutions Fast Track
Chapter 11: Accelerating Web Performance with ISA 2004 Caching Capabilities
Understanding Caching Concepts
Understanding ISA Server 2004's Web Caching Capabilities
Configuring ISA Server 2004 as a Caching Server
Summary
Fast Track
Chapter 12: Using ISA Server 2004's Monitoring, Logging, and Reporting Tools
Introduction
Exploring the ISA Server 2004 Dashboard
Creating and Configuring ISA Server 2004 Alerts
Monitoring ISA Server 2004 Connectivity, Sessions, and Services
Working with ISA Server 2004 Logs and Reports
Using ISA Server 2004's Performance Monitor
Solutions Fast Track
Index