Presentation on theme: "1 Enabling Secure Internet Access with ISA Server."— Presentation transcript:
1 Enabling Secure Internet Access with ISA Server
2 What Is Secure Access to Internet Resources? Users can access the resources that they need. The connection to the Internet is secure. The data that users transfer to and from the Internet is secure. Users cannot download malicious programs from the Internet.
3 How ISA Server Enables Secure Access to Internet Resources Implementing ISA Server as a firewall Implementing ISA Server as a proxy server. Using ISA Server to implement the organization’s Internet usage policy
4 What is a Proxy Server? A proxy server is a server that is situated between a client application All client requests are sent to the proxy server A proxy server can provide enhanced security and performance for Internet connections.
5 Configuring ISA Server as a Proxy Server User authentication Filtering client requests Content inspection Logging user access Hiding the internal network details
6 How Proxy Servers Work? Proxy servers can be used to secure both inbound and outbound Internet access. Forward Proxy Server: a proxy server is used to secure outbound Internet access Reverse proxy server: a proxy server is used to secure inbound Internet access Reverse Proxy Server Forward Proxy Server
7 How Does a Forward Proxy Server Work? Web Server Client makes a request for an object located on Internet The request is sent to the proxy server Check the request Send the request to Internet Web server response is sent back to the proxy server. The object is returned to the client
8 How Does a Reverse Proxy Server Work? send the request to the appropriate server on internal network resolve to the IP address make a request for an object on Internal The object is returned to the client Web server response is sent back to the proxy server DNS Server sends the request for the object Check the request ISA SERVER Web Server Client
9 Web Proxy Chaining Use to forward Web Proxy connections from one ISA firewall to another ISA firewall
11 ISA firewall’s Access Policy Web Publishing Rules Server Publishing Rules Access Rules Web Publishing Rules and Server Publishing Rules are used to allow inbound access Access Rules are used to control outbound access.
12 Access Rule Elements Protocols User Sets Content Types Schedules Network Objects
13 Protocols Protocol Type Direction Port range Protocol number ICMP properties (Optional) Secondary connections
14 User Sets All Authenticated Users All Users System and Network Service
15 Configuring ISA Server Authentication Basic authentication Digest authentication Integrated Windows authentication Digital certificates authentication Remote Authentication Dial-In User Service
16 Content Types Application Application data files Audio Compressed files Documents HTML documents Images Macro documents Text Video VRML
17 Schedules and Network Objects Schedules: Work Hours Weekends Always Network Objects: used to control the source and destination of connections moving through the ISA firewall.
18 Configuring Access Rules for Outbound Access By default, ISA Server denies all network traffic between networks connected to the ISA Server computer.
19 Configuring Access Rules for Outbound Access