ISA Server 2006 Technical Overview
Howard Chow Microsoft MVP
�What Will We cover?
• ISA Server 2006 Security Features • ISA Server 2006 Tool Set • Branch Office Benefits • ISA Server 2006 Tools
�Helpful Experience
• Experience with the Windows UI • Experience Supporting Networks • Experience with firewall applications
Level 200
�Agenda
• Introduction to ISA Server 2006 • Secure Application Publishing
• Branch Office Protection
• Firewall and Proxy Enhancements
• Monitoring ISA with MOM
�Introducing ISA Server 2006
ISA Server 2006
• Protects resources What is ISA Server 2006? • • • • Connects directly to the Internet
and your private network
Screens network traffic Acts as a proxy for internal services Windows XP and later includes ICF
�ISA Server 2006 Editions
�ISA Server 2006 Appliances
Key Benefits
Easy to deploy Cost-effective Hardware loaded & tested Hardened configuration Better value Web-based admin tools
Content Filtering
Protocol Accelerators
Antivirus Gateways Warranty and Support
�What’s New in ISA Server 2006
Efficient Management Fast, Secure Access Integrated Security
• • Enhanced certificate administration Enhanced multi-factor authentication Single sign on • • Web publishing load balancing • Comprehensive link translation Enhanced authentication delegation • Answer traffic compression and caching files • • HTTP BITS caching • Faster propagation, Low-bandwidth optimizations • • Log throttling • Better bandwidth utilization Enhanced flood resiliency • • Management Pack for Operations Manager 2005 Enhanced worm resiliency • Alert triggers and responses
�Demo
demonstration
Introducing ISA Server 2006
Explore the User Interface Create the Perimeter Network Configure Perimeter Access
�Agenda
• Introduction to ISA Server 2006 • Secure Application Publishing
• Branch Office Protection
• Firewall and Proxy Enhancements
• Monitoring ISA with MOM
�Security
Security Concern Solution
Protection against attacks cloaked in SSL Bridging encrypted content Enhanced multi-factor authentication LDAP authentication support Forms-based pre-authentication
Increased security Make better use of AD authentication
Stronger authentication methods
Enhanced authentication delegation Improved session management
�Managing Application Publishing
Automated tools for Exchange Automated VPN policy Management Unified firewall &tools for SharePoint Automated tools for other Web servers Deep content inspection Enhanced certificateintegration Web Publishing Load Balancing Strong Logging & reporting capabilities VPN Quarantine administration
�User Access
Single sign-on
Automatic link translation
�Demo
demonstration
Secure Application Publishing
Configure IIS for Secure Exchange Web Access Publish OWA Use OWA from the External Network
�Agenda
• Introduction to ISA Server 2006 • Secure Application Publishing
• Branch Office Protection
• Firewall and Proxy Enhancements
• Monitoring ISA with MOM
�New Management Features
Branch Office Connectivity Wizard Answer files on removable media
Faster propagation of enterprise policies
Secure remote management
Multi-network architecture Network templates and Configuration tools
�Microsoft Update Caching
Benefits it? What is
Reduce the impact of downloading software updates Cache software updates using BITS
Reduce your Server’s existing new threats emerge Builds on ISAdays-of-risk when cache technology
Improves the value of ISA Server 2006 as an Microsoft solution Windows Server Update Services, Windows / integrated Update
ISA Server will cache HTTP not have WSUS or SMS Ideal for remote sites that docontent-range requests
Integral piece of the Microsoft Update platform
�Branch Office Gateway Access
HTTP traffic compression
DiffServ IP settings
Integrated Web caching Cache server array Distributed Hierarchical caching
�Demo
demonstration
Configuring Branch Office Gateway
Configure HTTP Compression Configure Caching Configure DiffServ Settings
�Agenda
• Introduction to ISA Server 2006 • Secure Application Publishing
• Branch Office Protection
• Firewall and Proxy Enhancements
• Monitoring ISA with MOM
�More Secure Firewall and Proxy
�Flood Resiliency
• Log throttling • Control of memory consumption • Control of pending DNS queries
�Demo
demonstration
Implementing Web Access Protection
Review Flood Resiliency Settings
�Agenda
• Introduction to ISA Server 2006 • Secure Application Publishing
• Branch Office Protection
• Firewall and Proxy Enhancements
• Monitoring ISA with MOM
�Microsoft Operations Manager 2005
Knowledge basepacks Server health indicators Management content
�Demo
demonstration
Monitoring ISA Server with MOM 2005
Deploy the MOM Agent Monitor ISA Server
�Session Summary
• Standard and Enterprise editions • Many new security features • Many tools available
�For More Information
Visit TechNet at
www.microsoft.com/technet
Visit the url below for additional information
www.microsoft.com/technet/sec-03
�Readiness with Skills Assessment
• Self-study learning tool free to anyone. • Determines skills gaps. • Provides learning plans. • Post your Score, see how you stack up.
Visit
www.microsoft.com/assessment
�Become a Microsoft Certified Professional
• What are MCP certifications?
Validation in performing critical IT functions.
• Why Certify?
WW recognition of skills gained via experience. More effective deployments with reduced costs
• What Certifications are there for IT Pros?
MCP, MCSE, MCSA, MCDST, MCDBA.
www.microsoft.com/learning/mcp
�Heard the News about TechNet?
• Software without time limits! • Complimentary technical support.
• The most current resources on hand
www.microsoft.com/technet/subscriptions
�Find all these support options at www.microsoft.com/technet/support
Microsoft offers a progressive series of support options starting with no-charge online support and developing through subscription, incident, and contract support. 1. No-Charge Online Support
Knowledge Base
Search a vast database of articles to pinpoint the information you need.
2. Subscription-Based Support
TechNet Subscription
Subscribe to TechNet for a personal library of articles, service packs, how-tos, resource kits, tools, utilities, and more. Your subscription includes monthly updates delivered on CD or DVD, so you always have the latest information, straight from the source. Upgrade to a TechNet Plus subscription and add all this: 1. Full-version evaluation software, including Microsoft Office System and Windows Server System™ products, without time restrictions. 2. Free support — two complimentary incidents, plus a discount on other support calls. 3. Unlimited, next-business-day access to reliable answers from the IT community and Microsoft Support Professionals through Managed Newsgroups (English only).
3. Assisted Incident Support
E-mail Support
Get online incident help via e-mail from a Microsoft Support Professional.
4. Contract-Based Support
Premier Support
Newsgroups
Access over 20,000 active newsgroups on scores of topics.
Phone Support
Get incident help over the phone from a Microsoft Support Professional.
Product Support Centers
Get answers to frequently asked questions, plus how-to articles and stepby-step instructions organized by product.
Phone Support Contract
Save with a discounted 5-Pack Phone Support contract.
Advisory Services
Add remotely delivered consultation options from Microsoft Advisory Services for proactive support that goes far beyond routine product maintenance.
Get the flexibility to match support options to your organization and enjoy direct access to Microsoft technical experts at any time, day or night. Premier Support delivers customized options for businesses with complex needs, including dedicated technical professionals to oversee your support, 24x7 problem resolution, and training and workshops that keep your IT staff up to date.
DLL Help Database
Search here to identify the software used to install a specific DLL version.
Essential Support
Essential Support offers prepackaged options specifically designed to meet the fundamental support requirements of any business, large or small. Includes account management, problem resolution, and information services.
Events and Errors Message Center
Resolve event and error messages fast with explanations, recommendations, and links to support and resources.
Support Webcasts
Tune in to live technical presentations by Microsoft experts and take part in realtime Q&A.
Chats
Chat online with Microsoft specialists or search the transcript archives.
User Group Program
Access information and support for IT and other interest-specific user groups.
TechNet Security Resource Center
Get ahead of security risks with resources that keep you current, including security newsletters and the Microsoft notification service.
�Where Else Can I Get Help?
• Free chats and webcasts • List of newsgroups • Microsoft community sites • Community events and columns
www.microsoft.com/technet/community
�