Download presentation
Presentation is loading. Please wait.
Published byAileen Sparks Modified over 9 years ago
1
ISA Server 2004 Introduction Владимир Александров MCT, MCSE, MCSD, MCDBA Корус, Управител jm@chorus-bg.com
2
Agenda Firewall evolution ISA2004 Overview More features drilldown Scenarios and demos
3
Firewall Evolution
4
Traditional Firewalls Wide open to advanced attacks Code Red, Nimda Code Red, Nimda SSL-based attacks SSL-based attacks Performance vs. security tradeoff Bandwidth too expensive Bandwidth too expensive Too many moving parts Too many moving parts Limited capacity for growth Not easily upgradeable Not easily upgradeable Don’t scale with business Don’t scale with business Hard to manage Security is complex Security is complex IT already overloaded IT already overloaded Problem Implications Implications
5
ISA2004 Overview
6
What is ISA2004 Full blown edge firewall Wide variety of firewall edge scenarios VPN, Proxy & Cache Very easy to use Easy installation & setup Easy policy configuration Reduced risk of configuration mistakes Advanced protection for MS applications Built in MS-specific filters Defense in Depth High performance Highly secure platform
7
Scenarios Edge Firewall Multi Networks DMZ Web Caching Secure Publishing Exchange Web servers Others Remote Access (VPN) Branch office Remote site security S2S VPN – Including IPSec (for interop) Integrated Solution Single edge security solution Easy Unified management
8
What’s new vs. ISA2000 ? Support for multiple networks New integrated single policy model Intuitive UI Application Layer Filtering improvements Logging & monitoring Integrated VPN Security Enhancements And more…
9
Multiple Networks
10
ISA 2000 networking model Internal Network Internet DMZ 1 Single “outbound” policy Single “outbound” policy “In” (LAT) and “out” (Internet, DMZ)“In” (LAT) and “out” (Internet, DMZ) ISA 2000 Static PF Only Static filtering from DMZ to InternetOnly Static filtering from DMZ to Internet
11
The new networking model Network A Internet DMZ 1 DMZ 2 Network B VPN Network Any number of networks Any number of networks Assigned relationships Assigned relationships Per network policy VPN represented as network ISA 2004 Isolation of the firewall host
12
Demo 1: Connecting networks
13
New Policy Model
14
ISA 2000 rules Basic ISA 2000 rules: Protocol rules Site and Content rules Static packet filters Publishing rules Web publishing rules Other filtering configuration Other ISA 2000 rules: Address translation rules Web routing rules Cache rules Configuration policy Firewall policy
15
ISA 2004 Policy Rules Single rule base Rules evaluated in order Support for multiple networks Integration with application filtering – part of rule System rules for built in policies Rich set of building blocks
16
User Interface
17
The User Interface Drag & Drop toolbox Task pane for common tasks Wizards Network templates Dashboard Policy Editor Toolbox Network Templates Task Bars MMC…On Steroids!
18
Application Layer Filtering
19
IP/Port filtering is not enough Hackers attack via application layer vulnerabilities (Nimda, Slammer...) HTTP - the carrier protocol Users need the ability to define a fine grain, application level security policies. Firewalls need to understand applications, beyond TCP/IP
20
ISA 2004’s application filtering Open platform for app layer filtering Built in filters for common protocols Scenario-driven design (protect Exchange, IIS) Rich partners community
21
Logging and Monitoring
22
ISA Server 2004 Monitoring Goals Server Status – It’s a critical service Troubleshooting – Quick and easy Investigations – Attacks, mistakes Future Planning – optimizing network performance
23
ISA 2004 Monitoring Tools Dashboard – centralized view Alerts – One place for all problems Sessions – Active sessions view Services – ISA services status Connectivity – Connectivity to network svcs Logging – Powerful viewer of ISA logs Reports – Top users, Top sites, Cache hits…
24
Dashboard
25
Logging
26
Reports
27
Security Enhancements
28
Engine Security Enhancements Session quota restrictions Restriction of user sessions (protection against Denial of Service attacks) IP options filtering Filter out individual options Lockdown mode Restrict firewall machine access on service failures Fail to most secure mode
29
And there’s more… Authentication improvements RADIUS OWA Form authentication Secure ID Integrated VPN IPSec tunnel mode for interoperability Quarantine support Full control over RRAS Performance Improvements Kernel and user mode improvements Web proxy improvements due to integration into the firewall
30
Demo 2: Secure publishing Publishing Internal Mail Server SMTPPOP3/IMAP4RPC Publishing Internal Exchange 2003 Server Publishing Outlook web access Publishing RPC over HTTP Publishing RPC interfaces (NtFrs etc.)
31
QuestionsQuestions
32
© 2003 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.