Download presentation
Presentation is loading. Please wait.
Published byAlexandrina Shaw Modified over 9 years ago
1
Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa
2
Module 1 Introduction
3
The Purpose of the ISA Server Microsoft® Internet Security and Acceleration Server 2000 (ISA Server) is an extensible enterprise firewall and Web cache server built on the Windows® 2000 operating system security, management and directory for policy-based access control, acceleration and management of internetworking. ISA Server Enterprise Edition adds support for clustering, but makes modifications to the local domain's Microsoft Active Directory® active directory schema. For evaluation purposes, you should set up a four-computer test environment that is isolated from your production network. With the ISA Server Standard Edition, you can review the core firewall and caching functionality of ISA Server without an update to your Active Directory schema.
4
The Purpose of The ISA Server (cont.) ISA Server 2000 is an intelligent application layer firewall and Web caching server that helps protect the network from external attacks and from exploits that may originate from the internal network behind the ISA Server 2000 machine. The ISA Server 2000 Web cache helps network users reduce overall bandwidth utilization and can provide for a faster Web access experience for campus Internet users by returning popular Web content from the ISA Server 2000 Web cache on the local network instead of from a increasingly congested Internet. ISA Server can provide value to information technology managers, network administrators, and information security professionals who are concerned about the security, performance, manageability, or operating costs of their networks. ISA Server can be used in a wide range of scenarios, from small schools, districts and satellite campuses to major, multi-campus systems and statewide networks.
5
End of Module
6
Module 2 ISA Server Installation
7
Installation Process
8
Installation Process (cont.)
17
End of Module
18
Module 3 Network Security
19
The Threat (Internet) –Hackers/Crackers –Script Kiddies Type of Firewalls –Traditional –Application
20
Hackers/Cracker Skill Level –High Level Motivation –Test Skill Level –Monetary Gain –Freedom
21
Script Kiddies Skill Level –Low to Medium Level Motivation –Imitation –Curiosity –Build Skill Level
22
Traditional Firewall OSI Layer 3 & Layer 4 NAT Function of SPI firewall –source address, destination address, source port, destination port and direction –Denial of Service (DoS) attacks, Ping of Death, SYN Flood, LAND Attack, and IP Spoofing (Pattern) Great at lower level protocol attacks
23
Application Firewall (Proxies) OSI Layer 7 Application Level Filtering (Going up the OSI Layer) –OS vulnerabilities, Application vulnerabilities –Nimda, Code Red, SQL Slammer worm, SQL poisoning –Most likely to spread via email or unfiltered/open port
24
End of Module
25
Module 4 ISA Server to the Rescue
26
ISA Server Architecture Standalone Enterprise –Firewall –Cache Proxy –Integrated
27
ISA Server as a Standalone [1]
28
ISA Server in the Enterprise [1]
29
Multi-layered Firewall Static and Dynamic packet filtering Circuit Filtering (ISA Client) Application Filtering
30
Features of ISA Server Stateful Inspection Secure Server Publishing Intrusion Detection Client Transparency (SecureNAT) Strong Authentication SDK
31
Stateful Inspection Allows ISA Server to determine the state of a given session Configurable through access policy rules that open ports automatically (dynamic IP packet filtering) Excellent for filtering streaming media applications
32
Secure Publishing Web Server Email Server (Exchange) Servers are Never Exposed
33
Intrusion Detection Licensed technology from Internet Security Systems Administrator can set triggers Triggers can be configured to stop the firewall, write to system log or run script
34
Client Transparency SecureNAT No client to install Configurable for outbound traffic
35
Software Development Kit SDK Create Custom Extensions Comes with Sample Code Detailed Documentation
36
Authentication Web Proxy Incoming/Outgoing Web Traffic Basic (plain text) (Not Strong!) Digest Integrated Windows (NTLM & Kerberos) Client Certificates Pass-through authentication
37
End of Module
38
Module 5 A Closer Look to The ISA Server Management Tool
39
Management Console
40
ISA Server – Web Publishing Feature
41
ISA Server – Web Publishing Feature (cont.)
54
ISA Server – Web Cashing Feature
55
ISA Server – Web Cashing Feature (cont.)
61
Module 6 SQL Slammer Filter
62
Creating a Filter for SQL Slammer Create a definition Create a rule
63
Step 1 – Create Definition
64
Step 2
65
Step 3
66
Step 4
67
Step 5
68
Step 6
69
Step 7 – Create Rule
70
Step 8
71
Step 9
72
Step 10
73
Step 11
74
Step 12
75
Step 13
76
End of Module
77
Conclusion ISA Server was designed to meet the needs of Internet- enabled business by providing enterprise-class security, fast Web caching performance and powerful unified management tools built for Windows 2000 and 2003 Server. ISA Server provides a multilayered firewall with built-in intrusion detection to keep internal networks safe. ISA Server provides businesses with secure, fast Internet connectivity built on the powerful management features of Windows 2000 and 2003 Server. ISA Server provides scalability for both small and enterprise class environments
78
Resources [1] http://www.microsoft.com/isaserver/http://www.microsoft.com/isaserver/ [2] http://www.isaserver.orghttp://www.isaserver.org [3] http://www.techiwarehouse.com/Articles/20 02-12-23.html http://www.techiwarehouse.com/Articles/20 02-12-23.html [4] http://labmice.techtarget.com/BackOffice/IS AServer2000/default.htm http://labmice.techtarget.com/BackOffice/IS AServer2000/default.htm
79
Glossary Kerberos - a secure method for authenticating a request for a service in a computer network. Kerberos was developed in the Athena Project at the Massachusetts Institute of Technology (MIT). NTLM - a Microsoft-Proprietary protocol that authenticates users and computers based on an authentication challenge and response. Stateful Inspection - Stateful inspection is an advanced firewall architecture that was invented by Check Point Software Technologies in the early 1990s. Inspects the header of packets. NAT - Network Address Translation (NAT) is the translation of an Internet Protocol address used within one network to a different IP address known within another network.
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.