ISA Server 2004 UNLEASHED [Electronic resources] نسخه متنی

Understanding the Importance of a Maintenance Plan for ISA

It is sometimes difficult to keep ahead of this type of schedule, so developing a custom maintenance plan for ISA server is recommended. It should include the types of tasks that should be run on ISA on a daily, weekly, monthly, quarterly, and yearly basis. A task list of this type can also be beneficial for audits and compliance with governmental regulations such as those stipulated by Sarbanes Oxley, Gramm-Leach Bliley, HIPAA, and others. Having this type of paper trail to ISA maintenance can help to assure auditors that due diligence is being performed and security measures are being taken.

Keeping Ahead of Updates and Patches

Software is constantly being changed, with features added, bugs fixed, and improvements made. At the same time, malicious computer hackers are constantly probing software for holes and exploits, modifying techniques, and attacking in numbers. For this reasons, it is critical to keep an ISA Server system updated with the recent security patches and fixes on a regular basis to minimize the threat posed by these types of systems.

ISA itself is often the first or second line of defense for an organization, bearing the brunt of attacks and exploit maneuvers, so it is doubly important to maintain it with the latest in security patches and updates.

Taking a Proactive Approach to Security Maintenance

Unfortunately, there is no "cruise control" button on an ISA server that can be pressed after it is put into place to automatically keep it up to date, patched, and monitored. Because of the sensitive nature of the server, it is unwise to turn on automatic updates and/or automatic patching solutions. This leaves it squarely in the hands of the ISA administrator to take a proactive approach to security maintenance, heading off potential exploits and attacks before they occur.

In reality, nearly all security vulnerabilities that have arisen in modern business environments, such as Code Red, Nimda, and SQL Slammer, had patches available before the outbreak of the exploit or virus. If a proactive maintenance plan had been in place for many of the servers that were affected by these exploits, the extent of the damage would have been limited. This underscores some of the reasons for developing a solid ISA maintenance plan.

NOTE

It is important to point out that although ISA is run on the Windows operating system, a vast majority of the hotfixes and patches that are generated to address exploits in Windows do not affect ISA servers. ISA servers by default drop most traffic and ignore the types of requests across which exploits normally travel. This makes the "surface area" of an ISA server quite small, in comparison with a standard Windows server. That said, it is still important to keep the ISA Server OS up to date and patched to avoid any potential for a failure in ISA programming.

Understanding ISA Server's Role in an IT Maintenance Plan

ISA Server itself is typically only a small component in an IT organization and encompasses a small portion of the total IT environment. The maintenance plan and procedures generated for ISA should take this into account, and should dovetail with existing main tenance plans and documentation. If existing maintenance documentation is not readily available, or never was created, then the ideal time for creating an omnibus IT main tenance plan would be when the ISA plan is drawn up.