Configuring Add-ins
One of the biggest advantages to ISA Server 2004 is its ability to have its base application-filtering engine easily extended with third-party add-in functionality. This makes ISA a strong candidate for software to provide advanced web filtering, anti-virus applications, intrusion detection filters, and additional VPN capabilities.Part III of this book, "Securing Servers and Services with ISA Server 2004."
Figure 3.34. Examining the Add-ins node of the ISA Console.
[View full size image]
Exploring Application Filters
Application filters in ISA were specifically created to examine the traffic being passed through the server and make sure that it is not simply a piggy-backed exploit or attack. Each application filter contains language specific to the protocol it is filtering, so it can identify and block traffic that does not comply with the proper use of the protocol. The following application filters are configured by default in ISA Server 2004:DNS filterFTP Access filterH.323 filterMMS filterPNM filterPOP Intrusion Detection filterPPTP filterRPC filterRTSP filterSMTP filterSOCKS V4 filterWeb Proxy filter
Examining Web Filters
In addition to the default application filters available with ISA Server 2004, a series of web filters is also installed that extends the capability of ISA to scan incoming web (HTTP) packets. These web filters, shown in Figure 3.35, allow for advanced HTTP filtering capabilities, such as the capability to secure Outlook Web Access (OWA) traffic, or the capability to perform Link Translation.
Figure 3.35. Viewing Web Filters in the Add-ins node.
Chapter 14, "Securing Web (HTTP) Traffic."