Understanding ISA Server 2004 Enterprise Edition
Unlike most Microsoft products, the Standard and Enterprise versions of ISA Server were released separately, approximately a half year apart from each other. This caused some confusion over what the Enterprise Edition was, and what distinguished it from the Standard version and the previous Standard and Enterprise versions of ISA 2000. To more fully understand the Enterprise version, it is important first to note the differences between Standard and Enterprise.
Exploring the Differences between the Standard and Enterprise Versions of ISA Server 2004
The Enterprise version of ISA Server 2004 contains all the features and functionality of the Standard version, in addition to the following features:Network Load Balancing (NLB) Support
Only the Enterprise version of ISA Server 2004 supports Network Load Balancing (NLB) clusters, allowing for automatic failover and load balancing of services across array members.Cache Array Routing Protocol (CARP) Support
The Enterprise version supports the Cache Array Routing Protocol (CARP) to properly balance web proxy requests across an array.Configuration Storage Server (CSS)
One of the biggest differences between Standard and Enterprise is that the Enterprise Edition uses a Configuration Storage Server (CSS) to store ISA rules and configuration. A CSS is an Active Directory in Application Mode (ADAM) implementation (essentially a "light\'94 version of an Active Directory forest) and can be installed on nonISA Servers. This also allows for centralized management of ISA Servers.Enterprise and Array Policy Support
As opposed to the Standard version, which allows only a single set of rules to be applied, ISA Enterprise allows a combination of global Enterprise policy rules, and individual array rules that are used in combination with one another.
Designing an ISA Server 2004 Enterprise Edition Environment
The Enterprise version of ISA Server 2004 is designed in a different way than the Standard version is. For instance, the CSS component itself changes the entire design equation. The concept of arrays also makes an ISA Enterprise version unique. It is subsequently important to understand what design factors must be taken into account when dealing with the EE.The first design decision that must be made with the Enterprise Edition is where to store the CSS. The CSS is a critical server in an ISA topology, and can be installed on any Windows 2000/2003 server in an environment. In certain cases, it is installed on the actual ISA Servers itself, and in other cases it is installed on a dedicated machine or on a Domain Controller.In smaller environments, the CSS would be installed directly on the ISA server. In larger and more secure environments, however, the CSS would be installed on systems within the network, such as in the ISA environment displayed in Figure 6.1.
Figure 6.1. Examining a complex ISA Enterprise deployment.
[View full size image]
Figure 6.2. Conceptualizing the CSS deployment model illustrated in this chapter.
[View full size image]