ISA Server 2004 UNLEASHED [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

ISA Server 2004 UNLEASHED [Electronic resources] - نسخه متنی

Michael Noel

نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
افزودن یادداشت
افزودن یادداشت جدید

Chapter 7. Deploying ISA Server as a Reverse Proxy in an Existing Firewall DMZ

IN THIS CHAPTER

ISA Server 2004 as a Security Appliance

Deploying Unihomed ISA Server 2004 Security Appliances

Configuring Existing Firewalls to Utilize ISA Server 2004 Reverse Proxy

Publishing and Securing Services in an Existing DMZ

Understanding Advanced ISA Security in Enterprise Environments

Summary

Best Practices

Although ISA Server can fit many roles within organizations, such as VPN server, Edge Firewall, Content caching device, and many more, it is not always used to fill these roles. In many deployment scenarios, ISA Server 2004 is used solely in its reverse proxy functionality. In these configurations, ISA is typically deployed in the perimeter (DMZ) network of an existing firewall, and protects web and related services such as Exchange Outlook Web Access (OWA) from external intrusion and attack. Although it does not take full advantage of ISA features, this is a perfectly valid deployment scenario, and a relatively common one at that.

Many organizations are finding that ISA Server 2004 provides for a relatively inexpensive solution to the problem of securing Internet-facing services. It doesn't require them to replace existing firewall or security infrastructure or make ISA a domain member. An ISA Server, deployed with a single NIC, looks and acts like the target web or OWA server, while instead acting as a proxy for the traffic, intercepting it and scanning it at the Application layer of the TCP/IP stack. Indeed, this is often how ISA first makes it into an organization: as security dictates an answer to the problems faced when services are exposed to the Internet.

This chapter focuses on the deployment scenarios involved with deploying ISA as a Security Appliance in the DMZ network of an existing firewall. Attention to the differences in setup and configuration between this model and the other ISA deployment models is outlined, and best practice configuration information on deploying ISA in this manner is provided, including such common tasks as securing OWA, SharePoint sites, and web servers.

/ 191