Index
D
Darrow, Chris, 65
Dashboard, ISA Server 2004feature described, 168-169, 943-951, 998
monitoring connectivity from, 967-970
monitoring node, ISA Server 2004, 87-88, 134
dataassessing type of, 1044availability of, 1010erased, security of, 1020integrity of, 1011preventing accidental compromise of, 1021-1022saving log viewer, 985-986
defense-in-depth security, 35, 66-75, 237-247, 1008, 1011Define Website to Publish page, SSL Web Publishing Rule, 681-682
Define Website to Publish page, Web Publishing Rules, 642-645
Delegated Permissions Wizard, 65
demand-dial connections, 807-809
denial-of-service (DOS) attacks, 15, 43, 883-884, 1011, 1030-1036Department of Defense Trusted Computer System Evaluation Criteria handbook (orange book), 26, 1046departmental firewalls, 53
designing comprehensive security plans, 1042-1051detectinginternal security breaches, 1023-1024intrusions. See intrusion detection and prevention
DHCPclient configuration, 291, 435, 518-520
scope, creating, configuring, 419-426
spoofing, preventing, 533-536
support for Web Proxy, Firewall client Autodiscovery (table), 418-419
and VPN assignment, 748
DHCP Relay Agent, 357
DHCP serversconfiguring ISA firewall as, 349-351, 355
configuring to support Web Proxy, Firewall client Autodiscovery, 419-426
installing, configuring on ISA firewall, 539, 800-802
dial-in accessconfiguring for Web Proxy clients, 409
enabling for VPN clients, 733-736
support for ISA firewalls, 330-335
dial-up accounts, specifying preferences, 97
Direct Accessbypassing Web Proxy filters for Web sites, 403
Web Proxy client configuration, 441
directory traversal attacks, 23
disablingcache rules, 921-922
caching, 912-913
content download jobs, 932
File and Printer sharing, 385
Firewall client icon, 395
Web filters, 97
disaster recovery, and software firewalls, 252
disconnectingserver from ISA Server, 85
sessions, 975
disks, removable storage, 1020distributed caching, 50-51, 901-903
distributed denial-of-service attacks, 883-884
DMZ Firewall Segment configuration, 255
DMZ network, creating, 600-602, 625-626
DMZs (demilitarized zones)creating public address trihomed DMZ network, 591-613
ISA Server 2000 trihomed configuration, 273
and network security, 36
trihomed DMZ Template, 314-318
DNS (Domain Name System)attacks, 890-891
filter, configuration, 840-842
intrusion, alert, 1004
SecureNAT client considerations, 376-377
servers. See DNS servers
service, installing on ISA firewall, 497-503
split infrastructure, 373, 540
support for Web Proxy, Firewall client Autodiscovery (table), 418-419
vulnerabilities of, 1039
DNS serversconfiguring to support Web Proxy, Firewall client Autodiscovery, 429-438
installing, configuring on ISA firewall, 494-504
placement, and ISA firewall, 462-464
domain functional level, changing, 782-784
Domain Name Set Network Objects, 307-309
domain name sets, populating with scripts, 574-590, 625
Domain Name System. See DNS
domain names, fully-qualified (FQDNs), 390, 642-643, 645, 658
domainsinternal network, 285
specifying, Firewall client, 392
DoS attacks. See denial-of-service (DoS) attacks
download sitesVMware Workstation, 260
Windows Server 2003 Enterprise, 260-261
downloading scheduled content download feature, 117
downloadsconfiguring content, 925-929
controlling HTTP, 125
controlling FTP, 126
ISA Server 2004 content download feature, 908
Microsoft security bulletins, patches, 1040scheduling content, 929-934
drives, cache, configuring, 905
dynamic packet-filtering, 22, 45, 250