Index
P
packet-filtering firewalls, 37, 44, 44-45, 244, 250-251, 253-254
packet filters, RRAS, 274
Packet Internetwork Groper. See ping
packet sniffers. See sniffers
Partner Products Web site, 82
passive caching, 898
passwordsSee also permissions
changing for remote VPN user accounts, 807
developing policy, 1048-1051and network security, 36
and port scanning, 889
PAT (Port Address Translation), Web Publishing Rules support for, 641
path redirection and Web Publishing Rules, 634
paths, Web Publishing Rules, mapping for, 117, 662
penetration testing, 1011performanceacceleration with caching, 898
ALF effect on, 141
application filtering and, 46
ISA firewall, 20
ISA Server 2004 improvements, 12
monitoring from Dashboard, 951-952
Performance Monitor, ISA Server, 951, 994-997, 1002
Perilli, Alessandro, 272
perimeter firewalls, 53
permissions, 782
See also passwords
access, and network security, 36
delegating granting authority, 97
ISA firewall administrator, 528-530
SMTP, 957
VPN remote access, 735, 780-782
.pif files, blocking, 125
pingconnectivity testing, 963
using to detect sniffers, 1017ping flood (ICMP) flood attacks, 886, 1034Ping of Death, 48, 155, 173, 886, 1033, 1052PIX licenses, 148
PKI (Public Key Infrastructure)and SSL, 671
support for IPSec VPN connections, 719-720
placement of firewalls, 53-54
planning security policy, 1042platforms, Intel PC-based, and firewalls, 23
PNM filter, 845
Point-to-Point Tunneling Protocol. See PPTP
policiesconfiguring remote management, 101
developing password, 1048-1051firewall. See firewall policies
per-network, 123
security, planning comprehensive, 1042-1051policy-based security approach, 25-35
POP Intrusion Detection filter, 842
POP (Post Office Protocol) and intrusion detection, prevention, 48-49
POP3 (Post Office Protocol, version 3)buffer overflows, 154
connection problems, 454
Server Publishing Rule configuration, 704
Port Address Translation. See PAT
port mapping and Server Publishing Rules, 639
port redirectionServer Publishing Rules and, 640
Web Publishing Rules and, 638
port scanning, 173, 889-890, 1036-1037, 1052portable computers and security problems, 1018-1020Post Office Protocol. See POPPouseele, Stefaan, 799
PPTP (Point-to-Point Tunneling Protocol)filter, configuring, 845-846
ISA Server 2004 support for, 106
ISA Server VPN support, 47-48
remote access, site-to-site VPN connections, 174
server publishing, 114, 719
site-to-site VPNs, creating, 747-763
VPN servers. See PPTP VPN servers
PPTP site-to-site VPNs, creating remote access, 819-820
PPTP VPN serverscreating remote access, 818
making client connections, 789-791
testing connections, 736-737
vs. L2TP/IPSec, 823
pre-authentication at ISA firewalland Server Publishing Rules, 639
with Web Publishing Rules, 634-635
pre-shared keysconfiguring for site-to-site L2TP/IPSec VPN links, 774
for IPSec-based VPN connections, 720
for VPN client remote access connections, 745-747
predefined alerts, 954-955
pricing. See costs
principle of least privilege, 1011programs, running when alert is triggered, 958
Progressive Networks Media Protocol (PNM), 845
propertiesconfiguring caching, 913-915
connectivity verifiers, 967
Server Publishing Rule, 693
protocol analyzers. See sniffers
Protocol Definitionsconfiguring, 378-379
creating, 617-622
protocol exploits, 1039-1040protocol redirection, Web Publishing Rules and, 638
protocol support of ISA Server 2004, 171-172
protocolsapplication-layer, exploits on, 23
Firewall client supported (table), 382
firewall comparisons, 155
intradomain communications, 614-615
ISA 2004 client support (table), 361
ISA firewall built-in, 547
ISA Server 2004 filters for, 170-171
ISA Server 2004, improved support for, 106-107
Remote Winsock Proxy Protocol, 392
Secure Sockets Layer (SSL), 108-109
SecureNAT client limitations, 366
Server Publishing, definitions (table), 688-691
Web caching, 903-904, 903-904
prototype environment, testing ISA Server 2004 in, 9
proxy autoconfiguration (PAC), and Firewall client, 390
Proxy client Direct Access configuration, 391
proxy firewalls, ISA Server 2004, 250-252
proxy serversdevelopment to ISA Server, 54-56
ISA firewall and, 22
public address trihomed DMZ network, 591-613, 625-626
public key encryption, 108-109
Public Key Infrastructure (PKI), 671, 719-720
Public Name Details page, SSL Web Publishing Rule, 683-684
Public Name Details page, Web Publishing Rules, 645-646
publishingAutodiscovery information, 427-428
Firewall clients, 400
hosts on public address DMZ segment, 591
multiple Web sites with single IP address, 635-636
PPTP VPN servers, 719
reports, 64, 121, 994, 1001
reverse, 1054secure Web servers using SSL Web Publishing Rules, 668-688
Server, Rules. See Server Publishing Rules
servers to Internet, SecureNAT clients (table), 371
VPN servers, 114
Web, Rules. See Web Publishing Rules
Web sites, 112, 701-705
Publishing Mode page, SSL Web Publishing Rules, 679
publishing network services with ISA Server 2004 generally, 10