Index
S
savingISA Server configuration, 85-86
log viewer data, 985-986
scalabilityfirewall comparisons, 152-153
of ISA Server 2004, 162
scannersdescribed, 1036and spoofers, 889-890
port scanning, 173, 889-890, 1036-1037, 1052vulnerability, 31
scheduled content download feature, 117
schedulingAccess Rules application, 554-555, 566
access to published Web site, 638, 667
content download jobs, 929-934
reports, 987-991
scriptsautoconfiguration, Web Proxy clients, 288
for customizing VPN environment, 817management, 167
using to populate domain name sets, 574-590, 625
using to populate URL Sets and Domain Name Sets, 309
SD3 Security Framework, 17, 35-37
SDK (software development kit) ISA Server 2004, 172
Secure Exchange RPC filter, 171
Secure Exchange Server Publishing Rules, 126
Secure Network Address Translation (SecureNAT)
clients. See SecureNAT clients
ISA Server 2000 support, 57
Secure Sockets Layer (SSL) protocol, 108-109
Secure Web Publishing Wizard, 62
SecureID authentication, 61, 637, 879-880
SecureID filter, 895
SecureNAT clientsadvantages of configuration (table), 369-371
described, 7-8
disabling automatic Web proxy connections for, 573-574
disadvantages of (table), 368
DNS considerations for (table), 376-377
introduction to, 363-365
limitations, 365-367
‘looping back' issue, 373, 375, 583-584
name resolution for, 371-374
‘network within a network,' 337-338
summary, 450-451
VPN connection support, 717
securingISA Server 2004, best practices, 82
remote access, 11-12
securitySee also computer securityblades, 39
breaches. See security breaches
defined, 35
DHCP spoofing, preventing, 533-536
holes, 30
host-based, 245-246
ISA firewall issues, 520-521
of ISA Server's underlying operating system, 231
key tokens, 34
multilayered approach to, 35-37, 43
network. See network security
policies. See security policies
policy-based approach to, 25-35
preventing intentional internal, 1024-1025ratings, 1045-1046
risks. See security risks
and software firewalls, 242
solutions, comprehensive, 37
threats. See security threats
through diversity, 70
Trustworthy Computing Initiative, 17
unmapped internal links, 128
Windows operating system, 249-250
zones, 237-238
Security Account Manager (SAM), 378
Security Administrator's Tool for Analyzing Networks (SATAN), 1036security breachesinternal, prevention and detection, 1022-1023preventing unauthorized external, 1024-1025security policiesanalyzing, 33-35
described, creating, 25-35
and network connection restrictions, 42
security riskshard-coding IP addresses in links, 373
split tunneling, 365
Security Specialist Exam 70-298, 18
security threatsassessing, 29-30
HTTP exploits, 23
and the Internet, 16
ISA Server 2004 intrusion detection and prevention, 48-49
types of, 15
Select Rule Action page, SSL Web Publishing Rules, 679-680
Select Rule Action page, Web Publishing Rules, 642
Select Web Listener page, SSL Web Publishing Rule, 684-688
Select Web Listener page, Web Publishing Rules, 646-654
server binding, 56
Server Publishing Rulesallowing DNS from DMZ to internal, 603-604
creating, 688-699
features described, 111, 135, 638-641
generally, 10, 632, 706, 708
troubleshooting, 709-710
when to use, 544
serversSee also specific servers
monitoring connectivity, 963-970
protecting, 1014third party intrusion detection, 1052VPN. See VPN servers
Service Pack 2 for Windows XP, 18
servicesISA firewall service dependencies, requirements, 521-526
monitoring, 975
Services section, Dashboard, 946, 998
Services tab, monitoring node, 90-91
sessionsdisconnecting, 975
firewall, filtering, 119-120
managing, 169
monitoring, 970-974, 999
Sessions section, Dashboard, 949
Sessions tab, monitoring node, 90
setup program, ISA Server 2004, 103
shared secrets, 777
SharePoint collaboration servers, 234
Shinder, Tom and Deb, 255
signaturesHTTP, controlling access by, 126
intrusion, 49-50
Simple Network Monitoring Protocol (SNMP), detecting unauthorized connections, 1017simulating lab network configuration, 256
Single Network Adapter Network Template, 327-329
Site Security Handbook (RFC 2196), 1022, 1042site-to-site VPNs, 47, 59, 113, 174, 718-719, 764-791, 802-814, 821, 822
Small Office/Home Office (SOHO), firewall appliances for, 144-145
Smart Cards, 779
SMTP permissions, 704, 957
SMTP Message Screenerconfiguring log files, 984
feature described, 165-166
installing, configuring, 827-840, 894
logs, 118-119, 976
SMURF attacks, 887, 1034-1035
sniffersdescribed, 1012, 1015, 1016and SSL-based connections, 289-290
‘sniffing networks, 384
social engineering attacks, 69, 1012, 1028-1030sockets described, 649
SOCKS v4filter, 842-843
SecureNAT clients running applications, 367
softwareanti-virus, anti-scumware, 75
file shredder, 1020installing Group Policy for Firewall clients, 443-446
ISA Server 2004, installing and configuring, 506-517
and network security, 1006-1007Software Development Kit (SDK), 172
software exploits, 1039-1040software firewalls, 39-41, 149, 242, 252
Software Update Services (SUS), 17
SOHO (Small Office/Home Office) firewall appliances for, 144-145
SonicWall, compared with ISA 2004, 192-200
source routing attacks, 892, 1039spam, anti-spam software, 247
split tunneling, 365, 717, 718
spoofing, 129, 319, 533-536, 889-890, 1034, 1036, 1038SQL server, logging to, 977, 980-981
Squid, 940
SSLbridging, 154, 669-671, 679-680, 1054caching content, 116-117, 908
configuring on listener, 649
connections between Web Proxy and client, 289
tunneling, 581-583, 679-680, 871-873, 1053-1054and URL Set entries, 306
SSL-HTTP bridging, 679-680, 708
SSL-SSL bridging, 164-165, 671-673
SSL VPN, remote access to terminal services using, 62
SSL Web listener, creating, 684-688
SSL Web Publishing Rule Wizard, 112, 679
SSL Web Publishing Rules, creating, 668-688, 707-708
Standalone CAs, 671-672
Standard edition, ISA Server 2004, 3-4, 232, 910-913
stateful application-layer inspection, 243, 574
stateful filteringin firewalls, 22
ISA firewall feature, 826
in ISA Server 2004, 58-59, 250-251
stateful inspection in ISA Server 2004, 22, 58-59
stateful, static packet filtering, 45, 70
streaming media, 106, 139
Subnets Network Object, 302-303
surrogate caches, 900
switch jamming, 1016Symantec Enterprise Firewall, compared with ISA 2004, 207-214
SYN attacks, 884-885, 887, 1031-1033, 1035synchronization request (SYN) attacks, 1031System Performance section, Dashboard, 950, 998
system policies, ISA Server 2004 improvements, 110-111
System Policy Editor, configuring remote management computers with, 101-103
System Policy Rules, ISA firewall, 281, 329-330, 479-488, 765, 770, 801, 927
system reliability of ISA Server 2004, 161-162
system requirements of ISA firewall, 458-460
Systems Management Server (SMS)deploying Firewall client software using, 447-448
installing Firewall client software, 387