Chapter 4

Configuring Internet Security Using Access Policies

About This Chapter

Creating an Internet security policy requires that you take into account your particular network configuration and security needs. Your security needs may vary among users, computers, source or destination Internet Protocol (IP) addresses, times, protocols, content types, and requested Web sites. To create an access policy suited to these particulars of your network, you need to understand how Microsoft Internet Security and Acceleration Server 2000 (ISA Server) processes client requests. You will then be able to create policy elements for aspects such as schedules and client sets that are particular to your network. Next, you can begin the process of configuring the three types of rules that comprise an access policy: protocol rules, site and content rules, and IP packet filters. Finally, to prevent unwanted external intrusions into your network, you may choose to enable intrusion detection on your firewall.

Before You Begin

To complete the lessons in this chapter, you must have

Met the requirements as outlined in "About This Book" so that Server1 is configured as a domain controller with an IP address of 192.168.0.1 and Server2 is configured as a member of the domain with an IP address of 192.168.0.2. Server1 must also have a dial-up connection to the Internet.

Completed all the exercises in this book through Chapter 3.