Dr. Tom Shinderamp;#039;s Configuring ISA Server 1002004 [Electronic resources]

Thomas W. Shinder; Debra Littlejohn Shinder

نسخه متنی -صفحه : 145/ 119

Index

A

Absolute Software Corporation, 1019

access control

with Access Rules, 367

blocking executables, 125

blocking FTP uploads, 127

‘deny all access' model, 1023

ISA Server 2000 vs. ISA Server 2004, 139

limiting Web Proxy client connections, 411

to logs, 978

principle of least privilege, 377

strong user/group based, 381

user/group-based, Web Proxy clients, 405

via HTTP signatures, 126

VPN clients permissions, 735

VPN server solution, 714

access permissions and network security, 36

Access Policy

intradomain communications, allowing, 613-622

introduction to, 544-546

per-network, 123

using scripts to populate domain name sets, 574-590

Access Rules

configuring Access Policy on ISA firewall, 509-517

configuring for outbound access through firewall, 555-574, 623-624

configuring to prevent connection to WLAN segment, 728

creating for main-to-branch office routing, 812

DHCP Request, creating, 350-351

and Firewall client, 274, 377

FTP, allowing, 627

introduction, elements of, 544-555

ISA firewall, 276-278, 334, 339

Policy elements, 546-555

site-to-site VPNs, 748-749, 754-756, 760-762

testing from external host to DMZ, 609-612

troubleshooting, 539

for URL Set, 306

using generally, 9-10

VPN client access to resources, 731-733, 788

accessibility and network security, 35, 1007

accounts

dial-up preferences, 97

user. See user accounts

ACK messages and SYN attacks, 884-885, 1031

active caching, 131-132, 898, 939

Active Directory

automating Web Proxy client configuration, 418

Group Policy Software Assignment, 387

ISA integration with, 56-57

and ISA Server 2004 firewall, 138-139

ISA Server 2004 integration, 163

lab network requirements, 259

and VPN server configuration, 733

ActiveSync option, Exchange Server, 701-702

ActiveX code, 18

ActiveX controls and remote management, 105

Add-ins subnode, Configuration node, 97, 134

add-on modules, firewall, 147-148

Address Ranges Network Object, 301-302

Address Resolution Protocol (ARP) ‘sniffing,' 1016

Administration Delegation Wizard, 65, 85

administrators

configuring VPN components, 712

defining roles, 85

investigating HTTP headers of potential threats, 862-871

ISA firewall roles, permissions, 528-530

and password creation, 1049-1050

this book's audience, 13-15

Alert PC, 1019

alerts

creating, modifying, viewing, 955-962, 998-999

events that trigger, 952-954

feature described, 169

Alerts section, Dashboard, 947-949, 998

Alerts tab, monitoring node, 87-89

ALF (Application Layer Filtering)

Check Point capabilities, 178-179

described, 46, 97, 140-141

enhanced functionality, 124-128

firewall comparisons, 154-155

ISA firewall Application filters, 826-846

ISA Server 2004 feature, capabilities, 160, 170-171

All Open rule, ISA Access Policy, 511, 516-517, 546, 556

all-port forwarding, 2

anonymous users, 1002

anti-scumware software, 75, 247

anti-spam software, 247

anti-theft devices, 1019

anti-virus software, 75, 246

appliances and hardware firewalls, 39

Application filtering, 826-846

application-filtering gateway within perimeter network, 53

application gateways, 46

application-layer

connection inspection, 633

firewall filtering, 44, 639-640, 826-846

Application Layer Filtering. See ALF

Application Specific Integrated Circuit. See ASIC

architecture

comparing firewall, 225

of firewalls, 39-42

ISA Server 2000 vs. ISA Server 2004, 138

Web caching, 901-903

ARP (Address Resolution Protocol), 1016

ARPNET, 38

ASIC (Application Specific Integrated Circuit)

and application-layer exploits, 251-252

-based firewalls, 20, 40, 249

and logging, 148

Asset Edge, firewall ring, 244-245

Asset Network Edge, firewall ring, 72-74

assets, critical, and firewall placement, 254

attacks