Cache Array Routing Protocol (CARP), 55, 232-233, 903, 937-938
Cache digests (protocol), 904
Cache Rule Wizard, 115-116
cache rules, 906-908, 916-923, 937
Cache subnode, Configuration node, 96, 134
CachFlow, 19
caching
controlling via HTTP headers, 909
enabling, disabling, 910-912
forward, reverse, 157-158
negative, 937
Web. See Web caching
campus network configuration, 285-286
capital investment in firewalls, 147
CARP (Cache Array Routing Protocol), 55, 903, 937-938
CERT Coordination Center Web site, 37
Certificate Authorities (CAs)
and SSL, 671
and VPN clients, 738-743
certificates
for firewall, VPN clients, 738-743
issuing user, to remote access VPN client, 794
requesting, installing for branch office firewall, 770-772
requesting, installing for main office firewall, 765-769
Certificates MMC snap-in, 738, 740
certification
firewall comparisons, 158-159
of firewalls, 146
changing passwords, policy, 1050-1051
chapter summaries
firewall basics, ISA Server 2004 features, 76
firewall comparisons, 220-225
ISA 2004 caching capabilities, 935
ISA 2004 client types, automation, 449-450
ISA 2004 network concepts, infrastructure preparation, 352
ISA firewall installation, configuration, 537
ISA Server 2004 feature set, 133
network security basics, 1055
stateful inspection, application-layer filtering, 893
Check Point software compared with ISA 2004, 178-182
Checkmark certification, 158
CheckPoint firewalls, 20, 39-40, 49, 66, 248
CIA (Confidentiality, Integrity, Availability) triad, 1010
Cisco
PIX compared with ISA 2004, 182-187
vs. other solutions, 66
cleaning services, and network security, 1013
client certificates, configuring ISA firewall to present user certificates, 676-678
Client Certification authentication, 405
client roles for ISA firewall, 526-528
client-to-server VPNs, 47
clients
choosing type, 415-417
Firewall. See Firewall clients
internal, configuring as DHCP, 518-520
ISA 2004 types, 360-362
SecureNAT. See SecureNAT clients
TCP handshake, 1031-1032
VPN, configuring, 114
Web Proxy. See Web Proxy clients
Windows VPN software, 48
CMAK (Microsoft Connection Manager Administration Kit), 175, 715
COBRA risk methodology, 28
code, malicious, 1011
Code Red worm, 16
collections
Networks sets, 298
URL Set Network Object, 305-307
.com files, blocking, 125
Common Gateway Interface (CGI), vulnerabilities of, 1039
compression, log files, 980
Computer Objects, 298-300
computer security defined, 1006-1007
Computer Sentry Software, 1019
Computer Set Network Object, 303-305
computers
laptops and security problems, 1018-1020
recovering stolen portable, 1018-1019
Computrace, 1019
confidential information
exporting, 86
and hard copies, 1020
configuration
data, importing and exporting, 64
Firewall clients, 388-402
ISA 2004, Shinder network layout, 255-272
wizards, 167
Configuration node, 95-98, 134
configurations
Backbone and Asset Network, 254-255
backing up ISA Server, 85
content download jobs, exporting and importing, 933
multiple client type, 404-405
‘network within a network,' ISA firewall, 335-341
Proxy client Direct Access, 391
configuring
Access Rules, outbound access through firewall, 555-574
alerts, 89
content downloads, 925-929
Dashboard, 951
DHCP Server service on ISA firewall, 503-506
domains for Web proxy direct access, 287
firewall policies, 93-94
firewall policy rules, 84
firewall policy with templates, 124
HTTP Web listener, 646-654
ISA firewall as DHCP server, 349-351, 355
ISA firewall, storing, 252
ISA Server 2004 alerts, 952-963
ISA Server 2004 logging, 978-983
outbound Access Rules, 555-574
PPTP VPN servers, 722-737
Protocol Definitions, 378-379
public address trihomed DMZ network, 591-613
RADIUS servers, 776
reports, 986-994
VPN clients, 114
VPN connections, 95
Web listener, 108
Web Proxy Chaining, 344-349
Web Publishing Rules Properties dialog box, 655-668
Configuring ISA Server 2000: Building Firewalls for Windows 2000 (Syngress Publishing), 2
connecting multiple firewalls, 100
Connection Verifier Wizard, 121
connection verifiers, 121
connections
assessing security of network, 1044
configuring VPN, 95
detecting unauthorized, 1017
FTP client with server, 366
ISA firewall limits, 531-533
L2TP/IPSec VPN, testing, 743
monitoring, 963-970
monitoring VPN client, 721
number of, firewall comparisons, 155-156
‘remoting' to ISA 2004 firewall, 380
RPC, forcing Secure Exchange, 126
using DNS for autodiscovery, 437-438
and VPN firewall policies, 713-715
connectivity
configuring, monitoring, 963-970
Connectivity Monitors, using, 169
Connectivity section, Dashboard, 945-946, 998
Connectivity tab, monitoring node, 92
connectoids, creating for VPN dial-up, 330-333
content, configuring for caching, 913-915
content downloads
configuring, 925-929
scheduling, 929-934
Content types, ISA firewall, 549-550
copying
Access Rules, 568
cache rules, 922
ISA Server 2004 Help file to workstations, 99
log viewer data to Clipboard, 985-986
Cornerpost Software's Surrogate Socket 5.0, 367
corporate espionage, 1027
corporate networks and VPN connections, 712
costs
analyzing security policy, 33-34
Blue Coat SG, 215
Check Point firewalls, 178-179
Cisco Content Engines, 939
Cisco PIX, 183-184
of firewall operations, 147-152
firewall support, 149-150
NetScreen firewalls, 188
open source firewalls, 223-225
SonicWall firewalls, 196
Symantec Enterprise Firewall, 211
WatchGuard firewalls, 202-203
countermeasures defined, 1010
counters, Performance Monitor, 994-997
crackers, 1010, 1030
crash, computer, 1010
creating
cache rules, 916-920
Computer Sets, 304-305
connectivity verifiers, 92, 964
Domain Name Set Network Objects, 307-309
Firewall Rules, 107
ISA 2004 Network Objects, 297-309
ISA Server 2004 alerts, 952-963
ISALOCAL virtual machine, 260-272
L2TP/IPSec site-to-site VPNs, 764-774
log summaries, 121
Mail Server Publishing Rules, 699-705
Network Rules to control routing, 296-297
new Networks, 291-295
PPTP site-to-site VPN, 747-763
protocol definitions, 106
public address trihomed DMZ network, 591-613
remote access L2TP/IPSec servers, 737-747
remote access PPTP VPN server, 722-737
reports, automated, 989-991
reports from logs, 91
Server Publishing Rules, 688-699
SSL Web listener, 684
SSL Web Publishing Rules, 678-688
URL Sets, 306-307
VPN gateways, 85
credentials
Firewall client, 378
ISA 2004 client support, 365
cryptography and hardware security solutions, 34-35