Darrow, Chris, 65
Dashboard, ISA Server 2004
feature described, 168-169, 943-951, 998
monitoring connectivity from, 967-970
monitoring node, ISA Server 2004, 87-88, 134
data
assessing type of, 1044
availability of, 1010
erased, security of, 1020
integrity of, 1011
preventing accidental compromise of, 1021-1022
saving log viewer, 985-986
defense-in-depth security, 35, 66-75, 237-247, 1008, 1011
Define Website to Publish page, SSL Web Publishing Rule, 681-682
Define Website to Publish page, Web Publishing Rules, 642-645
Delegated Permissions Wizard, 65
demand-dial connections, 807-809
denial-of-service (DOS) attacks, 15, 43, 883-884, 1011, 1030-1036
Department of Defense Trusted Computer System Evaluation Criteria handbook (orange book), 26, 1046
departmental firewalls, 53
designing comprehensive security plans, 1042-1051
detecting
internal security breaches, 1023-1024
intrusions. See intrusion detection and prevention
DHCP
client configuration, 291, 435, 518-520
scope, creating, configuring, 419-426
spoofing, preventing, 533-536
support for Web Proxy, Firewall client Autodiscovery (table), 418-419
and VPN assignment, 748
DHCP Relay Agent, 357
DHCP servers
configuring ISA firewall as, 349-351, 355
configuring to support Web Proxy, Firewall client Autodiscovery, 419-426
installing, configuring on ISA firewall, 539, 800-802
dial-in access
configuring for Web Proxy clients, 409
enabling for VPN clients, 733-736
support for ISA firewalls, 330-335
dial-up accounts, specifying preferences, 97
Direct Access
bypassing Web Proxy filters for Web sites, 403
Web Proxy client configuration, 441
directory traversal attacks, 23
disabling
cache rules, 921-922
caching, 912-913
content download jobs, 932
File and Printer sharing, 385
Firewall client icon, 395
Web filters, 97
disaster recovery, and software firewalls, 252
disconnecting
server from ISA Server, 85
sessions, 975
disks, removable storage, 1020
distributed caching, 50-51, 901-903
distributed denial-of-service attacks, 883-884
DMZ Firewall Segment configuration, 255
DMZ network, creating, 600-602, 625-626
DMZs (demilitarized zones)
creating public address trihomed DMZ network, 591-613
ISA Server 2000 trihomed configuration, 273
and network security, 36
trihomed DMZ Template, 314-318
DNS (Domain Name System)
attacks, 890-891
filter, configuration, 840-842
intrusion, alert, 1004
SecureNAT client considerations, 376-377
servers. See DNS servers
service, installing on ISA firewall, 497-503
split infrastructure, 373, 540
support for Web Proxy, Firewall client Autodiscovery (table), 418-419
vulnerabilities of, 1039
DNS servers
configuring to support Web Proxy, Firewall client Autodiscovery, 429-438
installing, configuring on ISA firewall, 494-504
placement, and ISA firewall, 462-464
domain functional level, changing, 782-784
Domain Name Set Network Objects, 307-309
domain name sets, populating with scripts, 574-590, 625
Domain Name System. See DNS
domain names, fully-qualified (FQDNs), 390, 642-643, 645, 658
domains
internal network, 285
specifying, Firewall client, 392
DoS attacks. See denial-of-service (DoS) attacks
download sites
VMware Workstation, 260
Windows Server 2003 Enterprise, 260-261
downloading scheduled content download feature, 117
downloads
configuring content, 925-929
controlling HTTP, 125
controlling FTP, 126
ISA Server 2004 content download feature, 908
Microsoft security bulletins, patches, 1040
scheduling content, 929-934
drives, cache, configuring, 905
dynamic packet-filtering, 22, 45, 250