saving
ISA Server configuration, 85-86
log viewer data, 985-986
scalability
firewall comparisons, 152-153
of ISA Server 2004, 162
scanners
described, 1036
and spoofers, 889-890
port scanning, 173, 889-890, 1036-1037, 1052
vulnerability, 31
scheduled content download feature, 117
scheduling
Access Rules application, 554-555, 566
access to published Web site, 638, 667
content download jobs, 929-934
reports, 987-991
scripts
autoconfiguration, Web Proxy clients, 288
for customizing VPN environment, 817
management, 167
using to populate domain name sets, 574-590, 625
using to populate URL Sets and Domain Name Sets, 309
SD3 Security Framework, 17, 35-37
SDK (software development kit) ISA Server 2004, 172
Secure Exchange RPC filter, 171
Secure Exchange Server Publishing Rules, 126
Secure Network Address Translation (SecureNAT)
clients. See SecureNAT clients
ISA Server 2000 support, 57
Secure Sockets Layer (SSL) protocol, 108-109
Secure Web Publishing Wizard, 62
SecureID authentication, 61, 637, 879-880
SecureID filter, 895
SecureNAT clients
advantages of configuration (table), 369-371
described, 7-8
disabling automatic Web proxy connections for, 573-574
disadvantages of (table), 368
DNS considerations for (table), 376-377
introduction to, 363-365
limitations, 365-367
‘looping back' issue, 373, 375, 583-584
name resolution for, 371-374
‘network within a network,' 337-338
summary, 450-451
VPN connection support, 717
securing
ISA Server 2004, best practices, 82
remote access, 11-12
security
See also computer security
blades, 39
breaches. See security breaches
defined, 35
DHCP spoofing, preventing, 533-536
holes, 30
host-based, 245-246
ISA firewall issues, 520-521
of ISA Server's underlying operating system, 231
key tokens, 34
multilayered approach to, 35-37, 43
network. See network security
policies. See security policies
policy-based approach to, 25-35
preventing intentional internal, 1024-1025
ratings, 1045-1046
risks. See security risks
and software firewalls, 242
solutions, comprehensive, 37
threats. See security threats
through diversity, 70
Trustworthy Computing Initiative, 17
unmapped internal links, 128
Windows operating system, 249-250
zones, 237-238
Security Account Manager (SAM), 378
Security Administrator's Tool for Analyzing Networks (SATAN), 1036
security breaches
internal, prevention and detection, 1022-1023
preventing unauthorized external, 1024-1025
security policies
analyzing, 33-35
described, creating, 25-35
and network connection restrictions, 42
security risks
hard-coding IP addresses in links, 373
split tunneling, 365
Security Specialist Exam 70-298, 18
security threats
assessing, 29-30
HTTP exploits, 23
and the Internet, 16
ISA Server 2004 intrusion detection and prevention, 48-49
types of, 15
Select Rule Action page, SSL Web Publishing Rules, 679-680
Select Rule Action page, Web Publishing Rules, 642
Select Web Listener page, SSL Web Publishing Rule, 684-688
Select Web Listener page, Web Publishing Rules, 646-654
server binding, 56
Server Publishing Rules
allowing DNS from DMZ to internal, 603-604
creating, 688-699
features described, 111, 135, 638-641
troubleshooting, 709-710
when to use, 544
servers
See also specific servers
monitoring connectivity, 963-970
protecting, 1014
third party intrusion detection, 1052
VPN. See VPN servers
Service Pack 2 for Windows XP, 18
services
ISA firewall service dependencies, requirements, 521-526
monitoring, 975
Services section, Dashboard, 946, 998
Services tab, monitoring node, 90-91
sessions
disconnecting, 975
firewall, filtering, 119-120
managing, 169
Sessions section, Dashboard, 949
Sessions tab, monitoring node, 90
setup program, ISA Server 2004, 103
shared secrets, 777
SharePoint collaboration servers, 234
Shinder, Tom and Deb, 255
signatures
HTTP, controlling access by, 126
intrusion, 49-50
Simple Network Monitoring Protocol (SNMP), detecting unauthorized connections, 1017
simulating lab network configuration, 256
Single Network Adapter Network Template, 327-329
Site Security Handbook (RFC 2196), 1022, 1042
site-to-site VPNs, 47, 59, 113, 174, 718-719, 764-791, 802-814, 821, 822
Small Office/Home Office (SOHO), firewall appliances for, 144-145
Smart Cards, 779
SMTP Message Screener
configuring log files, 984
feature described, 165-166
installing, configuring, 827-840, 894
SMURF attacks, 887, 1034-1035
sniffers
described, 1012, 1015, 1016
and SSL-based connections, 289-290
‘sniffing networks, 384
social engineering attacks, 69, 1012, 1028-1030
sockets described, 649
SOCKS v4
filter, 842-843
SecureNAT clients running applications, 367
software
anti-virus, anti-scumware, 75
file shredder, 1020
installing Group Policy for Firewall clients, 443-446
ISA Server 2004, installing and configuring, 506-517
and network security, 1006-1007
Software Development Kit (SDK), 172
software exploits, 1039-1040
software firewalls, 39-41, 149, 242, 252
Software Update Services (SUS), 17
SOHO (Small Office/Home Office) firewall appliances for, 144-145
SonicWall, compared with ISA 2004, 192-200
source routing attacks, 892, 1039
spam, anti-spam software, 247
split tunneling, 365, 717, 718
spoofing, 129, 319, 533-536, 889-890, 1034, 1036, 1038
SQL server, logging to, 977, 980-981
Squid, 940
SSL
bridging, 154, 669-671, 679-680, 1054
configuring on listener, 649
connections between Web Proxy and client, 289
tunneling, 581-583, 679-680, 871-873, 1053-1054
and URL Set entries, 306
SSL-HTTP bridging, 679-680, 708
SSL-SSL bridging, 164-165, 671-673
SSL VPN, remote access to terminal services using, 62
SSL Web listener, creating, 684-688
SSL Web Publishing Rule Wizard, 112, 679
SSL Web Publishing Rules, creating, 668-688, 707-708
Standalone CAs, 671-672
Standard edition, ISA Server 2004, 3-4, 232, 910-913
stateful application-layer inspection, 243, 574
stateful filtering
in firewalls, 22
ISA firewall feature, 826
in ISA Server 2004, 58-59, 250-251
stateful inspection in ISA Server 2004, 22, 58-59
stateful, static packet filtering, 45, 70
Subnets Network Object, 302-303
surrogate caches, 900
switch jamming, 1016
Symantec Enterprise Firewall, compared with ISA 2004, 207-214
SYN attacks, 884-885, 887, 1031-1033, 1035
synchronization request (SYN) attacks, 1031
System Performance section, Dashboard, 950, 998
system policies, ISA Server 2004 improvements, 110-111
System Policy Editor, configuring remote management computers with, 101-103
System Policy Rules, ISA firewall, 281, 329-330, 479-488, 765, 770, 801, 927
system reliability of ISA Server 2004, 161-162
system requirements of ISA firewall, 458-460
Systems Management Server (SMS)
deploying Firewall client software using, 447-448
installing Firewall client software, 387