Chapter 1: Evolution of a Firewall: From Proxy 1.0 to ISA 2004
Table 1.1: The SD3 Security Framework
Table 1.2: Whats New in ISA Server 2004
Chapter 3: Stalking the Competition: How ISA 2004 Stacks Up
Table 3.1: PIX Model-by-Model Feature Comparison
Table 3.2: NetScreen Model-by-Model Feature Comparison
Table 3.3: SonicWall Model-by-Model Feature Comparison
Table 3.4: WatchGuard Model-by-Model Feature Comparison
Table 3.5: WatchGuard Model-by-Model VPN Support Comparison
Table 3.6: Symantec Firewall/VPN Product Categories
Table 3.7: Symantec Small/Remote Office Firewall/VPN Model-by-Model Comparison
Table 3.8: Symantec Enterprise Gateway Appliance Model-by-Model Comparison
Table 3.9: Blue Coat SG Model-by-Model Comparison
Table 3.10: : ISA 2004 vs. Competing Firewall Products
Chapter 4: ISA 2004 Network Concepts and Preparing the Network Infrastructure
Table 4.1: Defense Rings Protecting Bank Assets
Table 4.2: Hardware Firewall Vendors Reasons for Why Software Firewalls are Insecure
Table 4.3: Lab Network Details
Table 4.4: Lab Network Details
Table 4.5: New and Improved Features in the ISA Firewalls Networking Model
Table 4.6: Firewall Policies available with the Edge Firewall Template
Table 4.7: Firewall Policies Available for the Trihomed (3-Leg) Network Template
Table 4.8: Firewall Policies Available for the Trihomed (3-Leg) Network Template
Table 4.9: Firewall Policies Available for the Back Firewall Template
Chapter 5: ISA 2004 Client Types and Automating Client Provisioning
Table 5.1: Overview of ISA 2004 Client Types
Table 5.2: Disadvantages of the SecureNAT Client Configuration
Table 5.3: Advantages of the SecureNAT Client Configuration
Table 5.4: DNS Considerations for SecureNAT Clients
Table 5.5: Advantages of the Firewall Client Configuration
Table 5.6: Firewall Client Configuration File Settings
Table 5.7: Advantages of the Web Proxy Client Configuration
Table 5.8: Disadvantages of the Web Proxy Client Configuration
Table 5.9: Application Behavior on Multiple Client Configuration Machines
Table 5.10: Grading Security, Functionality, Ease and Compatibility of ISA 2004 Client Types, from Highest to Lowest
Table 5.11: Choosing the Appropriate ISA 2004 Client Type
Table 5.12: DNS and DHCP Support for Web Proxy and Firewall Client Autodiscovery
Chapter 6: Installing and Configuring the ISA Firewall Software
Table 6.1: Basic Processor, Memory, Disk Space and Network Adapter Requirements Based on Link Speed
Table 6.2: Established Corporate Network Name-Resolution Infrastructure
Table 6.3: No Established Corporate Network Name-Resolution Infrastructure
Table 6.4: Entries and Values in the msisaund.ini File
Table 6.5: Post-Installation ISA Firewall Settings
Table 6.6: Default Post-installation System Policy
Table 6.7: Default Port-installation ISA Firewall System Configuration
Table 6.8: DHCP Request to Server
Table 6.9: DHCP Reply from Server
Table 6.10: Internal DNS Server to Forwarder
Table 6.11: Internal Network to DNS Server
Table 6.12: All Open
Table 6.13: Services on which the ISA Firewall Software Depends
Table 6.14: Services Required for Common Tasks Performed on the ISA Firewall
Table 6.15: Service Requirements Based on the ISA Firewalls Client Roles
Table 6.16: ISA Firewall Administrative Roles
Table 6.17: ISA Firewall Tasks Assigned to ISA Firewall Administrative Roles
Chapter 7: Creating and Using ISA 2004 Firewall Access Policy
Table 7.1: Default IIS MIME Types for common file extensions
Table 7.2: All Open Rule with MSN Messenger 6.2 HTTP Security Filter signature
Table 7.3: Access Rule that denies the MSN Messenger protocol
Table 7.4: Settings for a MSN Messenger Web Proxy Access rule
Table 7.5: Remote Access to DMZ Server using Private v. Public Addresses, NAT v. Route, Access Rules, and Publishing Rules
Table 7.6: Protocols Required for Intradomain Communications
Chapter 8: Publishing Network Services with ISA 2004 Firewalls
Table 8.1: Web Listener Authentication Methods
Table 8.2: Server Publishing Protocol Definitions
Chapter 9: Creating Remote Access and Site-to-Site VPNs with ISA Firewalls
Table 9.1: System Policy Rules Enabling the ISA Firewall to be a DHCP Client
Table 9.2: IP Addressing and Network Information for the ISA Firewall VPN Gateways
Chapter 10: ISA 2004 Stateful Inspection and Application Layer Filtering
Table 10.1: SMTP Service Log Fields
Table 10.2: Example HTTP Security Filter for Generic Web Sites
Table 10.3: HTTP Security Filter Settings for OWA Web Publishing Rules
Table 10.4: HTTP Security Filter Policy Settings for RPC-over-HTTP Web Publishing Rule
Table 10.5: Sample Signatures for Blocking Commonly Encountered Dangerous Applications
Table 10.6: HTTP Headers Used to Bock Dangerous Applications