AboutThisBook
IntendedAudience
Prerequisites
ReferenceMaterials
AbouttheCD-ROM
FeaturesofThisBook
Notes
Conventions
NotationalConventions
KeyboardConventions
ChapterandAppendixOverview
FindingtheBestStartingPointforYou
WheretoFindSpecificSkillsinThisBook
InstallingISAServer
ConfiguringandTroubleshootingISAServerServices
Configuring,Managing,andTroubleshootingPoliciesandRules
Deploying,Configuring,andTroubleshootingtheClientComputer
Monitoring,Managing,andAnalyzingISAServerUse
GettingStarted
HardwareRequirements
SoftwareRequirements
SetupInstructions
TheMicrosoftCertifiedProfessionalProgram
MicrosoftCertificationBenefits
MicrosoftCertificationBenefitsforIndividuals
Microso8CertificationBenefitsforEmployersandOrganizations
RequirementsforBecomingaMicrosoftCertifiedProfessional
TechnicalTrainingforComputerProfessionals
Self-PacedTraining
OnlineTraining
MicrosoftCertifiedTechnicalEducationCenters
TechnicalSupport
Chapter1IntroductiontoMicrosoftInternetSecurityand
AccelerationSewer2000
AboutThisChapter
BeforeYouBegin
LessonlOverviewofISAServer
EditionsComparison
ISAServerEnterpriseEdition
ISAServerStandardEdition
KeyDifferences
ISAServerRoles
InternetFirewall
SecureServerPublishing
ForwardWebCachingServer
ReverseWebCachingServer
IntegratedFirewallandWebCacheServer
Windows2000Integration
Scalability
Extensibility
ISAServerArchitecture
Practice:ISAServerOverviewPresentation
LessonSummary
Lesson2IntroductiontotheISAServerFirewall
FilteringMethods
IPPacketFiltering
Circuit-Level(Protocol)Filtering
ApplicationFiltering
BandwidthRules
IntegratedVirtualPrivateNetworking
IntegratedIntrusionDetection
PacketFilterIntrusions
SecurePublishing
LessonSummary
Lesson3OverviewofISAServerCaching
High-PerformanceWebCache
ForwardWebCachingServer
ReverseWebCachingServer
ScheduledContentDownload
ActiveCaching
CARPandCacheServerScalability
HierarchicalCaching
WebProxyRouting
LessonSummary
Lesson4ISAServer'sManagementFeatures
IntuitiveUserInterface
IntegratedAdministration
Policy-BasedAccessControl
TieredPolicy
ArrayPolicy
EnterprisePolicy
LessonSummary
Review
Chapter2InstallingMicrosoftInternetSecurityand
AccelerationServer2000
AboutThisChapter
BeforeYouBegin
LessonlPlanningforanISAServerInstallation
CapacityPlanning
MinimalRequirements
RemoteAdministrationRequirements
FirewallRequirements
ForwardCachingRequirements
PublishingandReverseCachingRequirements
ArrayConsiderations
ArrayRequirements
StandaloneServersandSingle-ServerArrays
ISAServerMode
InternetConnectivityConsiderations
PublishingandConnectivity
ISAServerintheNetwork
WindowsNT4.0Domain
ISAServerConfigurationData
InternetConnectionServer
RemoteAccessServer
ISAServerNetworkTopologyScenarios
Small0fficeScenario
EnterpriseScenario
EnterpriseNetworkConfiguration
WebPublishingTopologies
Co-LocatedWebServer
WebServeronLocalNetwork
ExchangeServerPublishingTopologies
Co-LocatedExchangeServer
ExchangeServeronLocalNetwork
PerimeterNetwork(DMZ)Scenarios
Back-to-BackPerimeterNetworkConfiguration
Three-HomedPerimeterNetwork(DMZ)Configuration
LessonSummary
Lesson2PerforminganISAServerInstallation
BeforeYouInstallISAServer
SettingUptheNetworkAdapter
TCP/IPSettings
SettingUpaModemorISDNAdapter
Windows2000RoutingTable
InstallingISAServer
InitializingtheEnterprise
InstallationProcedure
ConstructingtheLocalAddressTable
Windows2000RoutingTable
DefaultSettings
TroubleshootingISAServerInstallation
Practice:InstallingISAServerEnterpriseEdition
Exercise1:InitializingtheEnterprise
Exercise2:InstallingISAServerSoftware
LessonSummary
Lesson3MigratingfromProxyServer2.0
MigratingfromMicrosoftProxyServer2.O
OperatingSystemConsiderations
ProxyServeronWindows2000
ProxyServeronWindowsNT4.O
ProxyServer2.OArrayConsiderations
MigratingtoanArray
MigratingProxyServer2.OConfiguration
ProxyChains
WebProxyClientRequests
Publishing
Cache
SOCKS
RulesandPolicies
LessonSummary
Review
Chapter3ConfiguringSecureInternetAccess
AboutThisChapter
BeforeYouBegin
LessonlConfiguringLocalClientsforSecureInternetAccess
AboutISAServerClients
AssessingClientRequirements
ConfiguringSecureNATClients
ConfiguringSecureNATClientsonaSimpleNetwork
ConfiguringSecureNATClientsonaComplexNetwork
AdditionalSecureNATConfigurationforDial-upNetworks
ResolvingNamesforSecureNATClients
InternetAccessOnly
InternalNetworkandInternetAccess
FirewallClients
FirewallClientApplicationSettings
AdvancedClientConfiguration
SampleWspcfg.iniFile
WebProxyService
ConfiguringWebProxyClients
DirectAccess
Practicel:EstablishingSecureInternetAccessforWebProxyClients
Exercise1:CreatingaProtocolRule
Exercise2:ConfiguringInternetExplorertoUsetheWebProxyService
Practice2:InstallingFirewallClient
Exercise:InstallingFirewallClientovertheLocalNetwork
Lesson-Summary
Lesson2ConfiguringISAServerDial-upConnections
ConfiguringDial-upEntries
Dial-on-Demand
ConfiguringDial-on-Demand
LimitingISAServerDial-outtoExternalSites
ClosingDial-upConnections
Practice:ConfiguringaDial-upEntry
Exercise1:TestingInternetConnectivity
Exercise2:CreatingaNewDial-upEntry
Exercise3:ConfiguringISAServertoRoutethroughtheDial-upEntry
Exercise4:RestartingtheFirewallService
Exercise5:ViewingSecureNATSessionInformation
LessonSummary
Lesson3ConfiguringAutomaticDiscoveryofISAServer
AutomaticDiscovery
ConfiguringWPADandWSPADontheDNSorDHCPServer
AutomaticDiscoveryforFirewallClients
VerifyingAutomaticDiscoveryforFirewallClients
AutomaticDiscoveryforWebProxyClients
TroubleshootingAutomaticDiscovery
Practice:ConfiguringAutomaticDiscovery
Exercise1:PublishingAutomaticDiscovery
Exercise2:CreatingaWPADAlias(CNAME)
RecordinDNS
Exercise3:EnablingAutomaticDiscoveryonaFirewallClient
Exercise4:TestingAutomaticDiscovery
LessonSummary
Lesson4TroubleshootingISAServerClientConnectivity
TroubleshootingClientConnections
TroubleshootingDial-upEntries
RestartingServicesafterConfigurationChanges
LessonSummary
Review
Chapter4ConfiguringInternetSecurityUsingAccessPolicies
AboutThisChapter
BeforeYouBegin
LessonlCreatinganAccessPolicywithISAServer
ControllingOutgoingRequests
ConfiguringAccessPolicy
RulesandAuthentication
SecureNATClientsandAuthentication
FirewallClientsandAuthentication
WebProxyClientsandAuthentication
ISAServerSystemSecurity(SystemHardening)
GettingStartedWizard
LessonSummary
Lesson2CreatingCustomizedPolicyElements
PolicyElements
Array-LevelandEnterprise-LevelPolicyElements
ConfiguringSchedules
ConfiguringDestinationSets
ClientAddressSets
ClientUsersandGroups
ConfiguringProtocolDefinitions
Direction
ConfiguringContentGroups
Practice:CreatingPolicyElements
Exercisel:CreatingaSchedule
Exercise2:CreatingaDestinationSet
LessonSummary
Lesson3ConfiguringProtocolRules
ProtocolRules
ProtocolRuleConfigurationScenario
ProtocolAvailability
ApplicationFiltersandProtocolAvailability
ProcessingOrder
Array-LevelandEnterprise-LevelProtocolRules
WebProtocols
ProtocolDefinitionsthatareInstalledwithISAServer
Practice:AssigningProtocolRulestoUserAccounts
Exercisel:MonitoringSessionsinISAManagement
Exercise2:RequiringAuthenticationforWebSessions
Exercise3:AssigningaProtocolRuletoaWindows2000User
LessonSummary
Lesson4ConfiguringSiteandContentRules
SiteandContentRules
ProcessingOrder
AllowandDenyActions
DestinationSetsandPathProcessing
Array-LevelandEnterprise-LevelSiteandContentRules
SampleSiteandContentRule
ContentGroups
Practice:CreatingNewSiteandContentRules
Exercise1:DenyingUserlAccesstoAudioandVideoContent
Exercise2:TestingtheConfiguration
LessonSummary
Lesson5ConfiguringIPPacketFilters
WhentoUseIPPacketFilters
CreatingIPPacketFilters
ConfiguringPacketFilterOptions
IPFragmentFiltering
IPOptionsFiltering
LoggingPackets
Practice:RunningInternetServicesontheISAServerComputer
Exercise1:CreatinganIPPacketFilterforIncoming(POP3)Mail
Exercise2:CreatinganIPPacketFilterforOutgoing(SMTP)Mail
Exercise3:CreatinganIPPacketFilterforNNTP
Exercise4:CreatingallIPPacketFiltertoAllowOutgoingWebRequests(DNSQueries)
Exercise5:CreatinganIPPacketFilterforWebContent(HTTP)
LessonSummary
Lesson6ConfiguringISAServertoDetectExternalAttacksandIntrusions
IntrusionTypesandAlerts
PortScanAttack
AIIPortsScanAttack
EnumeratedPortScanAttack
IPHalfScanAttack
LandAttack
PingofDeathAttack
UDPBombAttack
WindowsOut-of-BandAttack(WinNuke)
ConfiguringIntrusionDetection
Practice:ConfiguringIntrusionDetectiononISAServer
Exercise:EnablingIntrusionDetection
LessonSummary
Review
Chapter5ConfiguringInternetAccelerationthroughtheISASewerCache
AboutThisChapter
BeforeYouBegin
LessonlCreatingaBasicCachePolicywithRoutingRules
HowCachingWorks
ProcessingCachingRules
CacheConfigurationProperties
RoutingRules
WhentoCacheContent
WhentoRetrieveObjectsfromtheCache
ApplyingRoutingRulestoParticularDestinations
RuleOrder
DefaultRoutingRule
ProcessingFlowforCaching
CacheFiltering
AdditionalCachePolicy
Practice:CachingDynamicContent
Exercise:CreatingaRoutingRuleCachingBothNon-DynamicandDynamicContent
LessonSummary
Lesson2ConfiguringCachePropertiesinISAServer
ConfiguringCacheDrives
CacheRequirementsandRecommendations
ConfiguringSizeandLocation
CacheContentFiles
ConfiguringHowISAServerCachesObjects
ConfiguringWhichContenttoCache
RAMCaching
ResponseHeaders
RequestHeaders
ConfiguringExpirationPolicy
HTTPObjectCaching
FTPObjectCaching
ReturningExpiredObjects
ConfiguringActiveCaching
ConfiguringNegativeCaching
Practicel:EnablingActiveCaching
Exercise:EnablingActiveCaching
Practice2:AdjustingtheAmountofRAMUsedforCaching
Exercise:AdjustingthePercentageof
AvailableMemoryUsedforCaching
LessonSummary
Lesson3SchedulingCacheContentDownloads
ScheduledCacheContentDownloads
UpdatingCacheContentAutomatically
ConfiguringPropertiesforExistingDownloadJobs
DownloadingDynamicContent
ConfiguringtheScheduleforContentDownloadJobs
Practice:CreatingaScheduledContentDownloadJob
Exercise:SchedulingaContentDownloadforMicrosoftOnlineSeminars
LessonSummary
Review
Chapter6SecureSewerPublishing
AboutThisChapter
BeforeYouBegin
LessonlPublishingServersSecurely
PublishingPolicyRules
ServerPublishingRules
HowServerPublishingWorks
ServerPublishingRuleActions
SampleRuleAction
ClientAddressSets
ServerPublishingRulesandIPPacketFilters
PublishingServersonaPerimeterNetwork
ServerontheSameComputerasISAServer
Practice:PublishinganInternalServer
Exercisel:CreatingaPublishingRuleonServerl
Exercise2:VerifyingtheFTPServerConnection
LessonSummary
Lesson2PublishingWebServersSecurely
WebPublishingRules
DestinationSetsandClientSets
WebPublishingRuleActions
SSLandHTTPBridging
RuleOrder
DefaultWebPublishingRule
SampleWebPublishingRule
PublishingaWebServerontheLocalNetwork
PublishingaWebServerHostedontheISAServerComputer
UsingPacketFilterstoPublishaWebServerontheISAServerComputer
Practice:PublishingaWebServeronaleISAServerComputer
Exercisel:ConfiguringIncomingWebRequestProperties
Exercise2:CreatingaDestinationSetforaleWebServer
Exercise3:PreparingtheWebSite
Exercise4:CreatingaWebPublishingRule
Exercise5:TestingtheCon8guration
LessonSummary
Lesson3PublishingMailServers
MailServerSecurityWizard
MailWizardSettings
ContentFiltering
ConfiguringExchangeServerontheLocalNetwork
ExchangeServerontheISAServerComputer
Practice:PublishingtheSMTPService
Exercisel:ConfiguringtheSMTPService
Exercise2:CreatingaMailWizardRule
Exercise3:configuringOutlookExpress
Exercise4:TestingtheConfiguration
LessonSummary
Review
Chapter7SecuringEnterpriseNetworkswithISAServer
AboutThisChapter
BeforeYouBegin
LessonlApplyingEnterprisePolicies
EnterprisePoliciesandArrays
HowEnterprisePoliciesareApplied
CreatinganEnterprisePolicy
ConfiguringthePolicySettingsforanEnterprise
BackingUpandRestoringallEnterpriseConfiguration
Practice:CreatingandApplyinganEnterprisePolicy
Exercise1:CreatingallEnterprisePolicy
Exercise2:CreatingaNewArraythatInheritstheDefaultEnterprisePolicy
Exercise3:TestingtheConfiguration
LessonSummary
Lesson2ConfiguringISAServerArrays
CreatingISAServerArrays
ArrayRequirements
ArraysandStandaloneServers
PromotingStandaloneServers
ArrayMemberSettings
StoringanArrayConfiguration
ControllingArrayMembership
BackingUpandRestoringanArrayConfiguration
BackingUptheConfiguration
BackingUpaStandaloneServerConfiguration
RestoringtheConfiguration
UsingArraystoProvideFaultTolerance
FaultToleranceforFirewallClients
FaultToleranceforSecureNATClients
CacheArrayRoutingProtocol
HowCARPWorks
ConfiguringCARP
ConfiguringtheLoadFactor
CARPandScheduledContentDownload
LessonSummary
Lesson3SecuringVirtualPrivateNetworkswithISAServer
IntegratingVirtualPrivateNetworkswithISAServer
ConfiguringtheNetworkforVPNConnectivity
UsingtheISAServerVPNConfigurationWizards
LocalISAServerVPNConfigurationWizard
RemoteISAServerVPNConfigurationWizard
ISAVirtualPrivateNetworkConfigurationWizard
ReconfiguringtheVPN
ISAServerandIPSec
LargeNetworkScenariowithVPNandRouting
LargeNetworkVPNDescription
MeetingNetworkRequirements
ISAServerArrayattheUnitedStatesHeadquarters
ISAServerArrayattheCanadaBranchOffice
ISAServerArrayattheUnitedKingdomBranchOffice
EnterprisePolicyatHeadquarters
ISAServerPolicyattheCanadaBranchOffice
ISAServerPolicyattheUnitedKingdomBranchOffice
LessonSummary
Review
Chapter8SecureVideoconferencingwithH.323Gatekeeper
AboutThisChapter
BeforeYouBegin
LessonlConfiguringClientstoUseH.323Gatekeeper
H.323Protocol
OverviewofH.323Gatekeeper
H.323GatekeeperSnap-in
H.323GatekeeperUsageScenarios
Intra-EnterpriseConferenceCallScenario
Inter-EnterpriseConferenceCallScenario
PSTNCallScenario
RegisteringClientswithH.323Gatekeeper
EndpointAttributes
Aliases
ClientAddressTranslation
FromwithinYourCompany
AttheDestination
InstallingH.323Gatekeeper
Practice:ConfiguringaClienttouseH.323Gatekeeper
Exercisel:AddingaGatekeeper
Exercise2:ConfiguringNetMeetingtoUseH.323Gatekeeper
Exercise3:TestingtheConfiguration
LessonSummary
Lesson2RoutingConferenceCallswithH.323Gatekeeper
CallRoutingRules
PhoneNumberRules
ExampleofaPhoneNumberRule
IPAddressRules
IPAddressRuleResolutionExample
E-mailAddressRules
RuleProcessingandDestinations
None
RegistrationDatabase
Gateway/Proxy
InternetLocatorService(ILS)
Gatekeeper
MulticastGatekeeper
DNS
ActiveDirectoryDirectoryServices
LocalNetwork
ApplyingRulestoCalls
InboundCalls
OutboundCalls
LessonSummary
Review
Chapter9MonitoringandOptimizingISASewerPerformance
AboutThisChapter
BeforeYouBegin
LessonlConfiguringAlerts
PreconfiguredAlerts
AlertConditions
EventLocation
EventThresholds
AlertsAction
ISAServerEvents
Practice:ConfiguringanAlertstoSendanE-mailMessage
Exercise:ConfiguringtheIntrusionDetectedAlertstoSendYouanE-mailMessage
LessonSummary
Lesson2LoggingISAServerActivity
ManagingISAServerLogs
LoggingtoaFile
W3CFormat
ISAFormat
LogFileNames
LogFileOptions
LoggingtoaDatabase
LoggingPackets
FirewallandWebfoxyLogFields
PacketFilterLogFields
Practice:ReadingWebLogs
Exercise:AnalyzingaWebLog
LessonSummary
Lesson3CreatingISAServerReports
ConfiguringReports
ViewingReports
SummaryReports
WebUsageReports
ApplicationUsageReports
Traffic&UtilizationReports
SecurityReports
ConfiguringReportJobs
ReportJobCredentials
ConfiguringReportLogSummaries
ReportDatabase
Practice:CreatingandViewingReports
Exercise1:CreatingaReportJob
Exercise2:ViewingReports
LessonSummary
Lesson4ControllingBandwidth
DeterminingEffectiveBandwidth
EffectiveBandwidthforDial-upConnections
EffectiveBandwidthforDedicatedNetworkConnections
ConfiguringBandwidthPriorities
ConfiguringBandwidthRules
RuleOrder
DefaultBandwidthRule
Practice:CreatingaBandwidthRule
Exercisel:CreatingaNewBandwidthPriorityPolicyElement
Exercise2:CreatingaNewBandwidthRule
LessonSummary
Lesson5AdditionalTuningandMonitoringTools
TuningISAServerPerformance
TuningCachePerformance
ISAServerPerformanceObjectsandCounters
ISASewerPerformanceMonitor
PerformanceObjectsandCountersIncludedinISAServer
LessonSummary
Review
Chapter10TroubleshootingISAServer
AboutThisChapter
BeforeYouBegin
LessonlTroubleshootingToolsinISAServer
TroubleshootingTools
ISAServerReports
EventViewer
PerformanceMonitor
Netstat
Telnet
NetworkMonitor
TheRoutingTable
TheRouteDeterminationProcess
TroubleshootingRoutingTables
Practice:TestingPortStatus
Exercise:TestingISAServerports
LessonSummary
Lesson2TroubleshootingStrategiesinISAServer
TroubleshootingUserAccess
Authentication
TroubleshootingPacket-BasedAccessProblems
VPNNetworkConsiderations
AdditionalTroubleshootingNotes
LessonSummary
Review
AppendixAQuestionsandAnswers
AppendixBDeployingandAdministeringISASewerinaComplexNetwork
AboutThisAppendix
BeforeYouBegin
ScenarioBackground
Questions
AppendixCEventMessages
AlertEventMessages
BandwidthEventMessages
CacheEventMessages
CommonServiceEventMessages
Dial-upConnectionEvents
FirewallServiceEventMessages
WinsockErrorCodeMessages
IntrusionDetectionEventMessages
LogEventMessages
ControlServiceEventMessages
PacketFilterEventMessages
ServerEventMessages
WebProxyServiceEventMessages
HTTPMessages
HTMLMessages
GopherMessages
FTPMessages
InternetMessages
AppendixDGlossary
Index