Introduction to isa 2004
1 / 39

Introduction to ISA 2004 - PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Introduction to ISA 2004. Dana Epp Microsoft Security MVP. Who am I?. Microsoft Windows Security MVP. Information Security Professional. Computer Security Software Architect. Small Business Owner. What do I know about firewalls?. I’ve written firewall code.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Introduction to ISA 2004

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Introduction to ISA 2004

Dana Epp

Microsoft Security MVP

Who am I?

Microsoft Windows Security MVP

Information Security Professional

Computer Security Software Architect

Small Business Owner

What do I know about firewalls?

I’ve written firewall code

I’ve deployed firewalls(big and small)

  • 100’s of small businesses

  • Many different verticals

    • Manufacturing

    • Medical

    • Professional Services

    • Educational

    • Financial

    • etc

I’ve invented new firewalls

I know a bit about them.

ISA Server 2004



Content filtering

application publishing

content filtering


advanced application layer firewall

advanced application layer firewall / vpn

What’s the differencebetween ISA and other SMB firewalls?

Differences in SMB Firewalls

Typical Hardware


Advanced Hardware





ISA 2004

Simple Ingress Filtering

Simple Egress Filtering

Complex Ingress Filtering



Complex Egress Filtering

Application Content Filtering

Virtual Private Networking

Web Caching

Some have limited VPN

AD Authentication

Patch management issues for the firewall

What’s the important difference?

IP Header

Source Address,Dest. Address,TTL, Checksum

TCP Header

Sequence NumberSource Port,Destination Port,Checksum

Application Layer Content


  • Forwarding decisions based on port numbers

    • Legitimate traffic and application layer attacks use identical ports

Corporate Network


Expected HTTP Traffic

Unexpected HTTP Traffic


Non-HTTP Traffic

A traditional firewall’s view of a packet

  • Only packet headers are inspected

    • Application layer content appears as “black box”

Problem. UFBP!

  • Packet headers and application content are inspected

IP Header

Source Address,Dest. Address,TTL, Checksum

TCP Header

Sequence NumberSource Port,Destination Port,Checksum

Application Layer Content

<html><head><meta http- quiv="content-type" content="text/html; charset=UTF-8"><title>MSNBC - MSNBC Front Page</title><link rel="stylesheet"

  • Forwarding decisions based on content

    • Only legitimate and allowed traffic is processed

Corporate Network


Expected HTTP Traffic

Unexpected HTTP Traffic


Non-HTTP Traffic

ISA Server’s view of a packet

What’s new in ISA 2004?

Updated security architecture

Advanced Protection

Application layer security designed to protect Microsoft applications

Deep content inspection

  • Enhanced, customizable HTTP protocol filters

  • Comprehensive and flexible policies

  • Stateful routing for all IP protocols

Enhanced Exchange Server Integration

  • Support for Outlook RPC over HTTP

  • Enhanced Outlook Web Access security

  • Easy to use configuration wizards

Fully integrated VPN

  • Unified firewall -- VPN filtering

  • Site-to-site IPsec Tunnel Mode support

  • Network access quarantine

Secure Internet Information Server and SPS

  • SSL Bridging for IIS and SPS

  • Easy to use Web publishing wizards

  • AD, RADIUS, SecurID authentication

New management tools and UI

Ease of Use

Efficient and cost effective network security

Multi-network architecture

  • Unlimited network definitions and types

  • Firewall policy applied to all traffic

  • Per network routing relationships

Network templates and wizards

  • Wizard simplifies routing configuration

  • Easy setup for common network topologies

  • Easily customized for sophisticated scenarios

Visual policy editor

  • Firewall policy with single, ordered rule-base

  • Drag and drop editing, scenario-driven wizards

  • XML-based configuration import and export

Enhanced trouble-shooting

  • Monitoring dashboard

  • Real-time log viewer

  • Content sensitive task panes

Commitment to integration

Fast, Secure Access

Empowers you to connect users to relevant information on yournetwork in a cost efficient manner

Enhanced architecture

  • High speed data transport

  • Utilizes latest Windows and PC hardware

  • High speed application filtering platform

Web cache

  • Updated policy rules

  • Serve content locally

  • Pre-fetch content during low activity periods

Internet access control

  • User- and group-based Web usage policy

  • Extensible by third parties

Comprehensive authentication

  • New support for RADIUS and RSA SecurID

  • User- and group-based access policy

  • Third-party extensibility

Sample Scenarios

Scenario: Securely make email available to outside employees

Solution: Outlook over RPC, OMA, Virtual Private Networking

Scenario: Control Internet access and protect clients from malicious Internet traffic

Solution: Content filtering, scheduled access, firewall client

Scenario: Ensure fast access to the most frequently used web content

Solution: Web Proxy

Call to Action

  • Give ISA 2004 a try

  • Consider buying SBS Premium instead of SBS Standard.

  • If managing hardware firewalls, CHECK FOR FIRMWARE UPDATES.

For more information:

Amy’s ISA in SBS blog:

ISA Server Resource site

Dana’s security blog:

Firewall Dashboard

Dana Epp

Microsoft Security MVP

  • Login