Isa 1
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Isa 1 as PDF for free.
More details
- Words: 688
- Pages: 19
1
ISA SERVER
What is ISA Server? It is a proxy server & web caching server It is a firewall designed to ensure all unwanted traffic from the internet is kept out of the organization s network (Private network).
2
PROXY SERVER It s a server which emulates as a web server
Response from Cache
Client 10.0.0.3
Response Cached
Proxy Server 10.0.0.1 Client 10.0.0.2
3
FIREWALL
Firewall
protects
networked
computer
from
intentional hostile intrusions. Types of Firewall Software Firewall ISA Server, Smooth wall, Checkpoint, Clavister etc Hardware Firewall Cisco Pix, Watch Guard, Multicom Ethernet III etc
4
Versions of ISA
ISA Server 2000 ISA Server 2004 ISA Server 2006
5
Flavors of ISA SERVER
ISA Server Standard Edition ISA Server Enterprise Edition
6
Standard Edition
Standard edition is used if you deploy a single ISA server for a specific role that is proxy server or firewall etc. Standard edition stores its configuration in the local registry. Standard edition doesn t support array policies
7
Enterprise Edition
Enterprise edition is used if you deploy multiple ISA servers in each role. Enterprise edition stores its configuration in a separate
directory
that
is
its
store
in
active
directory application mode. Enterprise edition supports cache array routing protocol
8
Arrays
Arrays are groups of ISA servers that share the same array policy which is a set of configuration settings that apply to an array. Arrays are used for providing Load Balancing Fault Tolerance Scalability All the servers in the array should be in the same domain
9
Benefits of ISA SERVER 2004 Advanced Advanced Protection Protection
Multi-layer packet inspection inspection Unified firewall and VPN VPN server server Multi-networking Application-layer filtering
Ease Ease of of Use
Efficient Efficient management management tools tools Network templates templates Product integration Ease of use for clients
Enhanced Enhanced Performance Performance
Optimized for performance performance Integrated functionality functionality Scalability Web caching
10
How ISA Server works as a Firewall
ISA Server 2004 uses three types of filtering roles to block or allow the network traffic. They are Packet Filtering Statefull Filtering Application Filtering
11
Packet Filtering
Packets are allowed and dropped based on source and destination Ip or sources and Destination ports. When a packet is arrived ISA server checks source Ip, destination Ip & Port information against it firewall
rules,
if
it
packet
allowed
to
the
destination or else it is dropped.
12
Packet Filtering Is the Source address allowed? Destination address allowed? Protocol allowed? Web Web Server Server
Destination port allowed?
ISA ISA Server Server
Packet Packet Filter Filter
13
Statefull Filtering
Statefull
Filtering
uses
a
more
thorough
examination of network packet to make decisions whether to forward it or not. When
ISA
server
uses
Statefull
inspection
it
examines IP & TCP headers to determine the state of within context of previous packets that have passed through ISA server or of TCP session
14
Statefull Filtering
Connection Rules Create connection rule Is packet part of a connection?
Web Web Server Server
Web Web Server
ISA ISA Server Server
15
Application Layer Filtering
Application Layer Filtering examines the actual content of a packet to determine if the packet can be forwarded through the firewall. Application filter opens the entire packet examines the actual data in it before making a forwarding decision.
16
Application Layer Filtering
Get www.zoomgroup.com www.zoomgroup.com
Get method method allowed? allowed?
Respond Respond to client client
Web Web Server Server
ISA ISA Server Server Does Does the the response response contain contain only only allowed allowed content content and and methods? methods?
17
How ISA server works as Proxy & Cache Server
ISA server works as proxy server by acting as a web server to the internal clients It also caches the information, thus providing faster internet access to the clients. LAN
ISA Server
Web Server Server
Firewall
Internet
User
18
How ISA server works as Proxy & Cache Server
Forward Caching Forward caching occurs when the user on the corporate network makes a request for the web content located on the internet web server. Reverse Caching It occurs when the users on the internet request for the web content present on corporate network.
19
ISA SERVER
What is ISA Server? It is a proxy server & web caching server It is a firewall designed to ensure all unwanted traffic from the internet is kept out of the organization s network (Private network).
2
PROXY SERVER It s a server which emulates as a web server
Response from Cache
Client 10.0.0.3
Response Cached
Proxy Server 10.0.0.1 Client 10.0.0.2
3
FIREWALL
Firewall
protects
networked
computer
from
intentional hostile intrusions. Types of Firewall Software Firewall ISA Server, Smooth wall, Checkpoint, Clavister etc Hardware Firewall Cisco Pix, Watch Guard, Multicom Ethernet III etc
4
Versions of ISA
ISA Server 2000 ISA Server 2004 ISA Server 2006
5
Flavors of ISA SERVER
ISA Server Standard Edition ISA Server Enterprise Edition
6
Standard Edition
Standard edition is used if you deploy a single ISA server for a specific role that is proxy server or firewall etc. Standard edition stores its configuration in the local registry. Standard edition doesn t support array policies
7
Enterprise Edition
Enterprise edition is used if you deploy multiple ISA servers in each role. Enterprise edition stores its configuration in a separate
directory
that
is
its
store
in
active
directory application mode. Enterprise edition supports cache array routing protocol
8
Arrays
Arrays are groups of ISA servers that share the same array policy which is a set of configuration settings that apply to an array. Arrays are used for providing Load Balancing Fault Tolerance Scalability All the servers in the array should be in the same domain
9
Benefits of ISA SERVER 2004 Advanced Advanced Protection Protection
Multi-layer packet inspection inspection Unified firewall and VPN VPN server server Multi-networking Application-layer filtering
Ease Ease of of Use
Efficient Efficient management management tools tools Network templates templates Product integration Ease of use for clients
Enhanced Enhanced Performance Performance
Optimized for performance performance Integrated functionality functionality Scalability Web caching
10
How ISA Server works as a Firewall
ISA Server 2004 uses three types of filtering roles to block or allow the network traffic. They are Packet Filtering Statefull Filtering Application Filtering
11
Packet Filtering
Packets are allowed and dropped based on source and destination Ip or sources and Destination ports. When a packet is arrived ISA server checks source Ip, destination Ip & Port information against it firewall
rules,
if
it
packet
allowed
to
the
destination or else it is dropped.
12
Packet Filtering Is the Source address allowed? Destination address allowed? Protocol allowed? Web Web Server Server
Destination port allowed?
ISA ISA Server Server
Packet Packet Filter Filter
13
Statefull Filtering
Statefull
Filtering
uses
a
more
thorough
examination of network packet to make decisions whether to forward it or not. When
ISA
server
uses
Statefull
inspection
it
examines IP & TCP headers to determine the state of within context of previous packets that have passed through ISA server or of TCP session
14
Statefull Filtering
Connection Rules Create connection rule Is packet part of a connection?
Web Web Server Server
Web Web Server
ISA ISA Server Server
15
Application Layer Filtering
Application Layer Filtering examines the actual content of a packet to determine if the packet can be forwarded through the firewall. Application filter opens the entire packet examines the actual data in it before making a forwarding decision.
16
Application Layer Filtering
Get www.zoomgroup.com www.zoomgroup.com
Get method method allowed? allowed?
Respond Respond to client client
Web Web Server Server
ISA ISA Server Server Does Does the the response response contain contain only only allowed allowed content content and and methods? methods?
17
How ISA server works as Proxy & Cache Server
ISA server works as proxy server by acting as a web server to the internal clients It also caches the information, thus providing faster internet access to the clients. LAN
ISA Server
Web Server Server
Firewall
Internet
User
18
How ISA server works as Proxy & Cache Server
Forward Caching Forward caching occurs when the user on the corporate network makes a request for the web content located on the internet web server. Reverse Caching It occurs when the users on the internet request for the web content present on corporate network.
19
