ISA 2000 - Server Publishing
- Reverse Proxy + Reverse Cache
- Doesn’t expose any details of the internal server, no routing
- Web Publishing Supports HTTP, HTTPS, FTP
- Server Publishing supports other services, but loses cache features
Local Domain Table (LDT)
Firewall clients use ISA as a DNS proxy.
Webproxy uses ISA as a DNS Proxy, doesn’t look at the local domain table by default.
Destination Set
Can be restricted to a virtual directory
Incoming Web Requests Listener
The default is port 80
Web Publishing
Default rule to deny the request is last to be processed.
Server Publishing
- Name the rule
- Map the addresses
- Choose the protocol (create a protocol definition)
- Select the clients
Only shows inbound protocol definitions
- You can only publish a service once per external interface
- You cannot redirect ports (Except on web server publishing)
- ISA server does not support address binding
- Publishing a web server, through server publishing, causes the loss of caching features
Mail Server Publishing
Secure mail server wizard
It is recommended not to enable Exchange/Outlook and use VPN instead. Doesn’t create rules for Outlook Web Access, use the web publishing wizard.
Message screener
Filter incoming email based on
- Attachments
- Users/domains
- Keywords
- SMTP domains
Requires the following
- ISA SMTP filter configured and active
- Server running IIS 5.0 (or later) with SMTP service running & message screener installed
- Internal mail server
Change IP to only internal, Add all domains to receive mail for
Add the Exchange server IP as a smart host, need to be in square brackets
Create an SMTP rule with the internal IP of the IIS server. Enable SMTP filter
H.323 Gatekeepers
ITU standard defining
- How audio/video connections are established
- How devices negotiate capabilities
- How audio/video codecs are used
Functions of the gatekeeper
- Watch bandwidth
- Resolve numbers and /or emails
Configured from separate section of ISA Management, need to be selected during the intial install.
