ISA Server 2004
Components of ISA Server:
- Firewall
- Caching Server
- VPN Server
History:
- 1996: Proxy Server 1.0
- 1997: Proxy Server 2.0
- Array functionality added
- Cache Array Routing Protocol (CARP)
- FTP and HTTP Caching are supported
- Unified Management Added
- ISA Server 2000
- New name due to many non-proxy enhancements
- Added VPN, IDS, and Email Screening
- ISA Server 2004
- More user-friendly
- New features and capabilities
New features since ISA Server 2000
Networking Improvements
- Multiple network support, no longer limited by LAT configuration
- Network polices for each defined network
- NAT/Routing options between any network
- New network template wizards for common network designs
VPN Improvements
- True VPN management and integration
- VPN clients are treated as a separate network
- Industry-standard IPSec VPN support
- VPN client quarantine functions
Firewall improvements
- Support added for all major IP protocols
- Rules based on user authentication, and additional authentication methods have been added.
- Publishing features improved
Cache Improvements
- More flexibility in choosing what to cache
Management Improvements
- Redesigned interface
- Import/Export configuration to XML
- Dashboard
- Live log file views
- Improved reporting features
ISA Server 2000 features missing from ISA Server 2004
- H.323 Gatekeeper / Gateway
- Live Media Stream Splitting
- Bandwidth Control
- Active Caching
$1200 for the Standard edition, $5200 for the Enterprise edition
Standard is designed to be an all-in-one box, max 4 CPUs, max 2GB RAM, max 1000 VPN connections
Enterprise edition is used for arrays, with no limits other than the server's capacity
Alternatives
- Checkpoint
- 48% share of firewall software
- Software-based Checkpoint NG - Firewall-1 and VPN-1 products
- Installs on top of many operating systems without OS integration.
- licensed based on the number of IPs used
- Many additional features require licensing
- From $399 for branch offices, $24,000 for an enterprise solution
- $5000 for 100 IPs, SecureClient $2300 for 100 IPs
- Does not support web caching out of the box
- Cisco Pix
- 34% share on firewall appliances
- PIX 501 $500-$800 to PIX 535 $20,000-$24,000
- Runs on a proprietary hardened OS built for security
- Can do application-based filtering using fixup-protocols
- VPN enforcement with Cisco VPN client, free with support contract
- Web caching add-on with Cisco Content Engine
- Netscreen
- Acquired by Juniper Networks
- 5XP $500, 50, $5700, 200 $10000, 5200 $100000
- Add-on costs can be significant for VPN and IDS
- ISA server competes with the 200 series and below
- Runs on proprietary ASIC-based hardware
- VPN client licenses cost extra
- No caching solutions
- SonicWall
- $450 - $5000
- Content filtering service $700-$1000 per year
- Add-ons for virus protection, management systems, and support contact
- plug and play solution
- Two versions of SonicOS, standard and enhanced
- Caching add-on fees
- A proprietary VPN client at an extra cost
ISA 2004 - Design and Installation
Designs and installation of Microsoft ISA Sever 2004
Craig Garnham
ISA 2004 - Initial Configuration
Microsoft ISA Server 2004 - Initial Configuration after installation
Craig Garnham
ISA 2004 - Client Types
Microsoft ISA Server 2004 - Client Types Overview
Craig Garnham
