Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.

Internal Network External Network

Hub

Internal Network External NetworkWS

Hub


S1

WS

Hub


S1

S2

WS

Hub


S1

S2

WS

ISA Server

What is ISA Server 2004

• Microsoft Internet Security and Acceleration (ISA) Server 2004 is the advanced stateful packet and application-layer inspection firewall, virtual private network (VPN), and Web cache solution that enables enterprise customers to easily maximize existing information technology (IT) investments by improving network security and performance. ISA Server 2004 is available in two versions: standard edition and enterprise edition.


• ISA Server is particularly well suited for protecting large enterprise network configurations requiring multiple firewall arrays in disparate locations that are running Microsoft client and server applications, such as Microsoft Office, Office Outlook Web Access 2003, Office SharePoint Portal Server 2003, Internet Information Services (IIS), Routing and Remote Access, Active Directory directory service, and many other Microsoft applications, servers, and services.


• ISA Server contains a full featured, application-layer aware firewall that helps protect organizations of all sizes from attack by both external and internal threats. ISA Server performs deep inspection of Internet protocols such as Hypertext Transfer Protocol (HTTP), which enables it to detect many threats that traditional firewalls cannot detect. The firewall also provides VPN client inspection for Microsoft Windows Server 2003-based quarantine solutions, helping to protect networks from attacks that enter through a VPN connection.

Hub


S1

S2

WS

ISA Server

AD, DNS and DHCP192.168.50.25 to 192.168.50.100

Server One•AD: Active Directory•DNS: Domain Name Services•DHCP: Dynamic Host Configuration•Start and Finish Address

– 192.168.50.25 to 192.168.50.100

•Exclusion Addresses are for Static IP like;– Servers– Routers– Gateways– Printers

Active Directory Structure

Active Directory Naming Convention

OU Group

ouComputers contains gsgComputers

ouStaff contains gsgStaff

and gsgStaffSIMSUsers

and gsgStaffOfficeUsers

ouStaff Teacher contains gsgStaffTeachers

ouStaff Admin contains gsgStaffAdmin

ouStaff Other contains gsgStaffOther

ouStaff Leavers contains gsgStaffLeavers

ouStudents contains gsgStudents

ouStudents 2003 Intake contains gsgStudents2003



etc.

ouStudent Leavers contains gsgStudentsLeavers



etc.

ouOther

Hub


S1

S2

WS

ISA Server

192.168.50.?

192.168.50.26

AD, DNS and DHCP192.168.50.25 to 192.168.50.100

Static IP Address

IP Address Issued by DHCP

Hub


S1

S2

WS

ISA Server

192

.168

.50

.10

192.168.50.?

192.168.50.26

AD, DNS and DHCP192.168.50.25 to 192.168.50.100

Hub


S1

S2

WS

ISA Server

192

.168

.50

.10

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100

Exchange Server: Preferred mail client – Outlook

RAS: Remote Access Server

Static IP Address

Server Two

• Exchange Server: • Preferred mail client – Outlook

• RAS: • Remote Access Server

Hub


S1

S2

WS

Switch

ISA Server

Automatically Obtained IP Address 10.10.10.?

192

.168

.50

.10

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Hub


S1

S2

WS

Switch

ISA Server

Nefpx3 - 80Proxy Server

10.10.10.19 : 80


192

.168

.50

.10

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Hub


S1

S2

WS

Switch

ISA Server

Hipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Hub


S1

S2

WS

Switch

ISA Server

InternetHipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Hub


S1

S2

WS

Switch

ISA Server

InternetHipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

IE Looks at192.168.50.10 :

8080

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Hub


S1

S2

WS

Switch

ISA Server

Cache, What is it

InternetHipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

IE Looks at192.168.50.10 :

8080

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



What is Cache

• An area of disk space which stores the text and graphics of a viewed web page. When the web page is revisited, the Web browser will retrieve the data from the cache instead of downloading it again to save time.

• Or, is an area on the hard disc of a computer where web pages and page elements (graphics etc) are stored when a page is downloaded from the Internet. If a page is revisited and the page, or elements of the page, are still held in cache then the computer will use the cache version to save time rather than download afresh. It also allows previously visited pages to be viewed offline.

What is Cache

Hub


S1

S2

WS

Switch

ISA Server

InternetHipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

IE Looks at192.168.50.10 :

8080

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Cache

Hub


S1

S2

WS

Switch

ISA Server

InternetHipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

IE Looks at192.168.50.10 :

8080

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Cache

Cache

Cache

Hub


S1

S2

WS

Switch

ISA Server

Cache

Cache

Cache

InternetHipxy Proxy


10.10.10.19 : 80


192

.168

.50

.10

IE Looks at192.168.50.10 :

8080

192.168.50.?

192.168.50.26

192.168.50.27

AD, DNS and DHCP192.168.50.25 to 192.168.50.100



Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.

Documents

Transcript of Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.