Introduction to ISA 2004 - PowerPoint PPT Presentation

1 / 39
About This Presentation
Title:

Introduction to ISA 2004

Description:

Title: Firewall Analytics Author: Dana Epp Last modified by: Dana Epp Created Date: 3/21/2006 7:18:45 AM Document presentation format: On-screen Show – PowerPoint PPT presentation

Number of Views:265
Avg rating:3.0/5.0
Slides: 40
Provided by: Dana104
Category:

less

Transcript and Presenter's Notes

Title: Introduction to ISA 2004


1
Introduction to ISA 2004
Dana Epp Microsoft Security MVP
2
(No Transcript)
3
Who am I?
4
Microsoft Windows Security MVP
5
Information Security Professional
6
Computer Security Software Architect
7
Small Business Owner
8
What do I know about firewalls?
9
Ive written firewall code
10
(No Transcript)
11
Ive deployed firewalls(big and small)
12
(No Transcript)
13
(No Transcript)
14
(No Transcript)
15
  • 100s of small businesses
  • Many different verticals
  • Manufacturing
  • Medical
  • Professional Services
  • Educational
  • Financial
  • etc

16
Ive invented new firewalls
17
(No Transcript)
18
I know a bit about them.
19
ISA Server 2004
caching
caching
Content filtering
application publishing
content filtering
application publishing
advanced application layer firewall
advanced application layer firewall / vpn
20
Whats the differencebetween ISA and other SMB
firewalls?
21
Differences in SMB Firewalls
Typical Hardware Firewall
Advanced Hardware Firewall
Microsoft ISA 2004
NAT Device
Simple Ingress Filtering
Simple Egress Filtering
Complex Ingress Filtering
Rarely available
Complex Egress Filtering
Application Content Filtering
Virtual Private Networking
Web Caching
Some have limited VPN
AD Authentication
22
Patch management issues for the firewall
23
Whats the important difference?
24
A traditional firewalls view of a packet
  • Only packet headers are inspected
  • Application layer content appears as black box

25
Problem. UFBP!
26
ISA Servers view of a packet
27
Whats new in ISA 2004?
28
Updated security architecture
Advanced Protection Application layer security
designed to protect Microsoft applications
Deep content inspection
  • Enhanced, customizable HTTP protocol filters
  • Comprehensive and flexible policies
  • Stateful routing for all IP protocols

Enhanced Exchange Server Integration
  • Support for Outlook RPC over HTTP
  • Enhanced Outlook Web Access security
  • Easy to use configuration wizards

Fully integrated VPN
  • Unified firewall -- VPN filtering
  • Site-to-site IPsec Tunnel Mode support
  • Network access quarantine

Secure Internet Information Server and SPS
  • SSL Bridging for IIS and SPS
  • Easy to use Web publishing wizards
  • AD, RADIUS, SecurID authentication

29
New management tools and UI
Ease of Use Efficient and cost effective network
security
Multi-network architecture
  • Unlimited network definitions and types
  • Firewall policy applied to all traffic
  • Per network routing relationships

Network templates and wizards
  • Wizard simplifies routing configuration
  • Easy setup for common network topologies
  • Easily customized for sophisticated scenarios

Visual policy editor
  • Firewall policy with single, ordered rule-base
  • Drag and drop editing, scenario-driven wizards
  • XML-based configuration import and export

Enhanced trouble-shooting
  • Monitoring dashboard
  • Real-time log viewer
  • Content sensitive task panes

30
Commitment to integration
Fast, Secure Access Empowers you to connect users
to relevant information on yournetwork in a cost
efficient manner
Enhanced architecture
  • High speed data transport
  • Utilizes latest Windows and PC hardware
  • High speed application filtering platform

Web cache
  • Updated policy rules
  • Serve content locally
  • Pre-fetch content during low activity periods

Internet access control
  • User- and group-based Web usage policy
  • Extensible by third parties

Comprehensive authentication
  • New support for RADIUS and RSA SecurID
  • User- and group-based access policy
  • Third-party extensibility

31
Sample Scenarios
32
Scenario Securely make email available to
outside employees
33
Solution Outlook over RPC, OMA, Virtual Private
Networking
34
Scenario Control Internet access and protect
clients from malicious Internet traffic
35
Solution Content filtering, scheduled access,
firewall client
36
Scenario Ensure fast access to the most
frequently used web content
37
Solution Web Proxy
38
Call to Action
  • Give ISA 2004 a try
  • Consider buying SBS Premium instead of SBS
    Standard.
  • If managing hardware firewalls, CHECK FOR
    FIRMWARE UPDATES.

39
For more information
  • Amys ISA in SBS blog
    http//isainsbs.blogspot.com
  • ISA Server Resource site
    http//www.isaserver.org
  • Danas security blog
    http//silverstr.ufies.org
  • Firewall Dashboard http//www.scorpionsof
    t.com

Dana Epp Microsoft Security MVP
Write a Comment
User Comments (0)
About PowerShow.com