 |
|
|
|
|
| Key Benefits |
|
| |
1. Multilayered firewall security |
11. Scheduled caching |
|
12. Centralized firewall manage
|
3. Smart application filtering
|
13. Policy-based access control
|
4. Secure server publishing
|
14. Simplified management
|
5. Intrusion detection and intrusion prevention
|
15. Active Drectory integration
|
6. Integrated virtual private networking
|
16. Graphical taskpads and configuration wizards
|
|
|
8. Stronge user authentication
|
18. Centralized monitoring
|
|
19. Logging, reporting, and aler
|
10. High-performance Web caching
|
20. User-level management
|
|
|
|
|
| |
 |
|
 |
|
| |
| |
1. Multilayered firewall security |
|
| With the Microsoft ISA Server 2006 Security Firewall organizations can maximize security with packet, circuit, and application-level traffic filtering. |
| 2. Stateful inspection |
| The Microsoft ISA Server 2006 Security Firewall dynamically and intelligently performs stateful packet filtering (stateful packet inspection) and stateful application-layer inspection of traffic crossing the firewall. This ensures integrity of communications and prevents security breaches by intruders, hackers, worms, viruses, and suspicious command strings. Stateful inspection is done in the context of both the application-layer protocol and the state of the connection. |
| 3. Smart application filtering |
| The Microsoft ISA Server 2006 Security Firewall goes beyond basic application filtering by controlling application-specific traffic with application, command, and data-aware filters. Through intelligent filtering of VPN, HTTP, FTP, SMTP, POP3, DNS, H.323 conferencing, streaming media, and RPC traffic, ISA Server 2006 can accept, reject, redirect, and modify traffic based on its contents. |
| 4. Secure server publishing |
| The Microsoft ISA Server 2006 Security Firewall's secure server publishing helps protect Web servers, e-mail servers, and e-commerce applications from external attacks. ISA Server 2006 adds a layer of security by impersonating the published server. Web publishing rules protect internal Web servers by allowing you to specify which computers can be accessed. Server publishing rules protect internal servers from unwarranted access by external users. Intelligent application filtering protects all published servers from external attack. |
| 5. Intrusion detection and intrusion prevention |
| Using the Microsoft ISA Server 2006 Security Firewall's integrated intrusion detection capabilities based on technology from Internet security systems, ISA Server 2006 generates an alert and executes an action if it detects a network intrusion attempt (such as port scanning, WinNuke, or ping of death). |
| 6. Integrated virtual private networking |
| By integrating Microsoft ISA Server 2006 Security Firewall services with the VPN services of Windows Server 2003, ISA Server 2006 enables you to provide standards-based secure remote access to connect branch offices and remote users to corporate networks. You can apply the ISA Server 2006 firewall policy to VPN connections to gain fine-tuned control over the resources and protocols that VPN users can access. |
| 7. Firewall transparency |
| Microsoft ISA Server 2006 Security Firewall's secureNAT provides transparent firewall access through the ISA Server 2006 computer and protection for all IP clients on ISA Server 2006-protected networks, with no client software or configuration necessary, by substituting a globally valid IP address for an internal IP address. Sophisticated application-layer filters provide complex protocol support for SecureNAT clients. |
| 8. Stronge user authentication |
| The Microsoft ISA Server 2006 Security Firewall supports strong user authentication with integrated Windows authentication (Windows NT/LAN Manager and Kerberos) for its firewall and Web proxy clients. For Web proxy clients, the product supports client certificates as well as digest, basic, forms-based, and anonymous Web authentication. ISA Server 2006 Enterprise Edition can authenticate users against the local user database on the firewall in Active Directory, or it can use RADIUS to authenticate against any RADIUS-compliant directory. |
| 9. SSl-to-SSL bridging |
| For Web servers that require authenticated and encrypted client access, ISA Server 2006 provides end-to-end security and application-layer filtering using SSL-to-SSL bridging. Unlike most firewalls, ISA Server 2006 inspects encrypted data before it reaches the Web server. The firewall decrypts the SSL stream, performs stateful inspection, and then re-encrypts the data and forwards it to the published Web server. |
| 10. High-performance Web caching |
| The Microsoft ISA Server 2006 Security Firewall uses fast random access memory (RAM) caching and an optimized disk cache to accelerate Web performance, both for ISA Server 2006-protected network clients accessing Internet Web servers and for Internet users accessing content on a corporate Web server. |
| 11. Scheduled caching |
| You can preload the cache with entire Web sites on a defined schedule. Scheduled downloads ensure up-to-date cache content for every user while also making content on offline Web servers available to your users. |
| 12. Centralized firewall manage |
| You can manage all ISA Server 2006 computers from a single, centralized management console. The ISA Server 2006 management console allows you to configure and manage hundreds of ISA Server 2006 computers and Web caching servers from a single location. |
| 13. Policy-based access control |
| You can control inbound and outbound access according to user, group, application, source, destination, content, and schedule. ISA Server 2006 firewall policy wizards specify which sites and content are accessible, whether a particular protocol is accessible for both inbound and outbound communication, and whether communication between specified IP addresses, using specified protocols and ports, should be allowed or denied. |
| 14. Simplified management |
| ISA Server 2006 enables you to copy your entire firewall configuration to an .xml file. This .xml file can be copied to removable media or sent through secure e-mail to other firewall administrators. You can easily create a standardized firewall configuration throughout your organization or deploy it using these configuration files. You can also copy selected elements, such as VPN configuration or firewall policy rules, to an .xml file and import them. |
| 15. Active Drectory integration |
| ISA Server 2006 can leverage the user database stored in Active Directory to authenticate both inbound and outbound access through the firewall. Active Directory integration is available even when the ISA Server 2006 computer is not a member of an Active Directory domain. |
| 16. Graphical taskpads and configuration wizards |
| Graphical taskpads and configuration wizards help you simplify configuration of common firewall tasks. For example, wizards can publish Exchange Server-based servers on the network behind the ISA Server 2006 computer, configure the computer to be a remote access VPN server or gateway, or create a new firewall rule |
| 17. Remote management |
| You can manage ISA Server 2006 remotely through a Microsoft Management Console (MMC), Windows Server 2006 Remote Desktop, Windows 2006 Terminal Services, and command-line scripts. |
| 18. Centralized monitoring |
| You can monitor servers in all arrays from a single location with the ISA Server 2006 centralized monitoring feature. Any firewall administrator with the proper credentials can monitor all servers in any array from a centralized management console environment. |
| 19. Logging, reporting, and aler |
| ISA Server 2006 provides detailed security and access logs in standard data formats, such as delimited text files, Microsoft SQL Server databases, or SQL Server 2006 Desktop Engine (MSDE) databases. You can run scheduled built-in reports on Web usage, application usage, network traffic patterns, and security, and you can automatically publish these reports to a local folder or a remote file share. Event-driven alerts can trigger e-mail messages to administrators, start and stop firewall services, and take automated action based on alert criteria. |
| 20. User-level management |
| For ISA Server 2006 Web proxy and firewall clients, you can restrict access through the firewall based not only on IP addresses but also on user names. This group-based and user-based access control provides you with granular control over inbound and outbound access for all protocols |
