Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 172 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
172
Dung lượng
4,39 MB
Nội dung
Contents
Overview 1
Introducing ISA Server 2
Using Caching 8
Using Firewalls 11
Deployment Scenarios for ISA Server 18
Review 23
Module 1: Overview of
Microsoft ISA Server
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
2000 Microsoft Corporation. All rights reserved.
Microsoft, BackOffice, MS-DOS, Windows, Windows NT, <plus other appropriate product
names or titles. The publications specialist replaces this example list with the list of trademarks
provided by the copy editor. Microsoft is listed first, followed by all other Microsoft trademarks
in alphabetical order. > are either registered trademarks or trademarks of Microsoft Corporation
in the U.S.A. and/or other countries.
<The publications specialist inserts mention of specific, contractually obligated to, third-party
trademarks, provided by the copy editor>
Other product and company names mentioned herein may be the trademarks of their respective
owners.
Module 1: Overview of Microsoft ISA Server iii
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
Instructor Notes
Instructor_notes.doc
Module 1: Overview of Microsoft ISA Server 1
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
Overview
!
Introducing ISA Server
!
Using Caching
!
Using Firewalls
!
Deployment Scenarios for ISA Server
The Internet enables organizations to connect with customers, partners, and
employees. While this presents new business opportunities, it can also cause
concerns about security, performance, and manageability.
Microsoft
®
Internet Security and Acceleration (ISA) Server 2000 is designed to
address the needs of today’s Internet-enabled businesses. ISA Server includes
caching features that enables an organization to save network bandwidth and
provide faster Web access for users. ISA Server includes a firewall service that
helps protect network resources from unauthorized access from outside the
organization’s network, while enabling efficient authorized access. Finally, ISA
Server includes management and administration features that enable an
organization to centrally control and manage Internet use and access.
After completing this module, you will be able to:
!
Explain the use of ISA Server.
!
Describe the concept of caching.
!
Describe the concept of firewalls.
!
Identify the deployment scenarios for ISA Server.
Topic Objective
To provide an overview of
the module topics and
objectives.
Lead-in
In this module, you will learn
about the use of ISA Server
as a cache server and an
enterprise firewall.
2 Module 1: Overview of Microsoft ISA Server
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
#
##
#
Introducing ISA Server
!
ISA Server Editions
!
Benefits of ISA Server
!
Installation Modes
ISA Server is an enterprise firewall and cache server built on the Microsoft
Windows
®
2000 operating system that provides policy-based access control,
acceleration, and management of internetworking. ISA Server is available in
two editions that are designed to meet the business and networking needs of
your organization. Whether deployed as dedicated components or as an
integrated firewall and caching server, ISA Server provides organizations with a
unified management console that is designed to simplify security and access
management.
Topic Objective
To introduce ISA Server.
Lead-in
ISA Server provides benefits
and deployment options to
help an organization
manage Internet security
and access.
Module 1: Overview of Microsoft ISA Server 3
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
ISA Server Editions
!
ISA Server Enterprise Edition
!
ISA Server Standard Edition
ISA Server is available in two editions that are designed to meet the business
and networking needs of your organization.
ISA Server Enterprise Edition
The enterprise edition is designed to meet the performance, management, and
scalability needs of high volume Internet traffic environments with centralized
server management, multiple levels of access policy, and fault-tolerant
capabilities. The enterprise edition provides secure, scaleable, fast Internet
connectivity for mission-critical environments.
ISA Server Standard Edition
The standard edition provides enterprise-class firewall security and Web
caching capabilities for small business, workgroups and departmental
environments. The standard edition provides robust security, fast web access,
intuitive management and excellent price/performance for business-critical
environments.
Topic Objective
To identify the ISA Server
editions.
Lead-in
ISA Server is available in
two editions that are
designed to meet the
business and networking
needs of your organization.
4 Module 1: Overview of Microsoft ISA Server
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
Benefits of ISA Server
Caching
Caching
Caching
Fast Access with a High-Performance Web Cache
Fast Access with a High-Performance Web Cache
Security
Security
Security
Enterprise Security Through a Multilayered Firewall
Enterprise Security Through a Multilayered Firewall
Management
Management
Management
Extensibility
Extensibility
Extensibility
Powerful Management with Integrated Administration
Powerful Management with Integrated Administration
Extensible and Customizable Platform
Extensible and Customizable Platform
ISA Server is a key member of the .NET Enterprise Server family. The
products in .NET Enterprise Servers are Microsoft’s comprehensive family of
server applications for building, deploying and managing scalable, integrated,
Web-based solutions and services. ISA Server offers several benefits to
organizations that want fast, secure, and manageable Internet connectivity.
Fast Access with a High-Performance Web Cache
ISA Server provides the following Web performance benefits:
!
Provides faster Web access for users by retrieving objects locally rather than
over a slower connection to the potentially congested Internet.
!
Reduces bandwidth costs by reducing network traffic.
!
Distributes the content of Web servers and e-commerce applications
efficiently and cost-effectively to reach customers worldwide.
The capability for distributing Web content is only available in ISA
Server Enterprise Edition.
Enterprise Security Through a Multilayered Firewall
ISA Server provides the following security benefits:
!
Protects networks from unauthorized access.
!
Protects Web, e-mail, and other application servers from external attacks by
using Web publishing and server publishing to securely process incoming
requests to internal servers.
!
Filters incoming and outgoing network traffic to ensure security.
!
Enables secure access for authorized users from the Internet to the internal
network by using virtual private networks (VPNs).
Topic Objective
To describe the benefits
offered by ISA Server.
Lead-in
ISA Server offers an
organization several
benefits for Internet
connectivity.
Delivery Tip
The slide for this topic
includes animation. Click or
press the SPACEBAR to
advance the animation.
Delivery Tip
To present more information
about the .NET Enterprise
Server family, play the .NET
Enterprise Servers
animation. The animation is
included on the Trainer
Materials Compact Disc.
Note
Module 1: Overview of Microsoft ISA Server 5
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
Powerful Management with Integrated Administration
ISA Server provides the following management benefits:
!
Controls access centrally to ensure and enforce corporate policies.
!
Improves productivity by limiting Internet use to approved applications and
destinations.
!
Allocates bandwidth to match business priorities.
!
Provides monitoring tools and produces reports that show how Internet
connectivity is used.
Extensible and Customizable Platform
ISA Server provides the following extensibility and customization benefits:
!
Addresses security and performance needs that are specific to an
organization by using ISA Server Software Development Kit (SDK) for in-
house development of add-on components.
!
Extends security and management functionality with third-party solutions.
!
Automates administrative tasks with scriptable Component Object Model
(COM) objects.
6 Module 1: Overview of Microsoft ISA Server
BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY
Installation Modes
!
Cache Mode
!
Firewall Mode
!
Integrated Mode
!
Features Available with Each Mode
You can install ISA Server in three different modes: cache mode, firewall
mode, and integrated mode.
Cache Mode
In cache mode, you can improve network performance and save bandwidth by
storing frequently accessed Web objects closer to the user. You can then route
requests from clients to a cache server that holds cached objects.
Firewall Mode
In firewall mode, you can secure network traffic by configuring rules that
control communication between an internal network and the Internet. You can
also publish internal servers, which enables an organization to share data on its
network with partners or customers.
Integrated Mode
In integrated mode, you can combine the firewall and cache services on a single
host computer. While organizations can deploy ISA Server as a separate
firewall or caching service, you can have a single integrated enterprise firewall
and cache server by choosing this mode.
Topic Objective
To identify the installation
modes and associated
features of ISA Server.
Lead-in
There are three modes for
installing ISA Server.
[...]... Server computer deployed as a firewall in a department/branch office scenario Lead-in A single ISA Server computer can provide Internet connectivity and security for the entire network in a department or branch office InternetInternet Branch Office Branch Office InternetInternet Service Service Provider Provider ISA Server ISA Server Actual Connection Actual Connection Perceived Connection Perceived... ISA Server 1 You are recommending an Internet solution to a small organization that wants internal employees to be able to securely gain access to the Internetand also allow users on the Internet to be able to send e-mail messages to an internal mail server Which configuration do you recommend? Integrated mode provides for secure and efficient Internet access and allows for server publishing to securely... set up an ISA Server computer as a dedicated firewall that acts as the secure gateway to the Internet for internal clients The ISA Server computer is placed between the internal network and the Internet In a small network with up to 250 clients, a single ISA Server computer can provide Internet connectivity and security for the entire network The ISA Server computer is transparent to the other parties... the Internet The client receives the object much quicker and the request requires no Internet traffic BETA MATERIALS FOR MICROSOFT CERTIFIED TRAINER PREPARATION PURPOSES ONLY 10 Module 1: Overview of Microsoft ISA Server Types of Caching Topic Objective To describes the types of caching available for ISA Server Internal Network Internal Network Forward Caching Cache InternetInternet Cache Lead-in Internet. .. Overview Topic Objective To provide an overview of the module topics and objectives ! Installing ISA Server Lead-in ! Installing and Configuring ISA Server Clients ! Maintaining an ISA Server Array In this module, you will learn about installation and maintenance tasks for ISA Server Whether you deploy Microsoft® Internet Security and Acceleration (ISA) Server as a dedicated firewall or Web cache server... network and selected computers on the internal network A three-homed firewall provides more security than a bastion host and it allows for secure access to some network resources from the Internet A bastion host depends on a single firewall to secure the entire network If an Internet user compromises the firewall, that Internet user can gain access to the organization’s internal network BETA MATERIALS FOR... branch office can reduce network traffic to the main office InternetInternet Branch Office Branch Office Main Office Main Office ISA Server ISA Server Cache In this scenario, you set up ISA Server as a cache server to reduce network traffic between a branch office and main office Because you use less network bandwidth accessing Web content, more bandwidth remains available for other applications By caching... ISA Server cache, ISA Server retrieves the object from the server on the Internet 3 The server on the Internet returns the object to the ISA Server computer The ISA Server computer retains a copy of the object in its cache and returns the object to Client 1 The time that it takes the client to receive the object and the resulting Internet traffic are approximately the same as if the client had gained... shared or public networks like the Internet Yes No Cache service Stores frequently retrieved objects and URLs in the cache drive of an ISA Server computer No Yes Packet filtering Controls the flow of IP packets to and from ISA Server computer Yes No Application filters Perform protocol-specific or systemspecific tasks, such as authentication, to provide an extra layer of security for the Firewall service... Internet Cache Lead-in Internet Internet ISA Server supports caching in three configurations Reverse Caching Web Server Web Server Internal Network Internal Network Distributed Caching Cache Cache InternetInternet Cache The caching service accelerates Web performance for both internal and external clients ISA Server supports both forward caching for outgoing requests and reverse caching for incoming . Server
Web Server
Internet
Internet
Internet
Internet
Internet
Internet
The caching service accelerates Web performance for both internal and external
clients with a High-Performance Web Cache
Security
Security
Security
Enterprise Security Through a Multilayered Firewall
Enterprise Security Through a Multilayered