isa

What is ISA Server:-

ISA server is a upgraded version of Microsoft proxy server 2.0 with inbuilt FIREWALL

PROXY FIREWALL

Proxy server :- It’s a server which emulates as a web server

192.168.1.2

Client Proxy Server

192.168.1.1

Zoom.com

Internet

HACKING : - Taking over your resources or attempt to bring down your server

Types of ATTACK: -

1. Foot printing:- The way to know the OS and IP of server

2. Scanning:- Scanning system for bugs and loopholes

3. DOS Attacks: - Denial Of Service

4. Exploits: - Writing scripts to bring down server

5. Trojans: - Sending viruses to steal the DATA

6. Port Scan: - Scanning ports for getting into applications

ETC………

Types of Attacks

1. Foot Printing The Art of gathering the complete security profiles of an Organization or a Target Computer

By using a combination of Tools and Techniques, The Hacker can take up the system and determine itsIp address and Domain names

Types of Attacks

2. Scanning

Scanning the System for Bugs and Loopholes in O/S

Hacker uses scanning technique to determine which PortsAre open, what services are running and what is the O/S

E.G: RETINA, Shadow Security scanner, ANSIL etc

Types of Attacks

3. DOS Attack

Denial of Service attack which is an attempt to get the Services or the server down by overflowing the buffer

E.G: Win spoof 97, My Spoof

Types of Attacks

4. Exploits

Exploits are usually Bugs in Applications or O/S which can be Exploited by using a piece of Code often referred as Scripts

E.G: CGI scripts, Perl scripts etc

Types of Attacks

5. Trojan Horses

Trojan Horses is program that pretends to be a useful toolBut actually installs malicious or damaging software

Trojan Horses can be used to take over the Remote System. Sending viruses to steal the Data

E.G. Netbus , Bo2k

Types of Attacks

6. Port Scanner

Scanning the port to get into the Application

E.G: Port Scanner, etc

What is a Firewall : - A firewall protects networked computers from

intentional hostile intrusions

Software Firewall : -

Hardware Firewall : -

ISA Server

Checkpoint

Smooth wall

Cisco Pix

Watch Guard

Multicom Ethernet II…..

Types of FIREWALL

Packet Filtering

e.g.. ROUTERS

Controls data transfer based on

Source & Destination IP Address TCP/UDP Port of Source & Destination IP Address

Packets are allowed or dropped through the device depending on the Access Control List

Application Gateway

eg. PROXY SERVER

Packets are allowed based on type of application and IP address

Filter Application specific commands such as: HTTP:GET and POST etc

Application level Gateways can also be used to: To Log User Activity and Logins

Statefull Multilayer Inspection

This is a full fledged firewall which combines the aspects of other two types of firewalls and is capable of intrusion detection server publishing etc….

eg. ISA SERVER

Flavors of ISA Server

Standard Edition Enterprise Edition

Server Deployment Standalone only Multiple server with Centralized Management

Policy based

Support

Local only Enterprise and Array policies

Scalability 4 cpu’s only No limit

ISA Server requirements : -

1. Member server or Domain Controller

2. Service pack 1 or above

3. Two interface (public and private)

4. Routing and Remote Access

5. Pentium III 300MHz or above

6. 256 Mb Ram

7. 20 Mb of Hard Disk space on NTFS 5.0

Array considerations

Arrays allow a group of ISA Server computers to be treated and managed as a single, logical entity.

They provide scalability, fault tolerance, and load balancing

All array members must be in the same Windows 2000 domain and in the same site

  Array Stand-alone server

Scalability and fault tolerance

Can have one or more member servers.

Limited to only one member.

Active Directory requirement

Must be installed only in Windows 2000 domains with Active Directory installed.

No need for 2000 Domain Can be installed in Windows NT 4.0 domains. Configuration information is stored in the registry.

Enterprise policy Yes. A single policy can be applied to all arrays in the enterprise.

No. Only a local array policy can be applied.

Enterprise Vs Standalone Policies

Enterprise

Tiered Policy ISA Server Enterprise Edition supports two levels of policy: array level and enterprise level

Array

ISA SERVER MODES

1. Firewall mode

ISA SERVER MODES

1. Firewall mode

2. Cache mode

ISA SERVER MODES

1. Firewall mode

2. Cache mode

3. Integrated mode

Key features

1. Internet Firewall (Intrusion detection)

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN6. Tiered-Policy Management

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN6. Tiered-Policy Management7. QOS(Quality Of Service)

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN6. Tiered-Policy Management7. QOS(Quality Of Service)8. Multiprocessor Support

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN6. Tiered-Policy Management7. QOS(Quality Of Service)8. Multiprocessor Support9. Client Side Auto Discovery

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN6. Tiered-Policy Management7. QOS(Quality Of Service)8. Multiprocessor Support9. Client Side Auto Discovery10. Web Filters

Key features

1. Internet Firewall (Intrusion detection)2. Secure Server Publishing3. Web Caching Server4. Secure NAT5. Integrated VPN6. Tiered-Policy Management7. QOS(Quality Of Service)8. Multiprocessor Support9. Client Side Auto Discovery10. Web Filters11. Alerts

Types of Client

1. SECURE NAT Clients

2. WEB Clients

3. FIREWALL Clients

Access is Controlled based on :-

1. Client address sets

2. Destination sets

3. Protocols

4. Bandwidth priorities