|
Description Back Cover Contents Author Description
A detailed look into best practice design, deployment, and maintenance of an ISA Server 2004 Environment. Written by industry expert Michael Noel, of Convergent Computing, ISA Server 2004 Unleashed provides guidance for ISA deployment scenarios, including step by step guides for configuring ISA to secure Exchange Outlook Web Access, deploying ISA Server 2004 Enterprise edition arrays, setting up Site to Site VPNs, deploying ISA as a reverse proxy in the DMZ of a firewall, and much more. This book covers ISA in great detail, with emphasis on real-world situations and labor-saving scripts that help administrators take control of an ISA environment and leverage its full potential to provide unprecedented levels of security to an environment. topBack Cover
A detailed look into best practice design, deployment, and maintenance of an ISA Server 2004 Environment. Written by industry expert Michael Noel, of Convergent Computing, ISA Server 2004 Unleashed provides guidance for ISA deployment scenarios, including step by step guides for configuring ISA to secure Exchange Outlook Web Access, deploying ISA Server 2004 Enterprise edition arrays, setting up Site to Site VPNs, deploying ISA as a reverse proxy in the DMZ of a firewall, and much more. This book covers ISA in great detail, with emphasis on real-world situations and labor-saving scripts that help administrators take control of an ISA environment and leverage its full potential to provide unprecedented levels of security to an environment. topContents
Introduction. The Target Audience of This Book. The Organization of This Book. Conventions Used in This Book. I. DESIGNING, EXPLORING, AND UNDERSTANDING ISA SERVER 2004. 1. Introducing ISA Server 2004. Understanding the Need for ISA Server 2004 Outlining the High Cost of Security Breaches Outlining the Critical Role of Firewall Technology in a Modern Connected Infrastructure Understanding the Growing Need for Application-Layer Filtering Detailing the Additional Advantages of ISA Server 2004 Allowing for More Intelligent Remote Access with Virtual Private Networks (VPNs) Using Web Caching to Improve and Control Web Browsing Reducing Setup and Configuration Time with an ISA Server 2004 Hardware Solution Reducing Administrative Overhead and Potential for Errors with Simplified Management Tools Preserving Investment in Existing Security Solutions Understanding the History of ISA Server 2004 Outlining Initial Microsoft Security Solutions Exploring a New Product-Proxy Server Unleashing a New Model: the Internet Security and Acceleration Server 2000 Unveiling the Next Generation: ISA Server 2004 Exploring the New Features of ISA Server 2004 Choosing the ISA Server 2004 Operating System Choosing Between ISA Server 2004 Enterprise or Standard Editions Detailing Deployment Strategies with ISA Server 2004 Deploying ISA Server 2004 as an Advanced Application-Layer Inspection Firewall Securing Applications with ISA Server 2004's Reverse Proxy Capabilities Accelerating Internet Access with ISA Server 2004's Web Caching Component Controlling and Managing Client Access to Company Resources with Virtual Private Networks (VPNs) Using the Firewall Client to Control Individual User Access Augmenting an Existing Security Environment with ISA Server 2004 Utilizing ISA Server 2004 in Conjunction with Other Firewalls Deploying ISA Server 2004 in a RADIUS Authentication Environment Administering and Maintaining an ISA Server 2004 Environment Taking Advantage of Improvements in ISA Management Tools Backing Up and Restoring ISA Server Environments Maintaining an ISA Server Environment Monitoring and Logging Access Using ISA Server 2004 to Secure Applications Securing Exchange Outlook Web Access (OWA) with ISA Server 2004 Locking Down Web Application Access Securing Remote Procedure Call (RPC) Traffic Summary Best Practices 2. Installing ISA Server 2004. Reviewing ISA Server 2004 Prerequisites Reviewing Hardware Prerequisites Understanding ISA Operating System Requirements Examining Windows and ISA Service Packs Outlining ISA Network Prerequisites Procuring and Assembling ISA Hardware Determining when to Deploy Dedicated ISA Hardware Appliances Optimizing ISA Server Hardware Building Windows Server 2003 as ISA's Operating System Installing Windows Server 2003 Standard Edition Configuring Network Properties Installing the Optional Message Screener Components Applying Windows Server 2003 Service Pack 1 Updating and Patching the Operating System Determining Domain Membership Versus Workgroup Isolation Understanding Deployment Scenarios with ISA Domain Members and ISA Workgroup Members Working Around the Functional Limitations of Workgroup Membership Changing Domain Membership Installing the ISA Server 2004 Software Reviewing ISA Software Component Prerequisites Installing ISA Server 2004 Standard Edition Performing Post-Installation ISA Updates Installing ISA Server 2004 Service Pack 1 Checking the ISA Site for ISA Updates Installing Third-Party ISA Tools Securing the Operating System with the Security Configuration Wizard Installing the Security Configuration Wizard Creating a Custom ISA Security Template with the Security Configuration Wizard Summary Best Practices 3. Exploring ISA Server 2004 Tools and Concepts. Exploring the ISA Server 2004 Management Console Defining ISA Server Console Terminology and Architecture Exploring ISA Console Panes Examining ISA Console Nodes Configuring Networks with ISA Console Network Wizards and Tools Exploring the Networks Node Understanding the Definition of ISA Networks Outlining Network Sets Defining Network Templates Exploring Network Rules Running the Network Template Wizard Understanding Web Chaining Exploring Firewall Policy Settings Examining the Firewall Policy Node Understanding Firewall Access Rules Examining Publishing Rules and the Concept of Reverse Proxy Understanding System Policy Rules and the System Policy Editor Defining the Contents of the Firewall Policy Toolbox Navigating the Monitoring Node Options Configuring the Dashboard Viewing Alerts Monitoring Sessions and Services Generating Reports Verifying Connectivity Logging ISA Access Working with the Virtual Private Networks Node Enabling and Configuring VPN Client Access Configuring Remote Access Configuration Creating Remote Site Networks for Site-to-Site VPN Understanding VPN Quarantine Examining the Cache Node Settings Enabling Caching Understanding Cache Rules Examining Content Download Jobs Configuring Add-ins Exploring Application Filters Examining Web Filters Exploring the ISA General Node Delegating ISA Administration Configuring Firewall Chaining Defining Firewall Client Parameters Exploring Link Translation Configuring Dial-Up Preferences Examining Certificate Revocation Options Viewing ISA Server Details Defining Connection Limits Setting Intrusion Detection Thresholds Defining RADIUS Servers Defining IP Preferences Summary Best Practices 4. Designing an ISA Server 2004 Environment. Preparing for an ISA Server 2004 Design Identifying Security Goals and Objectives Documenting and Discovering Existing Environment Settings Matching Goals and Objectives to ISA Features Managing a Deployment Project Documenting the Design Upgrading Existing ISA Server 2000 Systems to ISA Server 2004 Exploring Differences Between ISA 2000 and ISA Server 2004 Exporting ISA 2000 Settings to ISA Server 2004 Cleaning Up ISA 2000 Rules and Migration Components Determining the Number and Placement of ISA Servers Sizing an ISA Server Deployment Choosing Between ISA Server Standard Edition and ISA Server Enterprise Edition Deploying ISA to Branch Offices Prototyping a Test ISA Server Deployment Setting Up a Prototype Lab for ISA Server 2004 Emulating and Testing ISA Settings Exporting Prototype Lab Configs Piloting an ISA Server Deployment Organizing a Pilot Group Understanding ISA Pilot Scenarios Running Penetration Tests and Attacks Against the Pilot Infrastructure Implementing the ISA Server Design Validating Functionality Supporting the ISA Environment Long-Term Designing ISA Server 2004 for Organizations of Varying Sizes Examining an ISA Server 2004 Deployment for a Small Organization Examining an ISA Server 2004 Deployment for a Midsized Organization Examining an ISA Server 2004 Deployment for a Large Organization Summary Best Practices II. DEPLOYING ISA SERVER 2004. 5. Deploying ISA Server 2004 as a Firewall. ISA as a Full-Function Security Firewall Defining the Concept of a Firewall Filtering Traffic at the Application Layer Understanding Common Myths and Misperceptions About ISA Multi-networking with ISA Server 2004 Setting Up a Perimeter Network with ISA Deploying Additional Networks Defining ISA Firewall Networks Understanding ISA's Concept of a Network Understanding Network Rules with ISA Server 2004 Working with the Default Network Templates Deploying an ISA Firewall using the Edge Firewall Template Reviewing and Modifying Network Rules Modifying Network Rules Creating New Network Rules Understanding Firewall Policy Rules Modifying Firewall Policy Rules Creating Firewall Policy Rules Examining Advanced ISA Firewall Concepts Publishing Servers and Services Reviewing and Modifying the ISA System Policy Summary Best Practices 6. Deploying ISA Server Arrays with ISA Server 2004 Enterprise Edition. Understanding ISA Server 2004 Enterprise Edition Exploring the Differences between the Standard and Enterprise Versions of ISA Server 2004 Designing an ISA Server 2004 Enterprise Edition Environment Deploying the Configuration Storage Server (CSS) Determining CSS Placement Installing CSS Setting Up Additional CSS Replicas Setting Up Enterprise Networks and Policies Delegating Administration of ISA Defining Enterprise Networks Establishing Enterprise Network Rules Creating Enterprise Policies Creating Enterprise Access Rules for the Enterprise Policy Changing the Order of Enterprise Policy Rules Creating and Configuring Arrays Creating Arrays Configuring Array Settings Creating the NLB Array Network Defining Array Policies Installing and Configuring ISA Enterprise Servers Satisfying ISA Server Installation Prerequisites Installing the ISA Server Software Configuring the Inter-Array Communication IP Address Configuring Network Load Balancing and Cache Array Routing Protocol (CARP) Support Understanding Bi-Directional Affinity with Network Load Balancing (NLB) Enabling NLB for ISA Networks Defining Cache Drives for CARP Enabling CARP Support Summary Best Practices 7. Deploying ISA Server as a Reverse Proxy in an Existing Firewall DMZ. ISA Server 2004 as a Security Appliance Understanding How Reverse Proxies Work Deploying a Unihomed ISA Server as a Security Appliance Understanding the Capabilities of ISA Server 2004 Reverse Proxy Defining Web Server Publishing Rules for Reverse Proxy Using a Unihomed ISA Server for SMTP Filtering Deploying Unihomed ISA Server 2004 Security Appliances Applying the Single Network Adapter Network Template to a Unihomed ISA Server Deploying a Preconfigured ISA Hardware Appliance Configuring Existing Firewalls to Utilize ISA Server 2004 Reverse Proxy Understanding Packet-Filter Firewall Configuration for ISA Server Publishing Isolating and Securing an ISA Security Appliance Publishing and Securing Services in an Existing DMZ Configuring a Unihomed ISA Server to Reverse Proxy Exchange Outlook Web Access Configuring a Unihomed ISA Server to Reverse Proxy Web Services Configuring a Unihomed ISA Server to Act as an SMTP Smarthost Understanding Advanced ISA Security in Enterprise Environments Deploying ISA Security Appliances for Redundancy and Load Balancing Monitoring and Intrusion Detection on ISA Servers in the DMZ Summary Best Practices 8. Deploying ISA Server 2004 as a Content Caching Server. Understanding the Acceleration Component of the Internet Acceleration Server 2004 Improving Web Access by Caching Content Protecting and Monitoring Client Web Access Pre-downloading Commonly Used Content Designing ISA Server 2004 Caching Solutions Understanding the Types of Proxy Servers Sizing Hardware Components for an ISA Caching Server Deploying Caching Redundancy with the Cache Array Routing Protocol (CARP) Enabling ISA Server 2004 as a Web Caching Server Configuring ISA Server to Provide Web Caching Capabilities Changing Default Cache Settings Configuring Cache Rules Configuring Proxy Web Chaining Setting Up a Content Download Job Configuring Proxy Clients Enabling an ISA Transparent Proxy Manually Configuring Client Proxy Settings Creating an Active Directory Group Policy Object (GPO) to Streamline the Deployment of Client Cache Settings Configuring Proxy Client Autodiscovery with DHCP Configuring Proxy Client Autodiscovery with DNS Summary Best Practices 9. Enabling Client Remote Access with ISA Server 2004 Virtual Private Networks (VPNs). Examining ISA Server 2004 VPN Capabilities and Requirements Understanding ISA Server 2004 VPN Protocols Comparing PPTP and L2TP Compression Methods Understanding PPTP and L2TP Encryption and Data Security Methods Comparing PPTP and L2TP Authentication Methods Analyzing VPN Protocol Implementation Issues Understanding Network Bandwidth Constraints with VPNs Preparing Internal Resources for Remote Access Designing an ISA Server 2004 VPN Infrastructure Deploying an ISA VPN Server as a Domain Member Deploying an ISA VPN Server as a Standalone Server (Workgroup Member) Enabling VPN Functionality in ISA Server Creating Network Relationships for the VPN Users Network Enabling Client VPN Access from the Console Assigning IP Addresses to Remote Users Assigning Routes to Remote Users Authenticating VPN Users Working with and Creating Rules for the VPN Clients Network Utilizing RADIUS Authentication for VPN Connections Installing the Internet Authentication Service (IAS) for Active Directory RADIUS Support Detailing IAS Permissions Required in Active Directory Setting Up the ISA Server as an IAS Client Establishing IAS Remote Access Policies Examining RADIUS Message Authentication Configuring ISA to Use IAS for Authentication Configuring ISA for Point-to-Point Tunneling Protocol (PPTP) VPN Connections Configuring an ISA VPN Connection to Use PPTP Configuring a Windows XP Professional Client for PPTP Communication Testing the PPTP Connection Creating Layer 2 Tunneling Protocol (L2TP) VPN Connections with ISA Configuring an IPSec Pre-Shared Key Configuring a Windows XP Professional Client for an L2TP VPN Connection Creating a Public Key Infrastructure (PKI) for L2TP with IPSec Support Installing the Enterprise Root Certificate Authority (CA) Configuring the Enterprise Root CA Requesting a Certificate for the ISA VPN Server Requesting a Certificate for the VPN Client Downloading the CA Certificate Exporting and Importing Certificates Using Active Directory Autoenrollment Using the Connection Manager Administration Kit (CMAK) to Automate VPN Client Deployment Installing the Connection Manager Administration Kit (CMAK) Creating CMAK Profiles for Client Deployment Automation Deploying the Custom CMAK Profile on a Windows XP Client Enabling ISA Server 2004 VPN Quarantine Installing the Remote Access Quarantine Service (RQS) Configuring the RQS Protocol Definition in ISA Configuring RQS Rules for ISA Enabling VPN Quarantine in ISA Customizing a CMAK Package for VPN Quarantine Summary Best Practices 10. Extending ISA 2004 to Branch Offices with Site-to-Site VPNs. Understanding Branch-Office Deployment Scenarios with ISA Server 2004 Extending the Network Without WAN Links or Unnecessary Complexity Controlling and Filtering Traffic Across WAN Segments Understanding Site-to-Site VPN Capabilities and Options Understanding RADIUS Authentication Options for Site-to-Site VPN Connections Outlining a Site-to-Site VPN Scenario Preparing ISA Servers for Site-to-Site VPN Capabilities Enabling VPN Client Access Creating VPN User Accounts on Both Servers Defining Address Assignments Selecting the Correct VPN Interface Choosing Between Authentication Mechanisms Configuring a Point-to-Point Tunneling Protocol (PPTP) Site-to-Site VPN Between Two Remote Offices Configuring the PPTP Remote Site Network Definition on the ISA Servers Creating Network and Firewall Rules Configuring a Layer 2 Tunneling Protocol (L2TP) Site-to-Site VPN Connection Between Two ISA Servers in Remote Sites Deciding Between Shared Key and PKI Configuring a PKI Infrastructure for PKI-Based Certificate Encryption Requesting a Certificate for the ISA VPN Server Configuring the L2TP Remote Site Network Definition on the ISA Servers Configuring ISA 2004 to Integrate with Third-Party VPN Tunnel Products Setting Up an IPSec Tunnel Mode VPN Connection Configuring the Third-Party VPN Site Configuring the Third-Party VPN Server Configuring Network and Firewall Rules Between ISA Site Networks Creating Network Rules Between ISA Site Networks Creating Firewall Rules Between ISA Site Networks Summary Best Practices 11. Understanding Client Deployment Scenarios with ISA Server 2004. Outlining Client Access with ISA Server 2004 Defining the ISA Firewall Client Defining the SecureNAT Client Defining the Web Proxy Client Outlining the VPN Client Preparing an ISA Environment for the Firewall Client Installing the ISA Firewall Client Share Using DHCP to Configure ISA Server for Auto Detection Configuring Proxy Client Autodiscovery with DNS Enabling Auto Discovery from ISA Server Installing the ISA Firewall Client Manually Installing the ISA Firewall Client Using Unattended Setup Scripts to Deploy the ISA Firewall Client Deploying the Firewall Client via Active Directory Group Policies Working with the ISA Firewall Client Getting Familiar with the Firewall Client Functionality Modifying Rules for Firewall Clients Using the Firewall Client Tool Pack (FWCToolPack) Summary Best Practices III. Securing Servers and Services with ISA Server 2004. 12. Securing Outlook Web Access (OWA) Traffic. Enabling Secure Sockets Layer (SSL) Support for Exchange Outlook Web Access Understanding the Need for Third-Party Cas Installing a Third-Party CA on an OWA Server Using an Internal Certificate Authority for OWA Certificates Forcing SSL Encryption for OWA Traffic Customizing and Securing an OWA Website from Internal Access Securing Exchange Outlook Web Access with ISA Server 2004 Exporting and Importing the OWA Certificate to the ISA Server Creating an Outlook Web Access Publishing Rule Redirecting HTTP OWA Traffic to HTTPS traffic Customizing Forms-Based Authentication Enabling the Change Password Feature in OWA Through an ISA Publishing Rule Summary Best Practices 13. Securing Messaging Traffic. Understanding the Need for Secure Mail Access Weighing the Need to Communicate Versus the Need to Secure Outlining ISA Server 2004's Messaging Security Mechanisms Configuring ISA Server 2004 to Support OMA and ActiveSync Access to Exchange Enabling and Supporting OMA and ActiveSync on the OWA Server Supporting Mobile Services in ISA when Using Forms-Based Authentication for OWA Deploying Multiple OWA Virtual Servers Assigning a New IP Address on the ISA Server for the Additional Web Listener Setting Up an Outlook Mobile Access (OMA) and ActiveSync Publishing Rule Configuring ISA Server to Secure RPC over HTTP(S) Traffic Installing the RPC over HTTP Proxy Configuring RPC over HTTPS on an Exchange Back-End Server Configuring RPC over HTTPS on an Exchange Front-End Server Modifying the Registry to Support a Single-Server Exchange RPC over HTTP Topology Creating the RPC Virtual Directory on the Proper Virtual Server Securing RPC over HTTPS Servers with an ISA Publishing Rule Setting Up an Outlook 2003 Profile to Use RPC over HTTP Securing Exchange MAPI Access Configuring MAPI RPC Filtering Rules Deploying MAPI Filtering Across Network Segments Securing POP and IMAP Exchange Traffic Creating and Configuring a POP Mail Publishing Rule Creating and Configuring an IMAP Mail Publishing Rule Managing and Controlling Simple Mail Transport Protocol (SMTP) Traffic Installing and Configuring the SMTP Service on the ISA Server Installing the ISA SMTP Screener Component Enabling Outbound and Inbound SMTP Filtering with the SMTP Message Screener Configuring Exchange to Forward Outbound Messages to ISA Customizing the SMTP Filter Summary Best Practices 14. Securing Web (HTTP) Traffic. Outlining the Inherent Threat in Web Traffic Understanding Web (HTTP) Exploits Securing Encrypted (Secure Sockets Layer) Web Traffic Publishing and Customizing Web Server Publishing Rules Using the Web Server Publishing Wizard Exploring the General Tab Options Understanding the Action Tab Exploring From Tab Options Outlining To Tab Options Exploring the Traffic Tab and Filtering HTTP Packets Understanding Listener Tab Configuration Options Viewing Public Name Options Understanding Paths Tab Options Exploring the Bridging Tab Understanding the Users Tab Outlining Schedule Tab Options Exploring the Link Translation Tab Configuring SSL-to-SSL Bridging for Secured Websites Working with Third-Party Certificate Authorities Installing a Local Certificate Authority and Using Certificates Modifying a Rule to Allow for End-to-End SSL Bridging Securing Access to SharePoint 2003 Sites with ISA 2004 Understanding SharePoint 2003 Publishing a SharePoint Site with ISA Server Publishing Rules Using Link Translation to Hide Internal SharePoint Links Summary Best Practices 15. Securing RPC Traffic. Understanding the Dangers of Remote Procedure Call (RPC) Traffic Examining How Remote Procedure Call (RPC) Traffic Works Outlining RPC Exploits Understanding the Need for RPC Filtering Versus RPC Blocking Securing RPC Traffic Between Network Segments Outlining How ISA RPC Filtering Works Deploying ISA for RPC Filtering Publishing RPC Services with ISA Server 2004 Publishing an RPC Service Creating Custom RPC Protocol Definitions Using Network Monitor for Custom RPC Installing Network Monitor Using Network Monitor to Scan Traffic for RPC UUIDs Creating Server Publishing Rules Outlining Default Server Publishing Rules in ISA Server Creating a Server Publishing Rule Defining a Custom Publishing Rule Summary Best Practices IV. SUPPORTING AN ISA SERVER 2004 INFRASTRUCTURE. 16. Administering an ISA Server 2004 Environment. Defining the Role of the ISA Administrator Understanding Who Administers the ISA Environment Exploring ISA Administrator Roles Deploying a Role-Based Access Control Model for ISA Server 2004 Exploring the Concept of Active Directory Access Groups and Role Groups Illustrating a Role-Based Access Approach Delegating and Customizing Administrative Access to the ISA Console Creating Active Directory Groups for Admin Access Creating Local Server Users and Groups for Admin Access Delegating Admin Access to ISA Server Administering an ISA Server Remotely Installing the ISA Server Management Console Configuring an ISA Server for Remote Desktop Protocol Access Working with ISA Server 2004 Lockdown Mode Administering and Understanding Lockdown Mode Triggering and Resetting ISA Lockdown Mode Performing Advanced ISA Administration Renaming an ISA Server in the Console Administering Multiple ISA Servers Summary Best Practices 17. Maintaining ISA Server 2004. Understanding the Importance of a Maintenance Plan for ISA Keeping Ahead of Updates and Patches Taking a Proactive Approach to Security Maintenance Understanding ISA Server's Role in an IT Maintenance Plan Updating ISA's Operating System Manually Patching an ISA Server Verifying Windows Update Access in the ISA System Policy Working with Windows Update to Patch the Operating System Managing ISA Server Updates and Critical Patches Prototyping ISA Server Patches Before Updating Production Equipment Performing Daily Maintenance Monitoring the ISA Dashboard Checking Overall Server Functionality Verifying Backups Monitoring the Event Viewer Performing Weekly Maintenance Checking for Updates Checking Disk Space Verifying Hardware Archiving Event Logs Performing Monthly Maintenance Maintaining File System Integrity Testing the UPS Validating Backups Updating Automated System Recovery Sets Updating Documentation Performing Quarterly Maintenance Changing Administrator Passwords Audit the Security Infrastructure Gather Performance Metrics Reassess Goals and Objectives Summary Best Practices 18. Backing Up, Restoring, and Recovering an ISA Server 2004 Environment. Understanding ISA Server's Backup and Recovery Capabilities Using Export and Import Functionality to Simplify Recovery Backing Up Individual ISA Components Exporting ISA Settings for Backups Exporting Individual Sets of Rules Exporting the Entire ISA System Config to an XML File Exporting URL Sets Importing ISA Settings for Restores Importing Individual ISA Components Importing Entire ISA Configs Importing URL Sets Automating ISA Server Export with Custom Scripts Creating and Deploying an ISA Server Automatic Export Script Scheduling the Automatic ISA Export Script Restoring an ISA Server from the ISA Export Script Using Traditional Backup and Restore Tools with ISA Server 2004 Backing Up and Restoring the ISA Server Operating System and Components Summary Best Practices 19. Monitoring and Troubleshooting an ISA Server 2004 Environment. Outlining the Importance of ISA Monitoring and Logging Logging for Governmental and Corporate Compliance Taking a Proactive Approach to Intrusion Attempts Configuring ISA Logging and Monitoring Delegating ISA Monitoring Settings Understanding the ISA Advanced Logging Service Installing the ISA Advanced Logging Service Configuring Firewall Logging Configuring Web Proxy Logging Configuring SMTP Screener Logging Logging ISA Traffic Examining ISA Logs Customizing Logging Filters Monitoring ISA from the ISA Console Customizing the ISA Dashboard Monitoring and Customizing Alerts Monitoring Session and Services Activity Creating Connectivity Verifiers Generating Reports with ISA Server Customizing Reports Generating Reports Scheduling Report Generation Monitoring ISA Server 2004 Health and Performance with Microsoft Operations Manager (MOM) Taking a Close Look at Microsoft Operations Manager (MOM) Downloading and Extracting the ISA Server 2004 Management Pack for MOM 2005 Importing the Management Pack AKM File into MOM Configuring MOM Settings Configuring MOM Global Settings for Non-Domain Member ISA Servers Configuring ISA to Allow MOM Communications Installing the MOM Agent on the ISA Server Monitoring ISA Functionality and Performance with MOM Monitoring ISA with Windows Performance Monitor (Perfmon) Summary Best Practices 20. Documenting an ISA Server 2004 Environment. Understanding the Benefits of ISA Server Documentation Using Documentation for Knowledge Management Using Documentation to Outline the Financial Benefits of ISA Baselining ISA with Document Comparisons Using Documentation for ISA Troubleshooting Understanding the Recommended Types of Documentation Documenting the ISA Server 2004 Design Documenting the ISA Design Process Formalizing ISA Server Configuration with As-Built Documentation Documenting Specific ISA Configuration with Custom Scripting Developing Migration Documentation Creating Project Plans Developing the Test Plan Numbering Server Migration Procedures Establishing Migration Checklists Creating Administration and Maintenance Documentation for ISA Preparing Step-by-Step Procedure Documents Creating Documented Checklists Outlining Procedural Documents Preparing Disaster Recovery Documentation Outlining Disaster Recovery Planning Documenting for Backup and Recovery Outlining Monitoring and Performance Documentation for ISA Documenting Change Management Procedures Understanding the Importance of Performance Documentation Producing Routine Reporting Implementing Management-Level Reporting Detailing Technical Reporting Writing Training Documentation Outlining Technical Training Documenting End-User Training Detailing System Usage Policies Summary Best Practices Index. topAuthor
Michael Noel (CISSP, MCSE:Security) has significant experience in the computer industry, and has worked with the ISA Server product since its infancy. In addition to his writings on ISA and other security products, Michael has authored Windows Server 2003 Unleashed, Exchange Server 2003 Unleashed, and SharePoint 2003 Unleashed. Currently a Senior Consultant at Convergent Computing in the San Francisco Bay Area, Michael's writings leverage his real-world experience designing, deploying, and administering ISA Server environments. top
|
