?
Solved

Microsoft ISA Server 2004

Posted on 2005-03-09
3
Medium Priority
?
431 Views
Last Modified: 2013-11-16
Hi guys! I am assigned a job to install Microsoft ISA onto my co.'s network.  Does the below network look OK?!

                               Internet
                                    |
                                Router
                                    |
                            Cisco Pix FW
                                    |
                                    |
  ------------------------------------------------------------
  |              |               |                |                       |
Int PC     Int PC2      Int PC3       MS ISA Srv 2004

All internal PCs will access the Internet through MS ISA Srv 2004 (proxy server).  Apart from configuring MS ISA Srv 2004 as a proxy server, i also would like to use it for bandwidth prioritizing (for application access), can this be done with the network layout above? Or the MS ISA Srv must be at the gateway for this bandwidth prioritizing? Please advise.

More question here about MS ISA Srv:
1. Does it have web filtering feature (to control employees' Internet access)?

Any comments are welcome. Tks.
0
Comment
Question by:viansoo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Accepted Solution

by:
graemeboro earned 300 total points
ID: 13504733
For web filtering to a good standard in ISA server, Surf Control have a specific module for ISA Server :-
http://www.surfcontrol.com/internet_monitor.aspx?nocache=3%2f10%2f2005+6%3a09%3a39+AM&promocode=zisama

The following site also has various resources to answer your question :-

http://www.isaserver.org/software/ISA/Monitoring_&_Admin/
0
 
LVL 5

Assisted Solution

by:tmehmet
tmehmet earned 150 total points
ID: 13510450
Filtering is possible. For real filtering take a look at some content filtering specific software or managed service.

Your lan design is fine however, i suggest you dual home the ISA server, it will make it easier to route traffic and also  the ISA can act as a second layer of firewalling. In ther event there is a PIX issue, you are still getting some defence from th ISA.

0
 
LVL 6

Assisted Solution

by:_ruudsje_
_ruudsje_ earned 300 total points
ID: 13539385
My oppinion, while your draw will work I should chouse for the one below

Internet
                                    |
                                Router
                                    |
                            Cisco Pix FW
                                    |
                           MS ISA Srv 2004
                                    |
  ------------------------------------------------------------
  |              |               |                |                       |
Int PC     Int PC2      Int PC3      

Because now you created 1. an extra DMZ (between pix and isa) 2. you have an 2nd line of defense.........ISA 2004 is also a very good firewall, so why not use it.

You can filter http traffic by url's you create in isa to block or by user, with a 3rd party software you can filter with sites that'll use update lists like gfi or surfcontrol......webmarshal is also a good, but expensive alternative this one learns itself (don't know for shure surfcontrol does it, know that surfcontrol has a option to chack even the pictures)

Good luck
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ISA Server detected routes through the network adapter LAN that do not correlate with the network to which this network adapter belongs What does this mean and how can one go about correcting it? In simple terms, this error message indicates t…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question