Solved

ISA Server Enterprise Array

Posted on 2012-04-09
7
679 Views
Last Modified: 2012-04-10
For the toppology that im including in this question i need to include the following.

Design an ISA Server Enterprise array for Green Globe
Update your network topology maps and show the locations of ISA Server systems and the Configuration Storage server
Be sure to include details about connectivity between array members and the Configuration Storage server
Construct a naming and addressing scheme for the ISA Server array.

I have no idea how to do this or what an ISA server is supposed to do. If some one could help me understand what i am supposed to do here it would be greatly appreciated.
Below is my topology which could also use some revision.
Visio-New-CSI-Topology-Updated.pdf
0
Comment
Question by:kajumblies
  • 4
  • 3
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37826367
Not going to do your homework or assignment for you - that is outside the scope of our work here and not allowed. If you do not know what an ISA Server is I can give you an overview but it assumes you are aware of other fundamental concepts.

In short, ISA is a product from MS that is no longer is mainstream support having been replaced now by Forefront TMG 2010. It's purpose is to provide proxy services, firewall services and application gateway services all of which combine to protect the internal networks and users from potential (and real) threats from untrusted sources such as the Internet.

ISA comes in two flavours whicg are standard and enterprise. The enterprise version of ISA allows the use of NLB or network load balancing to put more than one ISA node into an array for resilience and failover purposes.

The CSS or configuration storage server holds the ISA configuration used on all nodes and is responsible for ensuring that all nodes have an up to date copy.

With ISA 2006 sp2, the need for having separate nics to handle inter-array traffic between the two ISA nodes was removed.
0
 

Author Comment

by:kajumblies
ID: 37830311
So where would an ISA serve be put in relation to other devices on the network. Would it sit in the DMZ or before or after it?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 37830411
If you want full ISA functionality then each node in the array needs to have two nics as a minimum - one external, one internal.
You can deploy ISA as a front end (sits external nics straight onto the internet and internal nics sit on the DMZ/internal network) or as back end (where internal nics sit on the internal network and external nics sit on the DMZ and connect to the internal nics of a different external firewall). The CSS would be internal on the internal network.

If you only need to use ISA for proxy services then you only have one nic in each.

As mentioned, in ISA2006, sp2 the need for inter-array nics was removed. You could still use them if you wanted to but they were no longer an absolute requirement.

ISA 2006 Enterprise includes NLB within the product - don't forget that.

Looking at your diagram - I agree, it needs some work (no offence) - if you were not replacing the Cisco firewalls either at the DMZ entry or exit points then you would only install ISA as proxy only. If you WERE going to be replacing one or other I would replace the Cisco firewall that joins the internal network to the DMZ with the two nodes of the ISA array, load balancing both the internal nics and the external nics, both joined to the domain (isa-node-A, isa-node-b) and use the back end configuration via the configuration wizard that ships with ISA.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37830438
lol - no problem, shame you don't want to give me the points for answering the question but I guess you have your reasons :(
0
 

Author Closing Comment

by:kajumblies
ID: 37830489
sorry i though i selected your comment as an answer...
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37830496
<smiles> thanks, I am now only one question away from breaking the 5 million point barrier here...

Cheers
Keith

http://www.experts-exchange.com/M_3586205.html
0
 

Author Comment

by:kajumblies
ID: 37830504
well im sure ill be asking another question sometime tonight for another 500 point so keep a look out
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
configuring snmp v2 or v3 on Cisco switches 2 56
Prevent DDOS attack 16 74
Native Vlans, Tagged & untagged annnd Trunks 6 60
FILEZILLA Client "default"? 2 43
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question