Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ISA Server Enterprise Array

Posted on 2012-04-09
7
Medium Priority
?
698 Views
Last Modified: 2012-04-10
For the toppology that im including in this question i need to include the following.

Design an ISA Server Enterprise array for Green Globe
Update your network topology maps and show the locations of ISA Server systems and the Configuration Storage server
Be sure to include details about connectivity between array members and the Configuration Storage server
Construct a naming and addressing scheme for the ISA Server array.

I have no idea how to do this or what an ISA server is supposed to do. If some one could help me understand what i am supposed to do here it would be greatly appreciated.
Below is my topology which could also use some revision.
Visio-New-CSI-Topology-Updated.pdf
0
Comment
Question by:kajumblies
  • 4
  • 3
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37826367
Not going to do your homework or assignment for you - that is outside the scope of our work here and not allowed. If you do not know what an ISA Server is I can give you an overview but it assumes you are aware of other fundamental concepts.

In short, ISA is a product from MS that is no longer is mainstream support having been replaced now by Forefront TMG 2010. It's purpose is to provide proxy services, firewall services and application gateway services all of which combine to protect the internal networks and users from potential (and real) threats from untrusted sources such as the Internet.

ISA comes in two flavours whicg are standard and enterprise. The enterprise version of ISA allows the use of NLB or network load balancing to put more than one ISA node into an array for resilience and failover purposes.

The CSS or configuration storage server holds the ISA configuration used on all nodes and is responsible for ensuring that all nodes have an up to date copy.

With ISA 2006 sp2, the need for having separate nics to handle inter-array traffic between the two ISA nodes was removed.
0
 

Author Comment

by:kajumblies
ID: 37830311
So where would an ISA serve be put in relation to other devices on the network. Would it sit in the DMZ or before or after it?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 37830411
If you want full ISA functionality then each node in the array needs to have two nics as a minimum - one external, one internal.
You can deploy ISA as a front end (sits external nics straight onto the internet and internal nics sit on the DMZ/internal network) or as back end (where internal nics sit on the internal network and external nics sit on the DMZ and connect to the internal nics of a different external firewall). The CSS would be internal on the internal network.

If you only need to use ISA for proxy services then you only have one nic in each.

As mentioned, in ISA2006, sp2 the need for inter-array nics was removed. You could still use them if you wanted to but they were no longer an absolute requirement.

ISA 2006 Enterprise includes NLB within the product - don't forget that.

Looking at your diagram - I agree, it needs some work (no offence) - if you were not replacing the Cisco firewalls either at the DMZ entry or exit points then you would only install ISA as proxy only. If you WERE going to be replacing one or other I would replace the Cisco firewall that joins the internal network to the DMZ with the two nodes of the ISA array, load balancing both the internal nics and the external nics, both joined to the domain (isa-node-A, isa-node-b) and use the back end configuration via the configuration wizard that ships with ISA.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37830438
lol - no problem, shame you don't want to give me the points for answering the question but I guess you have your reasons :(
0
 

Author Closing Comment

by:kajumblies
ID: 37830489
sorry i though i selected your comment as an answer...
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37830496
<smiles> thanks, I am now only one question away from breaking the 5 million point barrier here...

Cheers
Keith

http://www.experts-exchange.com/M_3586205.html
0
 

Author Comment

by:kajumblies
ID: 37830504
well im sure ill be asking another question sometime tonight for another 500 point so keep a look out
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question