Upload
hillary-johnston
View
230
Download
1
Tags:
Embed Size (px)
Citation preview
Internal Network External Network
Hub
Internal Network External NetworkWS
Hub
Internal Network External NetworkWS
Hub
Internal Network External Network
S1
WS
Hub
Internal Network External Network
S1
S2
WS
Hub
Internal Network External Network
S1
S2
WS
ISA Server
What is ISA Server 2004
• Microsoft Internet Security and Acceleration (ISA) Server 2004 is the advanced stateful packet and application-layer inspection firewall, virtual private network (VPN), and Web cache solution that enables enterprise customers to easily maximize existing information technology (IT) investments by improving network security and performance. ISA Server 2004 is available in two versions: standard edition and enterprise edition.
What is ISA Server 2004
• ISA Server is particularly well suited for protecting large enterprise network configurations requiring multiple firewall arrays in disparate locations that are running Microsoft client and server applications, such as Microsoft Office, Office Outlook Web Access 2003, Office SharePoint Portal Server 2003, Internet Information Services (IIS), Routing and Remote Access, Active Directory directory service, and many other Microsoft applications, servers, and services.
What is ISA Server 2004
• ISA Server contains a full featured, application-layer aware firewall that helps protect organizations of all sizes from attack by both external and internal threats. ISA Server performs deep inspection of Internet protocols such as Hypertext Transfer Protocol (HTTP), which enables it to detect many threats that traditional firewalls cannot detect. The firewall also provides VPN client inspection for Microsoft Windows Server 2003-based quarantine solutions, helping to protect networks from attacks that enter through a VPN connection.
Hub
Internal Network External Network
S1
S2
WS
ISA Server
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Server One•AD: Active Directory•DNS: Domain Name Services•DHCP: Dynamic Host Configuration•Start and Finish Address
– 192.168.50.25 to 192.168.50.100
•Exclusion Addresses are for Static IP like;– Servers– Routers– Gateways– Printers
Active Directory Structure
Active Directory Naming Convention
OU Group
ouComputers contains gsgComputers
ouStaff contains gsgStaff
and gsgStaffSIMSUsers
and gsgStaffOfficeUsers
ouStaff Teacher contains gsgStaffTeachers
ouStaff Admin contains gsgStaffAdmin
ouStaff Other contains gsgStaffOther
ouStaff Leavers contains gsgStaffLeavers
ouStudents contains gsgStudents
ouStudents 2003 Intake contains gsgStudents2003
ouStudents 2004 Intake contains gsgStudents2004
ouStudents 2005 Intake contains gsgStudents2005
etc.
ouStudent Leavers contains gsgStudentsLeavers
ouStudents 1994 Intake contains gsgStudents1994
ouStudents 1995 Intake contains gsgStudents1995
etc.
ouOther
Hub
Internal Network External Network
S1
S2
WS
ISA Server
192.168.50.?
192.168.50.26
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Static IP Address
IP Address Issued by DHCP
Hub
Internal Network External Network
S1
S2
WS
ISA Server
192
.168
.50
.10
192.168.50.?
192.168.50.26
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Hub
Internal Network External Network
S1
S2
WS
ISA Server
192
.168
.50
.10
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Static IP Address
Server Two
• Exchange Server: • Preferred mail client – Outlook
• RAS: • Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
Hipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
Cache, What is it
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
What is Cache
• An area of disk space which stores the text and graphics of a viewed web page. When the web page is revisited, the Web browser will retrieve the data from the cache instead of downloading it again to save time.
• Or, is an area on the hard disc of a computer where web pages and page elements (graphics etc) are stored when a page is downloaded from the Internet. If a page is revisited and the page, or elements of the page, are still held in cache then the computer will use the cache version to save time rather than download afresh. It also allows previously visited pages to be viewed offline.
What is Cache
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Cache
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server
Cache
Cache
Cache
Hub
Internal Network External Network
S1
S2
WS
Switch
ISA Server
Cache
Cache
Cache
InternetHipxy Proxy
Nefpx3 - 80Proxy Server
10.10.10.19 : 80
Automatically Obtained IP Address 10.10.10.?
192
.168
.50
.10
IE Looks at192.168.50.10 :
8080
192.168.50.?
192.168.50.26
192.168.50.27
AD, DNS and DHCP192.168.50.25 to 192.168.50.100
Exchange Server: Preferred mail client – Outlook
RAS: Remote Access Server