Internet Security & Acceleration Server 2004 Enterprise Edition
June 10, 2005
$5,999 per processor
- Ease of Use:
- Value for Money:
- Overall Rating:
Easy to manage; excellent support for Exchange server.
Reliance on Windows 2000/2003 server places an overhead on performance.
A worthy companion to faster hardware firewalls.
Microsoft's Internet Security & Acceleration (ISA) Server 2004, is the company's application for turning a Windows 2000 or 2003 server into an enterprise firewall. Installation was painless on our test Windows 2003 server.
Management is through a Microsoft Management Console snap-in. Rather than the simple tree structure that is the de facto standard for these consoles, Microsoft has made a concerted effort to make it easier to use, including a main page full of shortcut icons and wizards.
Management in an enterprise environment has also been carefully considered. Using the Delegated Permissions Wizard you can easily assign admin privileges to individual users and groups. And because the firewall integrates with Active Directory, you do not have to change your company's structure, and existing users and groups can be reused. Privileges can be assigned to control access to each ISA server and each firewall service, a high level of granularity to suit large environments.
Configuring the firewall is a simple job of selecting the source and destination port, and the service to allow or deny. Further control can be achieved by selecting the networks each rule applies to and the active directory users (Radius authentication is also supported). There is a full stateful inspection firewall, and common services, including web and FTP, are catered for by proxies.
There is also full support for Exchange servers, right down to being able to inspect encrypted data. This support makes it easier to allow secure remote access to your Exchange server. Finally, with a full VPN, you can create encrypted tunnels in much the same way as you create rules. But beyond the firewall and acceleration features, ISA hits a dead end. Anti-virus or intrusion detection are provided by third-party applications, licensed separately.
Running on Windows Server, ISA does not have the network speed to keep up with the dedicated hardware appliances. But the excellent delegated management and application support means ISA Server can still serve well in an enterprise environment, particularly where access to an Exchange server is critical.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards