Internet Security & Acceleration Server 2004 Enterprise Edition
June 10, 2005
$5,999 per processor
- Ease of Use:
- Value for Money:
- Overall Rating:
Easy to manage; excellent support for Exchange server.
Reliance on Windows 2000/2003 server places an overhead on performance.
A worthy companion to faster hardware firewalls.
Microsoft's Internet Security & Acceleration (ISA) Server 2004, is the company's application for turning a Windows 2000 or 2003 server into an enterprise firewall. Installation was painless on our test Windows 2003 server.
Management is through a Microsoft Management Console snap-in. Rather than the simple tree structure that is the de facto standard for these consoles, Microsoft has made a concerted effort to make it easier to use, including a main page full of shortcut icons and wizards.
Management in an enterprise environment has also been carefully considered. Using the Delegated Permissions Wizard you can easily assign admin privileges to individual users and groups. And because the firewall integrates with Active Directory, you do not have to change your company's structure, and existing users and groups can be reused. Privileges can be assigned to control access to each ISA server and each firewall service, a high level of granularity to suit large environments.
Configuring the firewall is a simple job of selecting the source and destination port, and the service to allow or deny. Further control can be achieved by selecting the networks each rule applies to and the active directory users (Radius authentication is also supported). There is a full stateful inspection firewall, and common services, including web and FTP, are catered for by proxies.
There is also full support for Exchange servers, right down to being able to inspect encrypted data. This support makes it easier to allow secure remote access to your Exchange server. Finally, with a full VPN, you can create encrypted tunnels in much the same way as you create rules. But beyond the firewall and acceleration features, ISA hits a dead end. Anti-virus or intrusion detection are provided by third-party applications, licensed separately.
Running on Windows Server, ISA does not have the network speed to keep up with the dedicated hardware appliances. But the excellent delegated management and application support means ISA Server can still serve well in an enterprise environment, particularly where access to an Exchange server is critical.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Logjam attack exposes data passed over TLS connections
- Google releases Chrome 43, addresses 37 bugs
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes