Chapter9.Enabling Client Remote Access with ISA Server 2004 Virtual Private Networks (VPNs)


Chapter 9. Enabling Client Remote Access with ISA Server 2004 Virtual Private Networks (VPNs)

IN THIS CHAPTER

  • Examining ISA Server 2004 VPN Capabilities and Requirements

  • Designing an ISA Server 2004 VPN Infrastructure

  • Enabling VPN Functionality in ISA Server

  • Utilizing RADIUS Authentication for VPN Connections

  • Configuring ISA for Point-to-Point Tunneling Protocol (PPTP) VPN Connections

  • Creating Layer 2 Tunneling Protocol (L2TP) VPN Connections with ISA

  • Creating a Public Key Infrastructure (PKI) for L2TP with IPSec Support

  • Using the Connection Manager Administration Kit (CMAK) to Automate VPN Client Deployment

  • Enabling ISA Server 2004 VPN Quarantine

  • Summary

  • Best Practices

As the widespread adoption of high-speed Internet access and mobile computing becomes commonplace, many organizations are finding that it has become increasingly important to provide remote connectivity services to employees. At the same time, the potential threats posed by unauthorized access using these techniques have increased. It is subsequently critical to be able to allow for the productivity increases that remote access can provide while also maintaining tight security over the mechanism that is used to provide those services.

Many organizations are turning to Virtual Private Networking (VPN) solutions to provide these types of capabilities to their remote and roaming users. VPNs allow for encrypted "tunnels" to be created into an organization's network, allowing for resources to be accessed in a secure fashion. ISA Server 2004 includes robust and capable VPN support, enabling organizations to leverage these capabilities in addition to the other capabilities provided by the software.

ISA Server 2004 implements industry-standard VPN protocols to provide secure access to essential data over a public Internet connection, eliminating the need for expensive point-to-point leased connections or modem pools, and with all the security advantages that VPNs provide. In addition, deploying VPNs with ISA allows for the creation of granular rule-based access control through use of ISA's advanced firewall rule capabilities. This gives administrators control over exactly what resource can be accessed by VPN users, which they can do by creating a distinct VPN users network that can be used for the creation of firewall rules.

This chapter focuses on exploring the VPN capabilities of ISA Server 2004. Step-by-step guides are provided for deployment of ISA VPN Client networks using both Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP), and best practice design advice is presented. Automatic configuration of client VPN settings with the Connection Management Administration Kit (CMAK) is outlined as well. In addition, deploying VPNs with advanced techniques such as using PKI Certificates, RADIUS authentication, and VPN Quarantine is explored. Site-to-site VPNs for communication between branch offices is covered in a separate chapter, Chapter 10, "Extending ISA Server 2004 to Branch Offices with Site-to-Site VPNs."



    Microsoft Internet Security and Acceleration ISA Server 2004 Unleashed
    Microsoft Internet Security and Acceleration (ISA) Server 2004 Unleashed
    ISBN: 067232718X
    EAN: 2147483647
    Year: 2005
    Pages: 216
    Authors: Michael Noel

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net