Differences Between ISA Server 2000 and ISA Server 2004

Multinetworking

Replaces the LAT from ISA Server 2000, allowing you to create and configure multiple networks. You are no longer limited to a binary approach in which the LAT contains internal addresses and everything else is considered external addresses. Instead, you have a relative LAT, which allows the configuration of multiple networks based on IP address ranges.

Per-network policies

Allows you to control how the clients within specified networks will communicate with one another.

Network relationships: Routed or NAT

Allows you to control how the networks will communicate with one another: Network Address Translation (NAT) or routed.

Built-in network templates

Allows you to easily configure your firewall policies based on the location of your ISA Server.

Advanced HTTP policies

Allows the ability to perform real OSI Layer 7 application inspection on a per-rule basis, control downloads by file extension, and control access for every connection, as well as blocking of unwanted content based on exploit and common application signatures.

Advanced FTP policies

Allows the ability for users to upload and download using File Transfer Protocol (FTP) while giving administrators the ability to selectively filter FTP requests.

Link translation

Provides a dictionary of internal server names mapped to external accessible names to prevent broken links by external users. This feature was available with the installation of ISA Server 2000 Feature Pack 1, but is now built-in.

Network Access Quarantine Control

Segregates clients onto a separate network to ensure predefined conditions have been met before allowing access to the internal network.

Port Redirection

Allows ISA server to accept connections for internal resources on a different port than that used by the internal server.

Advanced VPN Functions

Allows stateful filtering and inspection, monitoring, and logging, as well as support for Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol/IP Security (L2TP/IPSec), strong authentication, and virtual private network (VPN) quarantine.

H.323 gateway

Allowed call handling and routing of H.323 Voice over IP (VoIP) calls.

Live media split streaming

Allowed organizations using Windows Media Technology to split the media streams, improving bandwidth for video and audio.

Bandwidth control

Allowed prioritization of connections based on the quality of service (QoS) packet scheduling service.

Active caching

Allowed the cache to manage the most commonly used items in the cache, and refresh itself as needed. In ISA Server 2004 Standard Edition, even though the functionality was removed, the tab will appear until ISA Server SP1 is applied.

Enterprise policies

Enterprise policies apply to a range of ISA servers, allowing centralized management of many ISA Server computers. Enterprise policies can override lower level policies.

Enterprise networks

Enterprise networks are composed of IP address ranges, and are global to all arrays in the enterprise.

Enterprise rule elements

In the Enterprise Policy node, you can configure protocols, users, content types, schedules, and network objects that are available to all permitted array members.

NLB support

Network Load Balancing (NLB) supports the ability to scale the use of ISA Server to more and more clients by using a single IP address to support several physical computers.

Site-to-site VPN failover

When VPNs are used with NLB, one array member is assigned as the connection owner. If the owner server becomes unavailable, the VPN connection is re-established with another array member.

CARP

Cache Array Routing Protocol (CARP) allows cached data to be stored on, and retrieved from, specific ISA servers throughout the enterprise without duplicating cache content.

Array reporting

ISA Server 2004 Enterprise Edition can combine the log files from different ISA servers (array members) and create a combined report summary.