ISA Server 2004 is available in two different editions (Standard Edition and Enterprise Edition), with the Standard Edition being provided as a stand-alone product, and also as part of Microsoft Small Business Server 2003 Premium Edition Service Pack 1.
Table 1-4 lists the features that differ between editions.
Features | ISA with Small Business Server | ISA Server Standard Edition | ISA Server Enterprise Edition |
---|---|---|---|
Scalability | Very limited | Limited | Full |
Distributed and hierarchical caching | None | Hierarchical only | Both |
Active Directory integration | Can use users and groups to manage security and administrative roles | Can use users and groups to manage security and administrative roles | Can use users and groups to manage security and administrative roles; uses Active Directory Application Mode (ADAM) to store configuration information |
Tiered policy | No | No | Yes |
Multiserver management | No | No | Yes |
NLB | No | Not supported | Yes |
Several vendors, like Celestix and Network Engines, have created hardware appliances that utilize ISA Server. These products vary in functionality, but are designed to provide a more easily configured or updated installation of ISA Server 2004. See http://www.microsoft.com/isaserver/howtobuy/hardwaresolutions.asp for more information.
Small Business Server 2003 comes in two versions: Standard Edition and Premium Edition. Only the Premium Edition includes ISA Server 2000, along with Microsoft SQL Server and Microsoft FrontPage 2003. Small Business Server 2003 Service Pack 1 includes the ability to upgrade to ISA Server 2004 Standard Edition.
For more information about this upgrade, see Chapter 20, "Configuring ISA Server with Small Business Server 2003."
Scalability The most obvious drawback to using Small Business Server 2003 is the inability to expand beyond 75 clients without purchasing the Small Business Server 2003 Transition Pack. If your company will grow in the near future, you should consider moving to a more traditional Microsoft Windows 2000 or Microsoft Windows Server 2003 domain structure with a separate ISA Server installation.
For more information about Small Business Server 2003 licensing and the transition pack, see http://www.microsoft.com/WindowsServer2003/sbs/techinfo/overview/licensingfaq.mspx.
Hardware and Software Table 1-5 shows both the minimum and recommended requirements for Small Business Server 2003.
Hardware | Minimum | Recommended | Maximum |
---|---|---|---|
Processor | 300 megahertz (MHz) | At least 550 MHz | Multiprocessor support for up to two processors (hyper-threading is supported) |
Memory | 256 MB of RAM | 1 GB of RAM | 4 GB of RAM |
Hard disk | 5 GB plus space for data storage | 6 GB plus space for data storage, though this size will vary based on your requirements | N/A |
Network adapters | 1 | 1 or 2 depending on your topology | N/A |
CD or DVD drive | Bootable CD or DVD drive | Same | N/A |
Monitor and video adapter | Super VGA (SVGA) monitor Video adapter with 800 × 600 or higher resolution and a minimum of 256 colors | Same | N/A |
SBS Service Pack Level | Service Pack 1 | The most current updates available for Small Business Server 2003 | N/A |
Licensing To find the most current information regarding Small Business Server product licensing, visit the Microsoft Small Business Server Web site at http://www.microsoft.com/sbserver/howtobuy.
A basic Small Business Server license comes with five Client Access Licenses (CALs), which allow clients to connect to the SBS machine. You can add additional CALs by purchasing Client Add Packs, which are available in 5-user or 20-user increments.
Small Business Server 2003 allows an unlimited number of user accounts, but restricts the number of computer connections to 75.
For more information regarding using ISA Server with SBS, refer to Chapter 20.
Scalability ISA Server 2004 Standard Edition has a greater ability to scale than Small Business Server (which includes the Standard Edition of ISA Server) only because its connections are not limited to 75 computer connections. Standard Edition cannot take advantage of server arrays or enterprise policies. If your company plans to use server arrays or enterprise policies in the future, you must have the Active Directory directory service known as Active Directory Application Mode (ADAM) and use ISA Server Enterprise Edition. If your organization plans to grow to accommodate a large number of users who are located in different facilities, or a number of users who might overwhelm the server, you should consider using ISA Server Enterprise Edition, which also supports NLB.
Hardware and Software See Table 1-6 for the ISA Server 2004 Standard Edition requirements.
Requirement | Minimum | Recommended |
---|---|---|
Processor | Pentium II 550 MHz computer | Pentium III 1Ghz or higher |
Operating system | Windows 2000 Server with:
| Windows Server 2003 with all updates applied |
RAM | 256 MB | 512 MB or higher; increasing RAM increases cache response |
Disk space | Local NTFS partition with at least 150 MB of free space | Dedicated partition for ISA Server files, and another partition to hold log files to ensure that logging does not affect disk space needed for the system and program files |
Network interface card (NIC) | At least one for caching functionality, plus an additional NIC for each additional network | Same |
Licensing ISA Server 2004 Standard Edition is licensed per processor. For each processor that the product utilizes, you will need to purchase one license. Contact an ISA Server reseller to determine your price, which will vary based on your situation.
See http://www.microsoft.com/isaserver/howtobuy for more information.
ISA Server 2004 Enterprise Edition provides the same functionality as Standard Edition, but adds features that improve the management and redundancy of your ISA Server environment.
Scalability If you have a large or widely distributed organization, cost savings result from being able to centrally manage multiple ISA servers (grouped in what are known as arrays) from a single management console. These servers can provide high availablility by allowing new sessions from clients that were connected to failed array members. In addition, all servers can be governed by a single enterprise policy, which in ISA Server 2004 is stored in ADAM. Consider the amount of time it would take one administrator to configure 25 different servers with the same access policy. With enterprise and array policies, one administrator can configure all 25 servers with the same policy using a central management console.
By default, the Domain Admins group of the forest root domain and any members of the Enterprise Admins group have the ability to manage enterprise policies. They, in turn, assign permissions to manage array policies.
Enterprise and array policies provide consistent administration for managing ISA servers across one's entire organization. They provide the highest level of control, overriding all array policies, except for enterprise system policies. Enterprise policies are stored in a central database known as the Configuration Storage Server (CSS), which relies on ADAM; these policies can apply across the entire forest. Enterprise policies provide the base level of access available to an array. An array policy can further restrict access to items from the enterprise policy baseline.
For more information about ADAM, see the reference material at http://www.microsoft.com/windowsserver2003/adam.
ISA Server Enterprise Edition also provides the ability to spread the work of protecting your environment across several different ISA servers using NLB. For more information on NLB, see Chapter 15, "Working with Enterprise Technologies and ISA Server 2004."
Hardware and Software The hardware requirements for ISA Server 2004 Enterprise Edition are the same as those for the Standard Edition listed earlier, with just a few important distinctions, as shown in Table 1-7.
Requirement | Minimum | Recommended |
---|---|---|
Processor | Pentium II 550 MHz computer | Pentium III 1 Ghz or higher |
Operating system | Windows Server 2003 | Windows Server 2003 with all updates applied |
RAM | 256 MB | 512 MB or higher; increasing RAM increases cache response |
Disk space | Local NTFS partition with at least 150 MB of free space | Dedicated partition for ISA Server files, and another partition to hold log files to ensure that logging does not affect disk space on the program files |
NIC | At least one for caching functionality, plus an additional NIC for each additional network | Same |
Licensing ISA Server 2004 Enterprise Edition requires a license for each processor in use. For that reason, it might be more cost-effective to upgrade existing processors to higher speed processors, rather than adding additional processors to multiprocessor-capable systems. Contact an ISA Server reseller to determine your price, which will vary based on your situation. See http://www.microsoft.com/isaserver/howtobuy for more information.
Note | Hyperthreaded processors, in which a single processor appears as two, require only one license. Dual core processors also will require only one license. |