After the prerequisites for ISA deployment have been taken into account, the specific hardware for ISA deployment can be procured and assembled. Exact number, placement, and design of ISA servers may require more advanced design, however. It is therefore important to review ISA design scenarios such as the ones demonstrated in Chapter 4.
Determining when to Deploy Dedicated ISA Hardware Appliances
An option for ISA deployment that did not exist in the past but is increasingly common in today's marketplace is the option to deploy ISA on dedicated, appliance hardware. These ISA appliances are similar in several ways to the many third-party firewall devices currently on the market. For example, several of the ISA appliances have network interfaces on the front of the appliance, and some even allow configuration of the server via an LCD panel on the front. It is highly recommended that you explore the ISA appliance options available on each manufacturer's websites. The following, though by no means exhaustive, is a partial list of some of the available options for ISA appliances and their particular focus:
The concept of the ISA Server as a dedicated security concept is a novel one for Microsoft, and several attractive options can be considered. It is advisable to examine each of the available hardware options before making design decisions on ISA Server deployment.
Optimizing ISA Server Hardware
ISA Server 2004 is not particularly processor or memory intensive, and its disk utilization is fairly low. The best investment when it comes to ISA server often comes with the addition of redundant components such as RAID1 hardware mirrors for the disks and/or multiple power supplies and fans. This helps to increase ISA's redundancy and robustness.
From a disk management perspective, ISA is commonly installed on a single physical disk that is partitioned into various logical partitions, depending on the server's role. At a minimum, all components can be installed on a single partition. To reduce the chance of logs filling up the operating system drive, a separate partition can be made for the ISA SQL Logs. Finally, if web caching is enabled on the server, the cache itself is often placed on a third partition. Although the size of each partition depends on the size of the drive being deployed, a common deployment scenario would be 8GB OS, 8GB logs, 16GB cache.
That said, the configuration of an ISA Server's partitions is of small consequence to the overall functionality of the server, so there is no need to get involved in complex partitioning schemes or large amounts of disk space.