One of the biggest advantages to ISA Server 2004 is its ability to have its base application-filtering engine easily extended with third-party add-in functionality. This makes ISA a strong candidate for software to provide advanced web filtering, anti-virus applications, intrusion detection filters, and additional VPN capabilities.
All the add-ins to ISA Server, including the default add-ins that are installed with ISA itself, can be viewed from within the Add-ins node of the console tree, as shown in Figure 3.34. This section takes a high-level look at the add-in options available in the Add-ins node of the ISA Console. Additional information on specific add-ins can be found in Part III of this book, "Securing Servers and Services with ISA Server 2004."
Figure 3.34. Examining the Add-ins node of the ISA Console.
Exploring Application Filters
Application filters in ISA were specifically created to examine the traffic being passed through the server and make sure that it is not simply a piggy-backed exploit or attack. Each application filter contains language specific to the protocol it is filtering, so it can identify and block traffic that does not comply with the proper use of the protocol. The following application filters are configured by default in ISA Server 2004:
Examining Web Filters
In addition to the default application filters available with ISA Server 2004, a series of web filters is also installed that extends the capability of ISA to scan incoming web (HTTP) packets. These web filters, shown in Figure 3.35, allow for advanced HTTP filtering capabilities, such as the capability to secure Outlook Web Access (OWA) traffic, or the capability to perform Link Translation.
Figure 3.35. Viewing Web Filters in the Add-ins node.
The web filters in ISA are accessible via the Web Filters tab in the Central Details pane of the Add-ins node. For more specific information on using web filters, refer to Chapter 14, "Securing Web (HTTP) Traffic."