Chapter 4. Designing an ISA Server 2004 Environment
IN THIS CHAPTER
The success of an ISA Server implementation depends largely on its design. ISA Server 2004 is a complex, capable system that can assume multiple roles in the organization. It is therefore important to first understand what the security needs are, and then match those needs to the various pieces of ISA Server functionality.
Because ISA can assume multiple roles, a proper ISA design does not always fit cookie-cutter style roles. In fact, many ISA Server designs involve multiple ISA servers distributed across multiple network locations. The need to provide for network security has evolved to encompass both external and internal traffic within an organization, and ISA Server 2004 provides the tools to perform these tasks.
This chapter focuses on the design factors that are involved in an ISA Server 2004 deployment. Particular focus is placed on establishing a proper security methodology to avoid mistakes in deployment. So as to ensure a secure and updated design, specific steps to upgrade existing ISA 2000 Servers to ISA Server 2004 are presented as well. Finally, sample designs of small, medium, and large-sized organizations are presented.