Deploying Unihomed ISA Server 2004 Security Appliances


Setup and configuration of unihomed ISA Server 2004 servers is effectively the same as the setup of a standard ISA Server, with one major difference: the number of network cards. ISA Server 2004, in this type of reverse proxy scenario, simply processes web and other traffic and then forwards it on to its destination. Because the traffic does not need to flow from one network to another in this case, ISA does not require more than a single NIC. It relies on the network topology to route the server requests.

To perform the initial setup and configuration steps for a Unihomed ISA Server 2004 system, follow the configuration steps outlined in Chapter 2, "Installing ISA Server 2004."

Applying the Single Network Adapter Network Template to a Unihomed ISA Server

After installation, it is ideal to configure the server with one of the preexisting network templates that are available on the ISA Server. Fortunately, a unihomed ISA server template exists, which can be easily utilized to set up the initial configuration of the ISA server. To deploy this network template, perform the following steps:

1.

In the console tree of the ISA Management console, expand SERVERNAME, Configuration, Networks.

2.

Click on the Templates tab in the task pane, as shown in Figure 7.2.

Figure 7.2. Deploying the single network adapter network template.


3.

Scroll down and click on the Single Network Adapter template.

4.

At the wizard welcome screen, click Next to continue.

5.

The option to export the current configuration is given. Because this is a new server install, this is skipped, so click Next to continue.

CAUTION

The Network template wizard overwrites any settings currently on the server, so it is important to back them up if the server has any rules or configuration that need to be saved.

6.

The subsequent dialog box, Internal Network IP Addresses, shown in Figure 7.3, automatically inputs the entire TCP/IP address range as part of the internal network. Because there is only one NIC, ISA logically groups all IP addresses into a single network, so click Next to accept the defaults.

Figure 7.3. Defining internal IP addresses for a unihomed ISA Server.


7.

Click on Apply Default Web Proxying and Caching Configuration and click Next.

8.

Click Finish.

9.

Click Apply, then click OK to save the changes.

Deploying a Preconfigured ISA Hardware Appliance

One of the perceived advantages to out-of-the-box security solutions is that they are simple to set up. Simply pull them out of the box, plug them in, and configure a few settings. These ready-built solutions often compete directly with ISA Server, offering instant setup and security. In response to this, Microsoft has worked with major security and hardware vendors to produce ISA hardware appliance solutions.

These solutions offer all the advantages of the ready-built security solutions, with the increased capabilities of ISA Server 2004. They come pre-installed, pre-configured, and pre-secured, and some even include LCD panels that allow for console-less configuration of the ISA Server itself. These solutions can appeal to many organizations that are looking for a quick and easy way to take advantage of ISA Server 2004's reverse proxy (or other) capabilities. For the latest list of devices built for ISA Server 2004, see the Microsoft ISA Partner website at the following URL:

http://www.microsoft.com/isaserver/partners/default.asp



    Microsoft Internet Security and Acceleration ISA Server 2004 Unleashed
    Microsoft Internet Security and Acceleration (ISA) Server 2004 Unleashed
    ISBN: 067232718X
    EAN: 2147483647
    Year: 2005
    Pages: 216
    Authors: Michael Noel

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net